In News That Will Surprise No One, NSA Has Cracked Mobile Phone Encryption To Listen In On Calls

from the duh dept

One of the latest reports from the Snowden documents over at the Washington Post falls more into the “well, duh” category than many previous reports. The NSA has easily cracked the A5/1 encryption used to encrypt mobile phone conversations on many GSM mobile networks. Of course A5/1 has been around forever, and others have shown that it’s not particularly secure for quite some time. But, it’s just a reminder that, yes, of course, the NSA could listen in on calls. Some networks do use more modern encryption, which is much harder for the NSA to crack, and it sounds like the recent revelations are leading at least some mobile operators to upgrade the encryption on their network. Still, at this point, it seems safe to assume that if you want to have a truly private conversation, you shouldn’t use a phone.

Filed Under: , , , ,

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “In News That Will Surprise No One, NSA Has Cracked Mobile Phone Encryption To Listen In On Calls”

Subscribe: RSS Leave a comment
Capt ICE Enforcer says:

Old School

When I was younger, my friends and I would use Dixie cups and a really long string to communicate. We were always baffled by the stranger in our house who brought his own dixie cup and sat between us. But now I know it was the NSA ensuring my safety. Thank You NSA agents who made sure I was safe from terror bu listening into our Dixie cup conversation. Because of yoi the Boogey man only attacked me twice.

Anonymous Coward says:

Re: Re:

Walking out to the middle of a field could be suspicious behaviour, and is not proof against shotgun microphones. A quiet conversation in a noisy environment, away from any possible microphones is better, like playing loud music in the room, with speakers close to any windows to defeat listening by a laser on the window.

Anonymous Coward says:

Ciphering indication

How do you really know that your phone is using encryption at all? The answer is: you don’t. Few phones show a “ciphering indication” to the user, and even for these, the carrier can suppress the ciphering indication by setting a flag in the SIM.

This article talks about the A5/1 cipher. There is an even less secure cipher, A5/2. According to Wikipedia, “[…] the 3GPP has approved a change request to prohibit the implementation of A5/2 in any new mobile phones. If the network does not support A5/1, or any other A5 algorithm implemented by the phone, then an unencrypted connection can be used.” Of course, if that happens, you will not know due to the lack of a ciphering indication.

The older 2G protocols also have other problems, for instance the lack of mutual authentication making it easier to spoof a base station. If you know how to do it and are in an area with good 3G/4G coverage, it is a good idea to disable the use of the older protocols by your phone (set it to “WCDMA and LTE only” or similar). This does not fix everything, but is a good first step.

Anonymous Coward says:

“it seems safe to assume that if you want to have a truly private conversation, you shouldn’t use a phone.”

Or you can speak a foreign language since no one working for the government seems to have the merit to do so.

Then again I guess they can hire a translator. My theory, fire the worthless monolinguals and keep the translators since everyone in the intelligence community should be at least bilingual and the monolinguals are simply a deadweight to taxpayers. Hiring predominantly monolingual English speakers simply biases the spying against English speaking Americans while reducing the extent that foreign language speakers get spied on which isn’t fair to English speakers who are, allegedly, less likely to be terrorists anyway, right?

Brandt (user link) says:

Living in a Society of Fear

The dystopian fantasies of yesteryear are now a reality. We?ve allowed the coming of an age where the civil liberties our forefathers fought so hard for are being eroded by the day. Freedom of Press, Freedom of Speech and Freedom of Assembly are mere ghostly images of their original intent. We?ve woken up to an Orwellian Society of Fear where anyone is at the mercy of being labeled a terrorist for standing up for rights we took for granted just over a decade ago. Read about how we?re waging war against ourselves at

Anonymous Coward says:

A lot of people don’t realize this, but the codec used in the landline network (uLaw) is pretty capable; it’s basically the equivalent to 14-bit linear PCM.

This is important because you can use basically any form of encryption or obfuscation radio people have implemented, so long as it fits into a 4 khz channel. The “speech optimized” CELP algorithms used in cellular phones by contrast make this impossible. So while cell phones are certainly not as secure as they should be, this isn’t an inherent bottleneck in the entire network.

Derek Kerton (profile) says:

Stop Saying "Will Surprise No One"


You do great work in fighting for our freedoms, of late, specifically the 4th.

However, every time anyone uses some reductive lingo like:
“surprising no one”
“in a move we all expected”

…it actually changes the tone of the discussion from one of discuss to one of inevitability. People are already far too apathetic, and a sense of futility just feeds that apathy. We should use language more like:

“constitutional shocker”
“What’s next?”
“Now this is awful”
“confirming your worse fears”

Now, I KNOW YOU are disgusted, and that you believe you can play a role in change. So be sure to use language that shows it.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...