Russians Order Mobile Phone Encryption Removed 302
PenguinRadio writes "The Moscow Times is reporting that Russian security officers (The FSB, formerly the KGB) ordered all mobile phone providers to switch off their encryption systems for 24 hours, so the police could eavesdrop on all calls. An alert, either an exclamation point or an unlocked padlock, was sent to the phones in question. This is the second time such an order was given - the last time was after the hostage crisis involving Chechnya fighters in a Moscow theater. At least the Russian has the courtesy to warn all their phone users that this was going on. Not sure what the standard FBI procedure is on something like this..."
Standard FBI procedure is.. (Score:5, Funny)
Document Describing Standard Procedure. (Score:5, Interesting)
It also lists that: "In 2002, no federal wiretap reports indicated that encryption was encountered. State and local jurisdictions reported that encryption was encountered in 16 wiretaps terminated in 2002; however, in none of these cases was encryption reported to have prevented law enforcement officials from obtaining the plain text of communications intercepted. In addition, state and local jurisdictions reported that encryption was encountered in 18 wiretaps that were terminated in calendar year 2001 or earlier, but were reported for the first time in 2002; in none of these cases did encryption prevent access to the plain text of communications intercepted.
Re:Standard FBI procedure is.. (Score:4, Interesting)
Also...what about people using PGPhone and such...wouldn't that be pretty tough for them to eavesdrop on you?
The official FBI policy... (Score:5, Funny)
The FBI (Score:5, Interesting)
*Mercury Rising/Consipracy Theory/That horrible movie with Denzel, etc.
Re:The FBI (Score:5, Interesting)
Looking at it from first principles, there'd be little reason to disable encryption for a single user. Law enforcement could tap the phone network downstream of the tower, and intelligence services would want to listen to everybody. (I'm speculating 'cause I don't know).
Re:The FBI (Score:5, Insightful)
The difference is the general level of hassle and red tape, as well as accountability. Of course if you're up there in intelligence I'm sure you can unaccountably "tap" the land phone network at will using more advanced systems (Echelon and whatever's come since come to mind) - but if you're just part of some FBI field office trying to handle an immediate situation akin to the Chechnya incident the landline option means you have to get authorization and go on record for doing it, and you have to be precise about what you're tapping, and you could be delayed by all the BS. If you can tap the airwaves easily (supposing you have a laptop that can crack the effectively 54-bit encryption of a GSM call on the air), you can do it without the fuss and without being accountable.
Don't forget also that finding the right landline call to tap might be a needle in a haystack problem, but finding the right cellular call can be fairly easy if you're on-site near the caller, since you can just look for strong enough signal strength to be within a given radius of you physically, and furthermore even triangulate the signals' positions.
Red tape? Hassle? In Russia? (Score:3, Informative)
In the case of those site
Re:The FBI (Score:4, Interesting)
Re:The FBI (Score:3, Insightful)
Re:The FBI (Score:4, Informative)
Seemed for quite a while that GSM was going to die in Canada, but with two networks now, we're going pretty strong. With the exception of the first (analog) phone I bought, everything else has been GSM and I love the convenience of just moving my SIM from phone to phone and never having to call the company to register a handset, transfer details, worry about programming, etc.
As posted, the GSM encryption is more than secure enough to stop casual evesdropping. It wouldn't stop law enforcement or government for long, but they can always just monitor at the cell cite, or have the service provider archive the data stream from suspect handsets anyway.
By contrast, my 900mhz cordless phone at home has absolutely no encryption and could be monitored (albiet at short range) by anyone with a scanner. Consequently, I'd rather use the cell for talking to banks, making purchases with credit cards, etc.
N.
A5: ask your GSM operator (Score:3, Informative)
There are two versions of A5: with full 64bit (for US, Germany etc) key and 54bit key (For Russia, Latvia, China etc).
Two months ago I requested my GSM company about their encryption technology. They replied: "Yes, we use good encryption. No, we cannot tell you which exactly".
Try to ask your GSM operator.
Re:The FBI (Score:5, Interesting)
Interestingly, there was an attack for the Clipper chip which would let you encrypt your messages such that they would appear to be decryptable by the government, but if they tried to decrypt them they'd fail.
Clipper worked as well as having government agents dressed in nazi-esque outfits in locksmith stores asking for voluntary copies of your house keys would work. That's to say, government agencies used it, but nobody else.
In Soviet Russia (Score:4, Funny)
Re:In Soviet Russia (Score:5, Funny)
Re:In Soviet Russia (Score:3, Funny)
Hopefully they'll focus on making them funny.
scary (Score:5, Interesting)
Re:scary (Score:2)
Re:scary (Score:2, Funny)
digitally which could then be encrypted if you wished, then change it into an analog signal which
would be transmitted over the cellphone. Then the receiver could have a device to recieve the
analog signal to decrypt it.
Oh wait, they already invented modems. Damn, I'm always late with these ideas.
Huh? (Score:5, Interesting)
I don't really see why they'd have to do this, technically.
Perhaps they just wanted to "appease" the public by showing them that they are invading their privacy to search for Chechyen terrorists? After all, this is pretty visible.
Re:Huh? (Score:2)
Re:Huh? (Score:5, Interesting)
But with normal GSM, not really. The GSM encryption, from what I've understood, is only intended to stop normal people from building equipment to eavesdrop on calls, not to stop law enforcement wiretaps.
Re:Huh? (Score:2)
They now have a new product, the "The Starium 100" which looks like the land line solution we have all been waiting for.
Re:Huh? (Score:2)
Re:Huh? (Score:4, Informative)
Also, to activate the tap requires the cooperation of the network. This means a nasty trail of paperwork and inconvenient things like warrants. This is fine when you are chasing Chechnyans, but awefully inconvenient when all you want to do is to place a squeeze on an oligarch.
Re:Huh? (Score:3, Insightful)
Agreed... Though probably not the desired effect.
"What? Those bastards can disable our nice secure channel any time they want? Well then, time to buy a few third-party end-to-end crypto devices that not only can't they disable at whim, but can't tap when it hits a landline either".
Yeah. Great idea.
When the hell will people learn that the "real" threats to our safety (not counting "stupid" criminals who barely
Re:Huh? (Score:2, Informative)
You could get a seperate unit for you and the person you're calling like this one [crypto.ch], but betting odds are that if someone really wants to know what you're talking about then it's going to be hacked
Re:Huh? (Score:2, Interesting)
dms0
Re:Huh? (Score:2)
the call is probably still routed through HQ for deducting the callers' minutes.
Re:Huh? (Score:2)
Why bother? (Score:3, Interesting)
Why bother shutting off the encryption? Why not just go the the cell tower and and tap the line? Seems like it would be much easier than trying to pick calls out of the air. If you just disable the encryption, then the police would have to set up their own receiver. Why not just take advantage of receiver that's already available?
Re:Why bother? (Score:2)
So they can track down the physical location of the person making the call?
Re:Why bother? (Score:2, Interesting)
If the phone is within range of two towers the location could be pinned down to two locations, and a single location if it's in range of three towers. This isn't ideal, but it seems a lot more practical than dropping encryption for a large area and then using directional antennas to track them.
Re:Why bother? (Score:3, Insightful)
It's foil-hat-tastic (Score:5, Funny)
Isn't it obvious? They originate the signal from their secret base on the dark side of the moon, route it through ECHELON, then through the chip in your cerebellum, off the relay in the piece of fried chicken you're eating, through your computer just on general principles, then to your cell phone where it summarily cracks the encryption and displays the letters "BB." Then it kills you.
Re:It's foil-hat-tastic (Score:2)
Hey analog-boy... (Score:4, Funny)
Modern (digital) cellphones cannot be tapped with a radio. You are the weakest link, goodbye.
Re:It's foil-hat-tastic (Score:2)
This is not the second time (Score:5, Informative)
Russian laws require judge approval to eavesdrop on a communication. It is not known if such approvals had been granted in all these three cases.
Re:This is not the second time (Score:2, Interesting)
by lack of obligation to follow them.
There are laws, and there are operating instructions. They may contradict, but you'll have
lot of problems if you would appeal to law.
There always is something which they can incriminate
cellular operator, such as some tax miscalculations,
and thus withdraw license and push him out of business, if he wouldn't cooperate with FSB.
So, SORM-1 (System for operative and searching actions) in cellular networks exists and operate.
FS
FBI Procedure? (Score:4, Funny)
In Soviet Russia.... (Score:5, Funny)
b) cell phone encryption turns you on! (only on
Courtesy Warning - Pointless? (Score:3, Interesting)
Doesn't this defeat the purpose of eavesdropping?
As if terrorists would discuss their plans via mobile phones fully knowing that the FSB is listening.
This type of action doesn't seem to serve any purpose other than to: (1) send terrorists scrambling to other forms of communication (land lines, maybe?), (2) cause terrorists to delay their planning by a day, and (3) bring attention to the potential abuse and rile up privacy advocates everywhere.
None of the above seem to accomplish any worthwhile goals for the FSB.
Yes, in the hostage crisis case gain the ability to intercept terrorist communications while the crisis is in progress.
In this case, however, the attacks have already been concluded. Two suicide bombers have taken 14 others with them. I don't think the accomplices are going to be calling the bombers anytime soon.
Re:Courtesy Warning - Pointless? (Score:5, Informative)
They only issued a warning in the sense that Iowa issues a warning to all cell phone users that you are currently roaming. It's a function of the phone, not the KGB.
Re:Courtesy Warning - Pointless? (Score:2)
I have a theory about this.
Cellphone encryption isn't end-to-end, it only protects the radio signal between handset and tower, so if the FSB can order it switched off they presumably also have the authority to monitor the unencrypted calls 'on the wire'
And like you say the bombers are DEAD; it's not clear what calls they're expecting to hear.
My theory is that it's all psychological. By switching off en
Crypto? What crypto? (Score:4, Interesting)
Re:Crypto? What crypto? (Score:2)
Of course 5 years have passed since then.
I don't think you can have encryption in the US (Score:2, Interesting)
I now kinda would like to know what service does let you do it.
CDMA (Score:3, Interesting)
U.S. law enforcement agencies and the TLAs do not want cellular users to have ubiquitous encryption.
Warrants? Warrants? We don't need no stinking warrants!
I'm shocked that... (Score:2, Interesting)
We'll probably see the standard privacy (natural, fundemental, pre-existing) rights vs. untilitarian (what if the terrorists have a nucclear weapon? / are going to kill 10,000 hostages?) posts.
However, I'm just amazed that Russia issued such a warning... unless, as a matter of software determinism, they couldn't turn off the encryption without turning sending the warning.
A bug, or a feature?
Spooky (Score:2)
How would we all feel if they started doing this in the U.S./Canada/U.K./please don't flame me I can't list everybody?
In the U.S. at least the Patriot act would certainly allow for it (though the courts may not see it that way if it went to trial)
It was at least nice of the Russians to let the terrorists know that the encryption was off. It is important to be considrate even in times of crisis.
Polite KGB (Score:5, Funny)
I hope Ashcroft doesn't get any ideas from this. We may wind up getting little text alerts on our cell phones when the Bill Of Rights is, and is not, in affect.
Civil Rights On....Civil Rights Off...Civil Rights On...Civil Rights Off...
Civil Rights On....Civil Rights Off... (Score:3, Funny)
Ah, you just got a VX10 too? (Score:3, Informative)
Yes, it's mad offtopic, forgive me, it's early still..
Re:Polite KGB (Score:2)
Re:Polite KGB (Score:2)
only protected mode for the upperclass elite
Re:Polite KGB (Score:2)
GSM encryption is unsafe anyway (Score:5, Interesting)
Re:GSM encryption is unsafe anyway (Score:2)
Re:GSM encryption is unsafe anyway (Score:2, Informative)
Close but no cigar.
The CCC stunt makes it possible to clone your SIM-card in the case where your operator have chosen to use an algorithm called COMP128. (It enables you to extract Ki from the SIM-card) but requires you know the PIN-code and have access to the card since it is a chosen plain-text attack that requires in average 100000 16 byte data words.
Ki is a 16 byte secret key known to the SIM-card and to your home operator. In the GSM system session keys are transferred from the operator to the SIM
Polute to the extreme? (Score:5, Funny)
Yo Al Qaeda, we'll be listening to your phone calls on September 16th from 4am to 5am. Just FYI, so go about your day as usual.
Just brilliant isn't it? Next we'll be mailing crack houses letters informing them of the raid 3 weeks later.
Re:Polute to the extreme? (correction, POLITE) (Score:2)
Overt versus covert (Score:5, Interesting)
Matt Fahrenbacher
Re:Overt versus covert (Score:2)
I suspect you are really an undercover 'black op' agent of the UN, lulling us into believe that the system of control is really that simple.
All of your conspiracy theories probably pale in comparison to the truth
You think you know what the matrix is?
Offtopic:Gimme a call sometime, you bum; we haven't talked in a while.
This is suspicious (Score:5, Interesting)
The true purpose of this action is any one of the following in order of highest to lowest probability:
1) Draw public attention to the bombing/terrorist act and drum up support for whatever it is the government is planning next. Good way to do it as anyone and their dog carries a cell phone. Bad way to really tap conversations since now everyone knows they are being tapped.
2) Draw a lot of attention to current interior minister Gryzlov and his tough and honest men tactics (that and the current cleaning of "dishonest" policement from less important police units). He's probably getting promoted to
head up some political party so that will help.
3) Put the terrorists/chechens/whoever on the run - scare them etc. This sure is a big dynamite in a small pond though - so i doubt it.
4) Have other units not equipped with SORM uplink do the tapping, using scanners or some such. Unlikely since GSM even when unencrypted still can't be listened in on without expensive equipment. I doubt this one even more, but i had to put it here for the sake of balanced options:)
SORM non-compliance... (Score:2)
Many ISPs have started compliance but then just stalled indefinitely. The same for the mobile networks. In any case, if you want to be really secure, just give the FSB full access to a high bandwidth data stream as they lack the equipment to analyze this.
This is essentially a publicity seeking move to show that the Government is
Maybe not about tapping phones at all... (Score:5, Insightful)
By announcing publicly that they're going to be tapping everyone's cellphone for the next day or two, they will have denied Al-Queda or whomever it is they are worried about the ability to make secure phonecalls. So maybe, if the organisation was about to pull a terrorist attack, they wouldn't be able to coordinate their actions and would have to abandon the attack. Alternatively, maybe the point of the exercise is that the people of concern would be forced to use alternative, more vulnerable means of communication (landlines or face-to-face meetings).
What do you guys think?
Re:Maybe not about tapping phones at all... (Score:4, Insightful)
So does that mean... (Score:3, Interesting)
Really, it would be a good idea to have some sort of *privacy off* icon or something like that on most phones (I think some Nokias I've seen have this).
Re:So does that mean... (Score:4, Interesting)
Don't see why (Score:2)
Symbols... (Score:3, Informative)
It's about localization... (Score:2)
Old words, but still valid. (Score:2, Interesting)
What we obtain too cheap we esteem too lightly. It would be strange indeed if so celestial a thing as freedom should not be highly rated. -Thomas Paine
Doesn't matter if cellphones are eavesdropped (Score:2)
Is your hostage half empty or half full? (Score:2)
Or another way to look at it--
Yes, at least they have the courtesy to inform the terrorist of their tactics.
No warning needed in GSM (Score:5, Informative)
No courtesy or warning is needed. GSM handsets automatically display the no-encryption icon when OTA (Over The Air) security is turned off by the operator.
V
Same here in Estonia (Score:2, Insightful)
Looks like FUD (Score:2, Insightful)
of Moscow, and my phone doesn't display "No encryption" alert. It was so during Nord-Ost musicle hijacking, but not now.
BTW, it is not very comforting to think that
somebody in the same bus with you might carry
2 kilo TNT bomb, which would explode when somebody
send SMS to it.
Latest bomb in Moscow was apparently done
via some remotely controlled ignition and
explode when they tried deactivate it.
I doubt notification in the U.S. (Score:4, Insightful)
Old Russian Adage... (Score:4, Funny)
Both of us are of the age that we grew up during the Cold War and remember what it was like having nukes pointed at each other day and night...
Anyway, we were on the phone and the connection was really bad. At one point, we heard a click similar to someone picking up the phone. So, Dmitri paused and said, "Wait a second..." After a few seconds, he began to speak again and I asked what had happened. He explained that, in Russian, it is considered polite to pause the conversation when you hear the FSB changing the tapes recording your conversation.
I laughed my ass off.... Yes, people, I'm now ass-less....
I used to hate the Russian Intelligence agencies (Score:3, Funny)
But they kind of GRU on me.
Are they thick? (Score:3, Informative)
Re:Government isn't tracking YOU (Score:4, Funny)
Re:Government isn't tracking YOU (Score:5, Insightful)
Re:Government isn't tracking YOU (Score:5, Insightful)
But why stop there? Such a half-ass effort will surely miss far too much illegality. The only good solution is to have daily (or even more often) police inspections of every home, office, person, vehicle, etc. And just as an added precaution, we should install video cameras on every street, in every ally, and in every room of every home, office, or other such structure. From there, all the visual information could be fed into a lovely Oracle database, having been sorted by an advanced AI system. That way, any and all illegal acts are caught on tape, and the law-breaker can simply be put in jail, or perhaps even more simply, to death. Since we have it right on tape, there's obviously no need for a trial. And since those who break the law deserve to be caught and punished, no one should have any problem with this. After all, you're not doing anything illegal, immoral, or undesirable, right?
Re:Government isn't tracking YOU (Score:5, Insightful)
I agree with you here. The Gov't isn't going to blackmail you. However, if the gov't can get in, why couldn't somebody else?
I think the privacy moans and groans are overrated, but I did have a nice little scare when the RIAA announced it would start to sue P2P users. I want my privacy to protect myself from them. I'm not worried about the USA knowing about my personal life (they do anyway, duh.), but when encryption is ordered to be turned off, suddenly I'm open to the world.
Re:Government isn't tracking YOU (Score:5, Informative)
Yeah, I just read an article by John Dvorak that claimed that the whole stink with the RIAA is making privacy and anonimity forefront issues for many internet users. He says that all this is only going to make it harder for the RIAA/government to catch downloaders, and it will aid in things like child porn rings and ... I dunno I forget his other examples ;].
It's a good article, check it out [pcmag.com] Not sure if /. already posted it, but its relevant and worth it.
Re:Government isn't tracking YOU (Score:2, Insightful)
Ever heard of INSLAW?
That's why they do this. To find out who is planning to do bad things that hurt lots of people. They certainly don't care that you are having a fight with your wife and calling your girlfriend to make arrangements to stay over tonight.
You obviously don't get it. You probably never will. Do you pay your bills us
Re:Government isn't tracking YOU (Score:4, Insightful)
Let's get cameras put in our houses too. I mean, if you're not doing anything wrong, then who cares? Your life is normal and boring, the FBI won't care about you! So it's all ok! Don't worry your pretty little head about it.
Re:Government isn't tracking YOU (Score:5, Insightful)
What if I were some fledging politician rapidly gaining popularity for my almost rabid support for privacy and constitutional rights, young enough to still be idealistic and uncompromised by lobbying?
Then my fight with the wife and subsequent visit to the girlfriend become quite relevant to The Powers That Be (TM).
Don't laugh, this is the kind of stuff the FBI dabbled in under Hoover.
Privacy is privacy. There must be checks and balances to ensure that powers are not abused. These checks now do not seem to be sufficient (or existent, in some cases).
There's a reason we call it "erosion" of rights. It's a slow, insidious process - but that doesn't make it any less threatening.
At the risk of sound trite, the price of freedom is eternal vigilance.
Re:Government isn't tracking YOU (Score:3, Insightful)
Unfortunately for us a majority of the population is not willing to pay that price.
But I agree. What's the point of having laws if you have no freedom to begin with?
Laws are made to limit freedom to keep everyone safe. But some people believe that its okay to make laws saying I can't drive my car or fly in a plane because its possible for that car or plane to crash into them. Those people are dumb. That's why natural section exists.
Unfortunately we've overg
Re:Government isn't tracking YOU (Score:2, Insightful)
Tomorrow they'll care if I plan to murder a single person.
Next week they'll care about rapes.
A month from now it will be any felony.
Next year, if I call up a friend to say I'm running late, but I'll speed a little to make up the time, I'll get a ticket mailed to me.
A generation from now, I'd hate to see what happens to my kids if they decide to make fun of a "Bushism" that the President has said. Its an extremely slipper
Re:Government isn't tracking YOU (Score:4, Insightful)
With what you suggest, I think it the equivalent of federal agents being able to search anyone's house, for any reason at all, without oversight. If they wanted to, I'm sure they can find a lot of stuff to nail you with if your opinions are out of favor with the current administration, say you're a Democrat or Libertarian when there is a Republican in office.
Quite frankly, there was a warrant system for this sort of thing.
I don't care if you think that most everyone leads a boring life. That doesn't matter, what does matter is a goverment that thinking they can barge in everywhere without cause, without due process and quite frankly, possibly humiliate or blackmail anyone they please.
Re:Government isn't tracking YOU (Score:5, Informative)
Right. And you are one of those loonies that send all their mail in postcards and cares not about privacy. Good for you.
Problem though is, if and when goverment officials have access, they (some of them) will use it. For their main job, perhaps; for their entertainment, certainly, for other enterprises, quite possibly. Not just to listen to "really really bad guys", but gradually smaller fish, down to figuring out if their wifes are cheating them, or what their neighbours are talking about. Or for more enterprenially oriented peons, ways to blackmail people, or to get to some other useful information; be it for job or for personal businesses.
Never underestimate possibilities that open, or blindly assume everyone uses those powers responsibly. Grow up, use your brains, learn more about basic human nature, and corruption power causes.
Re:Government isn't tracking YOU (Score:2)
Re:Government isn't tracking YOU (Score:5, Funny)
The Supreme Court is taking care of that....
Re:Government isn't tracking YOU (Score:2)
I haven't been too disappointed by the SC recently. (but this is in the view of a greenie)
I'd guess their recent Constitution-gutting decisions in Lawrence v. Texas and Grutter v. Bollinger.
Re:There are options to the end user (Score:3, Informative)
if you live in US and you're bad... (Score:2)
Man! isn't it easier