Reports that the US and UK’s NSA and GCHQ organizations gained access to the encryption keys of SIM chip maker Gemalto has once again underlined the reach and global nature of modern government surveillance.
The manufacturer is a Dutch-French security firm that specializes in encrypted SIM cards meant to protect the privacy of mobile calls and data. Without the code to that encryption, users could be assured that their conversations were being kept secure.
Unfortunately, it has been revealed that both the US and UK managed to hack into the company’s systems and steal those codes, giving them access to mobile calls and information across the globe.
It is the latest discovery in the massive memo and document leak from Edward Snowden, a collection of documents that continue to provide shocking insight into the spying efforts of a number of governments and departments in the US and beyond.
The British run agency GCHQ have repeatedly been shown to be especially culpable as an ally to the National Security Agency in their efforts to gain information from essentially every citizen across the globe. Hacks like this one, which targeted what was believed to be a largely untouched firm, provides further proof of just how disturbingly successful they were.
Civil and privacy rights activists have spoken out against this latest revelation, and Gemalto is running an investigation. However, the damage is already done. They have had access for several years, and the amount on information they could have gathered with a joined effort is limitless. Given the fact that we know they have stored billions of files, that isn’t an over exaggeration.
Most of all, it raises the question of how many firms they have managed this with. We already know they have effectively built back doors into a number of technology devices, websites and services. We also know that a number of encryption measures are no longer secure against the NSA and related agencies.
It isn’t much of a leap to assume that they have managed to steal other keys, opening doors into services we thought were still safe from prying eyes. If we have learned anything from this and the other constant privacy violations, it is that nothing is safe anymore.
The worst thing is that we have little choice for protection outside of giving up all modern technology, not until something more substantial is done. Given how ingrained and useful those same unsafe devices are, there is no chance of that.
Source: NY Times