Party Vibe

@Tryptameanie 590626 wrote:

From Bruce Schneier’s blog:

https://www.schneier.com/blog/archives/2015/02/the_equation_gr.html

Links to some very detailed articles are in there, the HDD firmware capability is astonishing and they managed it for at least 12 vendors, wow.

in the last 14 years ruthless competition amongst HDD manufacturers lead to them laying off lots of staff (especilally higher salary experienced coders who would have access to the firmware and hardware designs) and also taking over one enother. there are only about 5 HDD factories in the world, spread across Malaysia, Thailand, Indonesia and the Phillipines. it wouldn’t be unfeasible for a team of former HDD programmers to do something like this; especially when a lot of the chipsets and code are re-used anyway across vendors.

these coders are most likley just a few years older than myself (younger people lack the skills to deal with this kind of kernel level coding which you had to learn in hte 1970s/80s to get the best of your computer); when they are handed a extended immigration visa to USA or EU country for their entire extended family just after a layoff they’d see it as “good fortune”..

I was thinking a bit more about this; and putting aside the ethics or otherwise of bulk surveillance by any state government it does show this hacker team have some integrity; or they could have caused a crticial system to fail in a way that led to people being actually hurt or killed.

Also the encrypt data “stolen” (possibly sold by a disaffected employee?) from the SIMS isn’t of that much use unless the baldy men want to put up small fake GSM stations in places the world over connected to vans full of €50 000 of kit; and in the Netherlands at least they’d rather use that stuff for chasing after men their own age playing oompah music on the FM band.

It could be valuable if the sim is in a cheap GSM which is being used as the trigger for an IED or other unpleasant weapon; which is a possibility nowadays. I’ve always considred the network of PAYG sims (especially those aimed at foreign communities or the younger more reckless generation) to be heavily backdoored as part of their licensing conditions – as an example data from a giffgaff SIM goes through 14 levels of NAT (like 14 routers one behind the other) on private networks before the data goes to the “main intenet”; and if you try to connect to a Linux box on ssh the connection gets lagged to the pont it is near unusable;clearly they don’t like you doing that. Connecting to a Windows box via RDP (which is encrypted but most likely backdoored) works reasonably well…

Don’t forget that the biggest most powerful customers of telecoms companies are the government – 99% of the time for non sinister reasons (such as the 999 / 112 / 911 services) and their contracts give them preferential access to networks anyway. In Europe historically the govt used to run the post office and telecom company and it was called the PTT (post, telegraph and telephone administration); so they could (and did) intercept whatever they wanted (but there was still debate and angst over whether it was ethical)

I’ve read a lot of the articles and their reports in UK and NL IT press – I can see how to anyone below 35 it would indeed be “mind blowing” but I grew up during the Cold War era and an older friend of mine who is the edward snowden of that era told me and my mates a bunch of stuff which remains valid today.

@Tryptameanie 591469 wrote:

They kept records of which people of interest got which sims, so unlocking 4g/lte/ ssl/tls functions. Creating keypairs for most of the OS and related software. Thry stole 10’s of millions of the Ki’s but only a few were of interest.

it wouldn’t surprise me if they keys were alike or similar as some sort of cost saving or even a covert agreeement with Agentschap Telecom / MIVD (who used to be the same bunch and the former EU minister for Digital Culture “Steelie” “Neelie Kroes” made her name by authorising funding for upgrades to their surveillance capabilities when NL was overrun with pirate broadcasters in the 1980s (this is all documented on the cryptomuseum).

Seems the targets are smaller mobile companies who mostly provide services to developing countries that were once colonies of UK and NL; or other such nations where the use of mobile comms has taken off big time but so have various forms of instability. Other incidents look like training exercises for younger GCHQ staff (like hacking Belgacom – would make operational sense not because its a “enemy” as such but its a small European country in the EU which uses well known languages and even when it does all leak out it is unlikely to start a world war).

in 1992 I did try to get free calls out of a rented payphone in a friends house via RTT/Belgacom but just got 3 tones and a stern dominatrix type woman repeating “Uw oproep is niet toegelaten”

Look at the picture above of the German giffgaff sim (obtained via a advert on the other main site); and the last 3 languages on the list. I can easily see why traffic in these languages might be “of interest”.

BTW Jihad John went to the same uni I got chucked out of for hacking :laugh_at:

@Tryptameanie 591492 wrote:

Would you not agree that this is worse than using a stingray/fake sell tower. If all encryption keys use this Ki to generate keypairs and such then you have no secure GPG voice or text, regardless of what technology you are using, if the Ki is involved then that crypto function is useless.

although GSM stopped me listening to analogue voice mobile calls (ETACS) on my scanner; I have never trusted a telephone conversation or internet conversation of any sort to be private from the security services. They are part of the network and have been since the start. The best that crypto can do is make on line business relatively safe.

When I first (legally) used the net in 1994 the GCHQ boffins would cheerfully discuss all sorts of techie stuff with you using their mod.uk connections; a lot of them were also working with BT on networking protocols and other such stuff. A lot of the profs move between GCHQ, BT, Arqiva (DTELS/NTL) and smaller companies or are employed as consultants.

Allthough NSA has a more outwardly “offensive” rôle or portrays itself as such (as in hollywood movie style), GCHQ also works with Ofcom and BT simiply to keep stuff working especialy in crisis situations which may be caused by hackers/terrorists or just stuff like extreme weather.