US and UK intelligence agencies after the Gemalto hack in 2010 and 2011 have the ability, with the stolen encryption keys, to monitor mobile communications without seeking or receiving approval from telecom companies and foreign governments. Possessing the keys also sidesteps the need to get a warrant or a wiretap, while leaving no trace on the wireless provider’s network that the communications were intercepted. Bulk key theft additionally enables the intelligence agencies to unlock any previously encrypted communications they had already intercepted, but did not yet have the ability to decrypt.
When someone asks that question do they mean that they are worried about rootkits, backdoors, trojans, worms, spyware, keystroke logging; are they concerned that someone has clocked their PGP private key; do they suspect LE have a warrant to eavesdrop their voice comms; or do they fret about the integrity of SIM card encryption and the Gemalto hack? Do they fuck.
No, they don’t worry about these things because they don’t know about these things, they don’t care to spend the time understanding the threats or pay for the solutions and I don’t blame them. And that simple reality assures the continued happiness and abundant joy of the hacking for profit (LE, governments, economic imperialism) community.
If a concerned citizen is an above ordinary John Q then they follow a few simplistic tips they read after a quick Google and subsequently consider themselves bullet-proof and smart. If they are a small business…
View original post 1,375 more words