Hacker News new | ask | show | jobs
by zumtar 4137 days ago
This statement from Gemalto seems quite naive considering the leaked documents state that the operations to obtain the private keys were successful. They talk about the deployment of a "secure transfer system" BUT that will only help if that is the only time that data is ever transferred between two entities and assumes that the data will be kept securely.

The Ki database has to be distributed to so many places in and around the network that it isn't surprising that it is schlepped around using insecure means.

Of course in an ideal world the keys should never be accessible by a human, they should have been generated in a set of HSMs at the SIM manufacturer that are transferred physically to the network operator. In reality this doesn't happen as that takes time and money and is an overall logistical nightmare.

Mobile carriers use lots of professional services "experts" from the vendors they buy from, it is rare to have in-house engineers running and maintaining the systems as those tasks are usually outsourced.

Such engineers will have done a 4 week course with Nokia-Siemens-Networks, Huawei or Ericsson and they are sent out into the field with a crappy laptop and a few tools, they are just expensive "remote hands" without any real knowledge.

This is how it would play out from a 3rd level support/engineer back at Telco HQ -

In-house expert: Hi Mr Field Engineer, I need you to restore that HLR you are looking at, I can't reach it from here, and I need to send you a file securely to restore to that node, do you use PGP? Do you have the emergency encrypted USB stick with you?

Outsourced Engineer: PGP? I don't know how to program, isn't that for making web-sites? USB stick, yes I have a new one in my bag I bought for downloading movies.

In-house expert: No, that is PHP, don't worry about that for now, do you have any decryption software on your laptop?

Outsourced Engineer: No, but my laptop is already unlocked, I've typed in my account and password.

In-house expert: I have my boss screaming at me and the call-center is overloaded with complaints, do you know how to use SCP?

Outsourced Engineer: SCP?

In-house expert: OK, how about FTP, do you have an FTP client?

Outsourced Engineer: Yes, I've got that, I use it for sending firmware to Cisco routers.

In-house expert: No, not TFTP, FTP! Do you know what that is?

Outsourced Engineer: Huh?

In-house expert: OK, how about a corporate email account?

Outsourced Engineer: No, I'm working for "XYZ Solutions" and I'm on a probationary period, I have a hotmail account, does that help?

In-house export: OK, I suppose that will have to do, please just delete the email from hotmail and make sure you delete that file later from your PC.

Outsourced Engineer: OK, you mean just drag it to trash on this 4 year old Windows XP laptop I'm using?

sigh
6 comments
Potando 4136 days ago
It does say 98% of private key transfers are not between the SIM supplier (Gemalto) and the carrier. It explicitly says those could be hacked more easily but are out of their hands. I have little doubt that many governments already monitor thier own people's phone use anyway, making the issue of surveillance irrelevant.

A bit surprising they promote security by obscurity though:

"Security is even higher for mobile operators who work with Gemalto to embed custom algorithms in their SIM cards. The variety and fragmentation of algorithmic technologies used by our customers increases the complexity and cost to deploy massive global surveillance systems."

link
zumtar 4136 days ago
> It does say 98% of private key transfers are not between the SIM supplier (Gemalto) and the carrier. It explicitly says those could be hacked more easily but are out of their hands.

But that is the problem, they shouldn't really be in a state that could ever be read by a human, they should be on individual HSMs that are distributed around the networks from the SIM manufacturer.

The problem is that there isn't a real standard on how to exchange HSMs between SIM manufacturers and the network operators that use different jury-rigged hacks for everything.

The mass deployment of HSMs would add a huge cost and involves additional hardware development and integration in mobile networks that already work perfectly.

If the SIM manufacturer insisted that the keys would never be given in a plain-text format but only as individual non-dumpable HSMs then that would force the network equipment vendors and mobile operators to deploy the technology.

This isn't going to happen as the SIM company will lose business to a competitor and the mobile network operator will not spend their budget on such a project that adds zero functionality to their existing (and completely operational) network.

link
aceperry 4136 days ago
Great conversation. Reminds me of some outsourced techs that I've talked to.
link
7952 4136 days ago
It would be good if you could get a mobile hotspot that was locked to a vpn. That way you could give people an easy way to connect and only use internal URLs to share things.
link
xxs 4136 days ago
Given that all browsers have some ftp clients, probably FTP should not apply.
link
zumtar 4136 days ago
That isn't the point I'm making, it was a fictitious example based on many interactions with these types of guys.

I'm illustrating how easily such a file is leaked because the people employed in mobile network maintenance are incompetent and the systems are not updated and kept secure.

link
pjmlp 4136 days ago
I wish I could up vote you more than +1.
link
DyslexicAtheist 4136 days ago
working in telco, that sounds accurate :D nice one !!
link