"but the widespread availability of wiretapping technology over the
Internet, which has created a growing pool of amateur eavesdroppers."
and they don't mean literally tapping the wires, but sniffing the
conversation out of the air.
I don't know why this should be a shock to anyone. In general, governments
do not want cell phones or anything else available to the general public to
have strong encryption.
Naturally, it's against the low in the US for the private citizen to possess
a receiver and decryption device for cell phones. (Even though the
government supposedly does not in general regulate the ownership/use of
receivers, other than the laws involving interference.)
<carcarx@hotmail.com> wrote in message
news:1177964098.146418.164090@y80g2000hsf.googlegr oups.com...
> There have been small articles about this over the years, but at least
> in the New York
> Times it's now "big" news.
>
> The upshot: Don't use GSM phones (2G or 2.5G) to discuss sensitive
> topics. They're interceptable
> and forgeable over the air.
>
> http://www.nytimes.com/2007/04/30/bu...=1&oref=slogin
>
> "but the widespread availability of wiretapping technology over the
> Internet, which has created a growing pool of amateur eavesdroppers."
> and they don't mean literally tapping the wires, but sniffing the
> conversation out of the air.
>
On Apr 30, 8:15 pm, "Chuck" <Chuckk2nos...@cox.net> wrote:
> I don't know why this should be a shock to anyone. In general, governments
> do not want cell phones or anything else available to the general public to
> have strong encryption.
The other mobile technology widely available in the US doesn't need
any extra encryption.
It was available from the start. As Cingular/ATT Wireless migrates
more areas to W-CDMA this technology
will start to be available to more of their customers.
On 1 May 2007 06:14:35 -0700, "carcarx@hotmail.com"
<carcarx@hotmail.com> wrote in
<1178025275.230178.135650@n76g2000hsh.googlegroups .com>:
>On Apr 30, 8:15 pm, "Chuck" <Chuckk2nos...@cox.net> wrote:
>> I don't know why this should be a shock to anyone. In general, governments
>> do not want cell phones or anything else available to the general public to
>> have strong encryption.
>
>The other mobile technology widely available in the US doesn't need
>any extra encryption.
>It was available from the start.
Other technology actually predated early CDMA-based systems, and they
aren't actually immune to eavesdropping -- it's known that North Korea
operated mobile CDMA-based eavesdropping systems. Complacency is
antithetical to security(c).
>As Cingular/ATT Wireless migrates
>more areas to W-CDMA this technology
>will start to be available to more of their customers.
W-CDMA is actually quite different from cdmaOne and CDMA2000.
--
Best regards,
John Navas <http:/navasgroup.com>
"Usenet is like a herd of performing elephants with diarrhea - massive,
difficult to redirect, awe inspiring, entertaining, and a source of mind
boggling amounts of excrement when you least expect it." --Gene Spafford
carcarx@hotmail.com wrote:
> On Apr 30, 8:15 pm, "Chuck" <Chuckk2nos...@cox.net> wrote:
>> I don't know why this should be a shock to anyone. In general, governments
>> do not want cell phones or anything else available to the general public to
>> have strong encryption.
>
> The other mobile technology widely available in the US doesn't need
> any extra encryption.
> It was available from the start. As Cingular/ATT Wireless migrates
> more areas to W-CDMA this technology
> will start to be available to more of their customers.
Yes, eventually as the whole world moves to CDMA (in one form or
another) at least that part of the security issue will be resolved.
For the time being, if you care about privacy, the best option is to use
Sprint, Verizon, Alltel, or whatever other CDMA carrier is available in
your area, though of course this doesn't work in most of Europe.
If CDMA had come along during the current U.S. administration it almost
certainly would not have been permitted to be deployed due to the
privacy it affords.
[Copied to alt.cellular.attws. Please post all alt.cellular.cingular
posts to alt.cellular.attws as well. The Cingular name is going away,
and alt.cellular.attws is the proper venue for posts regarding AT&T's
Wireless Service.]
On Tue, 01 May 2007 07:48:22 -0700, SMS <scharf.steven@geemail.com>
wrote in <46375338$0$27185$742ec2ed@news.sonic.net>:
>carcarx@hotmail.com wrote:
>> On Apr 30, 8:15 pm, "Chuck" <Chuckk2nos...@cox.net> wrote:
>>> I don't know why this should be a shock to anyone. In general, governments
>>> do not want cell phones or anything else available to the general public to
>>> have strong encryption.
>>
>> The other mobile technology widely available in the US doesn't need
>> any extra encryption.
>> It was available from the start. As Cingular/ATT Wireless migrates
>> more areas to W-CDMA this technology
>> will start to be available to more of their customers.
>
>Yes, eventually as the whole world moves to CDMA (in one form or
>another) at least that part of the security issue will be resolved.
1. W-CDMA is quite different from cdmaOne and CDMA2000, your repeated
attempts to confuse them notwithstanding.
2. CDMA-type systems are not immune to eavesdropping -- it's known that
North Korea has operated mobile CDMA-based eavesdropping systems.
>For the time being, if you care about privacy, the best option is to use
>Sprint, Verizon, Alltel, or whatever other CDMA carrier is available in
>your area, though of course this doesn't work in most of Europe.
If you really care about privacy then you shouldn't be using _any_
cellular system.
>If CDMA had come along during the current U.S. administration it almost
>certainly would not have been permitted to be deployed due to the
>privacy it affords.
Complacency is antithetical to security.
>[Copied to alt.cellular.attws.
Thereby trashing the attws group with confusing thread fragments.
What you're doing is rude and counterproductive.
>Please post all alt.cellular.cingular
>posts to alt.cellular.attws as well.
>The Cingular name is going away,
Not yet.
>and alt.cellular.attws is the proper venue for posts regarding AT&T's
>Wireless Service.]
That remains to be seen.
--
Best regards, FAQ FOR CINGULAR WIRELESS:
John Navas <http://en.wikibooks.org/wiki/Cingular_Wireless_FAQ>
On May 1, 10:03 am, John Navas <spamfilt...@navasgroup.com> wrote:
> On Tue, 01 May 2007 07:48:22 -0700, SMS <scharf.ste...@geemail.com>
> wrote in <46375338$0$27185$742ec...@news.sonic.net>:
> 1. W-CDMA is quite different from cdmaOne and CDMA2000, your repeated
> attempts to confuse them notwithstanding.
Aside from a 5 MHz bandwidth, and therefore a different signaling
rate, what are the other differences in terms of
modulation and channel coding?
> 2. CDMA-type systems are not immune to eavesdropping -- it's known that
> North Korea has operated mobile CDMA-based eavesdropping systems.
References? I hope they are technical, because a good technical
discussion is needed to illuminate this.
carcarx@hotmail.com wrote:
> On May 1, 10:03 am, John Navas <spamfilt...@navasgroup.com> wrote:
>> On Tue, 01 May 2007 07:48:22 -0700, SMS <scharf.ste...@geemail.com>
>> wrote in <46375338$0$27185$742ec...@news.sonic.net>:
>
>> 1. W-CDMA is quite different from cdmaOne and CDMA2000, your repeated
>> attempts to confuse them notwithstanding.
>
> Aside from a 5 MHz bandwidth, and therefore a different signaling
> rate, what are the other differences in terms of
> modulation and channel coding?
The important issue is that they are both spread spectrum, which makes
eavesdropping extremely difficult (CDMA's roots are in the military).
See
"http://www.comsec.uwaterloo.ca/~flchiu/CDMA/WCDMA%20and%20CDMA2000.pdf"
for a technical discussion of each. See table 36.1 on page 15. The
important issue to understand is that both W-CDMA and CDMA 2000 provide
inherent protection against eavesdropping. The two technologies are
extremely similar.
> References? I hope they are technical, because a good technical
> discussion is needed to illuminate this.
LOL, since when has Navas _ever_ provided references or citations?!
[Copied to alt.cellular.attws. Please post all alt.cellular.cingular
posts to alt.cellular.attws as well. The Cingular name is going away,
and alt.cellular.attws is the proper venue for posts regarding AT&T's
Wireless Service.]
On 2007-05-02, SMS <scharf.steven@geemail.com> wrote:
> carcarx@hotmail.com wrote:
>>> 1. W-CDMA is quite different from cdmaOne and CDMA2000, your repeated
>>> attempts to confuse them notwithstanding.
>>
>> Aside from a 5 MHz bandwidth, and therefore a different signaling
>> rate, what are the other differences in terms of
>> modulation and channel coding?
>
> The important issue is that they are both spread spectrum, which makes
> eavesdropping extremely difficult (CDMA's roots are in the military).
>
> See
> "http://www.comsec.uwaterloo.ca/~flchiu/CDMA/WCDMA%20and%20CDMA2000.pdf"
> for a technical discussion of each. See table 36.1 on page 15. The
> important issue to understand is that both W-CDMA and CDMA 2000 provide
> inherent protection against eavesdropping. The two technologies are
> extremely similar.
I don't think that is quite right. Whether direct sequence spread
spectrum is secure or not depends on the (un)predictability of the
spreading code in use. The GPS C/A channel (i.e. what we all use)
is spread spectrum but is also entirely insecure since the spreading
codes are well known. 802.11 spread spectrum also uses predictable
spreading codes. The GPS PPS channel, which the military controls,
is considered secure because (as far as I know) the spreading sequence
algorithm hasn't been broken.
As I understand it both CDMA2000 and WCDMA generate private long codes
to use for scrambling sequence generation, but I don't think either of
these (and they may do it the same way) are claimed to be cryptographically
"secure", perhaps since what they do is highly constrained by the
need to keep the codes orthogonal. The papers all carefully call these
an "extra" layer of security since ultimately they still depend on the
quality of the cipher being used to encrypt the data for real security.
I think the data ciper used by CDMA2000 1xRTT is ORYX. I think a known
plain text attack on the basic cipher has been found, though I don't
think there is a practical attack against its use in cell phones
yet (particularly with the "extra" layer, I guess). The data cipher
used by WCDMA, and GSM now, is the KASUMI algorithm, on which they
did really extensive cryptanalysis (after the previous GSM disasters)
and found it to be resistant to all currently known attack approaches.
So I think WCDMA and CDMA2000 are pretty secure, but I also think
GSM is just about as secure if modern standards are being used.
I don't think the over-the-air GSM interface can be tapped if the
most recent standards are in use. The article that talked about
this doesn't say how this stuff was tapped, but either they had to
be listening to old phones over the air, or they managed to get
encryption keys off the SIMs, or (most likely) the tap was placed
somewhere after the base stations where none of this helps.
Of course the last bit is why, if you want real security, you need
end-to-end encryption. Just encrypting the radio link doesn't help
if the tapper has access to the equipment on the other side of the
base station.
On Wed, 02 May 2007 07:49:53 -0700, SMS <scharf.steven@geemail.com>
wrote in <4638a50f$0$27210$742ec2ed@news.sonic.net>:
>carcarx@hotmail.com wrote:
>> On May 1, 10:03 am, John Navas <spamfilt...@navasgroup.com> wrote:
>>> On Tue, 01 May 2007 07:48:22 -0700, SMS <scharf.ste...@geemail.com>
>>> wrote in <46375338$0$27185$742ec...@news.sonic.net>:
>>
>>> 1. W-CDMA is quite different from cdmaOne and CDMA2000, your repeated
>>> attempts to confuse them notwithstanding.
>>
>> Aside from a 5 MHz bandwidth, and therefore a different signaling
>> rate, what are the other differences in terms of
>> modulation and channel coding?
Both the system and infrastructure are completely incompatible. Google
my prior posts for specifics.
>The important issue is that they are both spread spectrum, which makes
>eavesdropping extremely difficult (CDMA's roots are in the military).
In fact CDMA-type systems are vulnerable to eavesdropping. Again,
Google my prior posts.
>> References? I hope they are technical, because a good technical
>> discussion is needed to illuminate this.
>
>LOL, since when has Navas _ever_ provided references or citations?!
Far more often than you.
--
Best regards, FAQ FOR CINGULAR WIRELESS:
John Navas <http://en.wikibooks.org/wiki/Cingular_Wireless_FAQ>
On May 1, 10:03 am, John Navas <spamfilt...@navasgroup.com> wrote:
> 1. W-CDMA is quite different from cdmaOne and CDMA2000, your repeated
> attempts to confuse them notwithstanding.
Aside from needing 5 MHz and the therefore higher chip rate
possibility, what are the RF modulations
that are different and the data channel codings that are different?
> 2. CDMA-type systems are not immune to eavesdropping -- it's known that
> North Korea has operated mobile CDMA-based eavesdropping systems.
On May 1, 10:03 am, John Navas <spamfilt...@navasgroup.com> wrote:
> On Tue, 01 May 2007 07:48:22 -0700, SMS <scharf.ste...@geemail.com>
> wrote in <46375338$0$27185$742ec...@news.sonic.net>:
>
> >carc...@hotmail.com wrote:
> >> On Apr 30, 8:15 pm, "Chuck" <Chuckk2nos...@cox.net> wrote:
> >>> I don't know why this should be a shock to anyone. In general, governments
> >>> do not want cell phones or anything else available to the general public to
> >>> have strong encryption.
>
> >> The other mobile technology widely available in the US doesn't need
> >> any extra encryption.
> >> It was available from the start. As Cingular/ATT Wireless migrates
> >> more areas to W-CDMA this technology
> >> will start to be available to more of their customers.
>
> >Yes, eventually as the whole world moves to CDMA (in one form or
> >another) at least that part of the security issue will be resolved.
>
> 1. W-CDMA is quite different from cdmaOne and CDMA2000, your repeated
> attempts to confuse them notwithstanding.
Aside from needing 5 MHz where cdma2000 needs 1.25 (and the attendant
higher chip rate)
what are the RF modulation and channel coding differences?
> 2. CDMA-type systems are not immune to eavesdropping -- it's known that
> North Korea has operated mobile CDMA-based eavesdropping systems.
SMS <scharf.steven@geemail.com> wrote in news:463aae55$0$27241
$742ec2ed@news.sonic.net:
> DTC wrote:
>> SMS wrote:
>>
>>> LOL, since when has Navas _ever_ provided references or citations?!
>>
>> Quite often...to back peddle
>
> Pedal, not peddle.
>
On Thu, 03 May 2007 20:53:53 -0700, SMS <scharf.steven@geemail.com>
wrote in <463aae55$0$27241$742ec2ed@news.sonic.net>:
>DTC wrote:
>> SMS wrote:
>>
>>> LOL, since when has Navas _ever_ provided references or citations?!
>>
>> Quite often...to back peddle
>
>Pedal, not peddle.
He had it right the first time.
--
Best regards, FAQ FOR CINGULAR WIRELESS:
John Navas <http://en.wikibooks.org/wiki/Cingular_Wireless_FAQ>
GSM insecure, additional encryption necessary 
Linear Mode
