Deutsche Telecom Upgrades T-Mobile 2G Encryption In US 27
An anonymous reader writes T-Mobile, a major wireless carrier in the U.S. and subsidiary of German Deutsche Telecom, is hardening the encryption on its 2G cellular network in the U.S., reports the Washington Post. According to Cisco, 2G cellular calls still account for 13% of calls in the US and 68% of wireless calls worldwide. T-Mobile's upgrades will bring the encryption of older and inexpensive 2G GSM phone signals in the US up to par with that of more expensive 3G and 4G handsets. Parent company Deutsche Telecom had announced a similar upgrade of its German 2G network after last year's revelations of NSA surveillance. 2G is still important not only for that 13 percent of calls, but because lots of connected devices rely on it, or will, even while the 2G clock is ticking. The "internet of things" focuses on cheap and ubiquitous, and in the U.S. that still means 2G, but lots of things that might be connected that way are ones you'd like to be encrypted.
How's this affect StingRay(tm)s (Score:3)
Obligatory Ars Link. [arstechnica.com] From what I understand, fake towers work by forcing you to downgrade to 2G. Will this obviate that risk?
Re: (Score:2)
Re: (Score:2)
From what I have read on A5, the newer versions made a strange mistake which actually leaves A1/2&3 slightly weaker against brute force attacks than A5/1.
It is possible to use rainbow tables against A5, which seems to mean it isn't salted. - There should be more than enough performance in modern devices to support stronger encryption.
But disabling GSM when possible is still smart (Score:3)
GSM (2G) encryption did not authenticate the cell tower, whereas UMTS (3G) and above do. Cell tower authentication should break devices like the Stingray and other forms of fake base station, unless/until governments start forcing cell carriers to hand over the signing keys for tower identities. But as devices like Stingray exist more or less exclusively to get around the warrant requirement and no carrier would assist in that way without a court order, that places the police in the awkward position of asking a judge to write an order than can only be for avoiding the same judges authority....
Re: (Score:2)
They're eager to do things they can charge for. I bet AT&T charges a pretty penny for the connections to room 641A [wikipedia.org]
They're a little less eager to do things they can't make money on. Of course, if they don't participate they might find themselves like Qwest's CEO, who lost all the government contracts because he wouldn't play ball with the NSA, then got arrested on securities charges for losing stockholders' money by losing the government contracts.
Oh, things like our... (Score:2)
Fairly low-tech, but rather important none the less, and monitored via cell network as a backup in case the WAN link goes down...
Good luck, as carriers stop using 2G (Score:2)
My Garmin Nuvi GPS no longer gets traffic data, and can't use a few other 2-way features like Google Search, because the 2G wireless network it used will be going away early next year, and the carrier's no longer renewing contracts for them. So it's back to being a dumb GPS, with maps and built-in data points, but no live search.
Carriers really want to reallocate their 2G spectrum to 4G or at least 3G, because it lets them get more calls and a lot more data in the same amount of bandwidth, and because the
Re: (Score:2)
My Garmin also uses FM for real time traffic, however FM traffic is being phased out in favor of data over the "HD" radio signal, which is a different kind of thing. You'll need a new GPS to take advantage of it, and at some point the older FM signal you get now will cease to exist.
Honestly though, I use my phone GPS (Waze) exclusively now. It has all the real time traffic and updated maps and other benefits. My Garmin sits in a drawer and never gets used.
Phone navigation vs. Car Radio (Score:2)
My car radio has Bluetooth. Works really well for phone calls, and has a good microphone built into the car ceiling near the driver. Unfortunately, it doesn't get along with the navigation applications in my phone; they're not phone calls, so it doesn't play them. (Maybe it would if I set the radio for MP3 mode or something, instead of radio? But then it wouldn't be playing the radio, whereas my Garmin doesn't care about the radio and just talks, and I pick the snarky British GPS voice because it usuall
Re: (Score:2)
Does their encyption procotol... (Score:2)
foil National Security Letters?
When people with guns ignore the Constitution, technical solutions seem insufficient.
Re: (Score:2)
Re: (Score:2)
Thats ready for tracking, remote turn on, software update and voice recording at a village, town, city, sate, federal level as sold.
Some much older tech or kits in private hands for security work may need upgrading.
Not so sure (Score:2)
Re: (Score:2)
They can use a great encryption algorithm, but if they continue to not authenticate the basestation, as per 2G specs, then it doesn't really help. It wasn't until LTE that this finally started happening.
This problem can be solved at the Mobile Station or SIM by refusing to register or call over a network that does not support at least UMTS authentication of the network and replay protection or that does not activate encryption. This would break connections to 2G networks whose MSC was not updated to support UMTS authentication but it could be implemented as an user option.
AT&T 2G (Score:2)
Meanwhile, AT&T will be shutting down it's 2G network by the end of 2016.
http://www.business.att.com/enterprise/Family/mobility-services/machine-to-machine/m2m-applications/cd2migration/page=addl-info/ [att.com]