X

This is not a paywall.

Register for free to continue reading.

We made a promise to you that we’ll never erect a paywall and we intend to keep that promise. We also want to continually improve your reading experience and you can help us do that by registering with us. It’s quick, easy and will cost you nothing.



Nearly there! Create a password to finish up registering with us:


Please enter your password or get a login link if you’ve forgotten


Open Sesame! Thanks for registering.

Ramaphosa's energy plan Webinar banner

We'd like our readers to start paying for Daily Maverick

More specifically, we'd like those who can afford to pay to start paying. What it comes down to is whether or not you value Daily Maverick. Think of us in terms of your daily cappuccino from your favourite coffee shop. It costs around R35. That’s R1,050 per month on frothy milk. Don’t get us wrong, we’re almost exclusively fuelled by coffee. BUT maybe R200 of that R1,050 could go to the journalism that’s fighting for the country?

We don’t dictate how much we’d like our readers to contribute. After all, how much you value our work is subjective (and frankly, every amount helps). At R200, you get it back in Uber Eats and ride vouchers every month, but that’s just a suggestion. A little less than a week’s worth of cappuccinos.

We can't survive on hope and our own determination. Our country is going to be considerably worse off if we don’t have a strong, sustainable news media. If you’re rejigging your budgets, and it comes to choosing between frothy milk and Daily Maverick, we hope you might reconsider that cappuccino.

We need your help. And we’re not ashamed to ask for it.

Our mission is to Defend Truth. Join Maverick Insider.

Support Daily Maverick→
Payment options

Now everybody can listen to your (cell) phone calls

Business Maverick

Business Maverick, Politics, Sci-Tech

Now everybody can listen to your (cell) phone calls

It used to be limited to just your cellphone provider, the SA government and its various branches and bureaucracies, any foreign government, any other organisation with sufficient motivation and resources, or anybody with the skills to find and bribe a couple of easily-bribed network provider employees. But as of this week, anyone with a couple of grand for equipment and two hours to spare can listen in on your cellphone calls.

If you thought your cellphone conversations were secure before, then you were, well, a damn fool. But at least your retired neighbour couldn’t listen in on your calls for casual amusement, and your business rivals would have had to hire a crooked private investigator (and wait a couple of days) to get that kind of intelligence. Now, however, they’ll just need some off-the-shelf hardware and the ability to use a search engine.

Or so we hear. Note that actually doing so would be illegal in South Africa and that we would never, ever, engage in such activity. Nor would we encourage you to do so. Cross our hearts.

The encryption standard used in normal GSM operation, A5/1, has been known to be vulnerable for many years, but those who cracked it kept their methods to themselves. This week the Chaos Computer Club, a German group with a history of neat hacks, published a solution, and a couple of hours later it was all over the interweb.

To use it will require a laptop or two, proximity to the cellphone you want to tap (a couple of hundred meters will be close enough), a couple of GSM modems to which you have low-level access, and a modicum of technical ability. Or the ability to find and follow detailed instructions.

The GSM Association, which is responsible for the encryption standard, says the hack is illegal (which is true, in some countries), that it is technically infeasible (which is downright false) and that phone calls are protected because there are so very many of them going on at any one time that picking out the right one is like finding a needle in a haystack. That last argument is by far the best, but is (a) cold comfort when you’re supposed to have proper protection and (b) not an obstacle that is particularly hard to overcome.

A5/1 is two decades old, which is why a more secure alternative, A5/3, was finalised two years ago. It is far more robust and has no currently known vulnerabilities. It is also in use by virtually nobody anywhere in the world, because network operators haven’t been willing to spend the money required for its implementation.

Our advice: go back to the landlines when the call really matters. At least only the government (and its various arms), Telkom and its employees and anybody who can lever open the local exchange box down the street and clip on a couple of wires can listen to those.

By Phillip de Wet

Read more: Guardian, Daily Tech

Photo: Reuters

Gallery

Please peer review 3 community comments before your comment can be posted