The Future Is Here
We may earn a commission from links on this page

The NSA Can Decode Private, Encrypted Cellphone Conversations

The Washington Post is reporting that, according to a newly released internal document, the National Security Agency isn't just swiping location data from our cell phones; they actually have the ability to decode private, encrypted data, putting all our texts and calls right at their disposal.

Advertisement

Though US Law may prohibit the NSA from collecting our phone data (or demanding encryption keys) without a court order, the ability to decode these encrypted conversations own their own means they can cut out the courts entirely. More specifically, it's the encryption technology known as A5/1, which has been noted for its vulnerabilities for years, that the NSA can crack, and most global carriers haven't upgraded to more complex software yet.

Advertisement

But that's globally—here in the United States, most manufacturers have already upgraded. According to The Washington Post's report:

The vulnerability outlined in the NSA document concerns encryption developed in the 1980s but still used widely by cellphones that rely on technology called second-generation (2G) GSM. It is dominant in most of the world but less so in the wealthiest nations, including the United States, where newer networks such as 3G and 4G increasingly provide faster speeds and better encryption, industry officials say.

Advertisement

Though just because this older-form (30 years older, to be exact) of encryption is the one most commonly cracked, don't think that puts anyone toting a smartphone off limits. According to The Washington Post, experts have said that it is indeed possible for the NSA to decode more sophisticated means of encryption, although doing so is far more difficult and—at least at this point in time—can't be applied on a larger scale.

Advertisement

What's more, even though the majority of phones here in the US may have gotten an upgrade in security, it's still pretty disconcerting that a 30-year-old technology thats been proven time and time again to be insufficient is even still being used. Hopefully this will be the kick carriers need to finally upgrade all their phones to encryption software that actually, well, works. [The Washington Post]