@timbray Are you familiar with the UK intelligence aparat compromising the encryption mechanism in GSM?
My take is that ANY compromisable product has been. Figuring out if its design permits something to not be compromised is hard; I certainly can't do it. If I could do it, any such analysis would run smack into "trusting trust" issues.
Security is always about who, not when or if or what.
@graydon IIRC correctly from Karsten Nohl's presentation at CCCAmp in 2011, a lot of GSM network operators never even bothered to turn on encryption?
Meanwhile h1kari et al had presented research on generating rainbow tables to attack the A5/1 GSM encryption publicly at least as far back as 2007?
Doubtlessly building upon h1kari's previous research on using FPGAs to accelerate such attacks (circa 2006 if not earlier his FPGA efforts could brute force the entire NTLM hash space faster than doing a rainbow table look up on disk as an example).
@teajaygrey https://www.schneier.com/blog/archives/2015/02/nsagchq_hacks_s.html
I seem to recall that some information about having hacked the root keys for the process came out around the same time.
