[liberationtech] Exactly how are satellite transmissions tapped/intercepted, in Syria and elsewhere?
Jacob Appelbaum
jacob at appelbaum.net
Tue Nov 29 11:22:38 PST 2011
On 11/29/2011 08:43 AM, Enrique Piraces wrote:
> Hi all, thanks for the detailed responses on this thread.
>
> I'm trying to understand how weak BGAN, Thuraya, Iridium encryption
> could be. For example one of them claims in its site that "Thuraya's
> integrated satellite communication solutions are rapidly deployable,
> employ the highest level of encryption, and are proven in meeting
> exacting security standards for use in the field."
>
Hi Enrique!
You can pretty much tell that it's bullshit from their marking language,
right? :)
> Beyond the ability that some may have to detect the location of a
> call/connection and log their calls, how true is that their
> encryption can protect the contents of the information transmitted?
> Is the risk the same for each voice/data/text?
>
Yes. The risk is the same. Their encryption is broken in commercial and
off the shelf products similar to the Shoghi gear.
> Is part of the solution to use encryption modules like
> http://www.shoghicom.com/thuraya-encryption.html?
>
Not exactly; I don't trust Shoghicom for anything except interception
capabilities. I think the solution for traditional SS7 networks is the
cryptophone. For the Internet, there are a bunch of solutions that vary
in quality and security.
Here are a few suggestions to look into:
PrivateWave/Cryptophone/Redphone(again soon, I hope), anything else
based on zrtp, TextSecure, OTR, Gibberbot with Orbot, etc
All the best,
Jacob
More information about the liberationtech
mailing list