If you're working on making phone conversations more secure, there's a very good chance the NSA is keeping an eye on your inbox. A new report from The Intercept looks into the NSA's efforts to stay ahead of the encryption that carriers use to keep phone calls safe from eavesdropping. The NSA has consistently been able to beat that encryption, often finding ways to crack standards like 4G before they're even implemented, and this report offers the first clues as to how.
For the most part, it involves active surveillance of the people involved in setting up the standards. The new documents detail a project called Operation Auroragold, which kept an eye on more than 1,200 inboxes involved in cell phone encryption, including the influential GSM Association in London. By monitoring any new encryption proposals before they were made public, the agency was able to get a head start on finding ways to break the new systems.
The NSA has struggled with cell phone surveillance in recent years, reportedly collecting only 20 to 30 percent of call records for US phone calls, so a program like Auroragold could be seen as a natural way to catch up. Still, it runs the risk of alienating members of the GSM Association, which include both physical infrastructure partners and major companies like Facebook, Microsoft and AT&T. Reached for comment by The Intercept, a GSMA representative said the group's lawyers were investigating the documents: "If there is something there that is illegal then they will take it up with the police."