After extensive research, several universities concluded that two of the most widely used networks back in the day were indirect fraud hubs engaging in data theft. When the algorithms were looked into, it was found that the services were intentionally backdoored with the reason being a mystery.
Researchers claim that the GEA-1, one of the first mobile network algorithms, was backdoored on purpose from the start. At the time of its introduction to this day, many rely on the algorithm to act as a bridge between the base and the mobile networks. GEA-1 was then followed by GEA-2 which had similar speculations however no solid evidence was found.
GEA-1 claimed to have 64-bit encryption to protect data which appealed to lots of users, perhaps the reason for its success back in the 1990s and 2000s however in a recent discovery, it was found that the algorithm is only capable of providing 40-bit protection. Such a low encryption rate gives hackers a chance to conduct malicious activities on a silver platter.
It was also reported that the researchers themselves tried to recreate the frail version of the algorithm but couldn't replicate it, instead ended up making a stronger version. Hence it can be concluded that the weak version wasn't a coincidence. It is quite saddening that many would've been the victim of such carelessness since a large population was relying on these networks to protect their internet presence.
The researchers also contacted the ETSI who then excused the misdemeanor as a ‘political mishap’, stating the regulations at the time prevented the strengthening of the network. The excuse must’ve cost millions of people their privacy since it takes no more than 240 trials and a rather simple test to decode the key.
Coming down to its predecessor, it was found that GEA-2 did not harbor such a weak algorithm, however still wasn't capable of providing 64-bit encryption. The only difference was that the new network would give hackers a harder time when trying to practice their malice.
Matthew Green, a professor at John Hopkins, assured that GEA-1 is no longer operational, being available only in the oldest phone basebands; however, that is not a feat. Seeing the government being a part of such incentives is indeed devastating while pretending to be an elite source of protection for the public.
Lastly, the researchers recommended the users to stick to GEA-3 and following networks for a safe experience while declaring that the use of GEA-1 was discontinued at the time.
H/T: Vice / 1 / 2.
Read next: Study Reveals the Startling Impact of Ransomware, 8 in 10 of Those Who Paid a Ransom Experienced Another Attack
Researchers claim that the GEA-1, one of the first mobile network algorithms, was backdoored on purpose from the start. At the time of its introduction to this day, many rely on the algorithm to act as a bridge between the base and the mobile networks. GEA-1 was then followed by GEA-2 which had similar speculations however no solid evidence was found.
GEA-1 claimed to have 64-bit encryption to protect data which appealed to lots of users, perhaps the reason for its success back in the 1990s and 2000s however in a recent discovery, it was found that the algorithm is only capable of providing 40-bit protection. Such a low encryption rate gives hackers a chance to conduct malicious activities on a silver platter.
It was also reported that the researchers themselves tried to recreate the frail version of the algorithm but couldn't replicate it, instead ended up making a stronger version. Hence it can be concluded that the weak version wasn't a coincidence. It is quite saddening that many would've been the victim of such carelessness since a large population was relying on these networks to protect their internet presence.
The researchers also contacted the ETSI who then excused the misdemeanor as a ‘political mishap’, stating the regulations at the time prevented the strengthening of the network. The excuse must’ve cost millions of people their privacy since it takes no more than 240 trials and a rather simple test to decode the key.
Coming down to its predecessor, it was found that GEA-2 did not harbor such a weak algorithm, however still wasn't capable of providing 64-bit encryption. The only difference was that the new network would give hackers a harder time when trying to practice their malice.
Matthew Green, a professor at John Hopkins, assured that GEA-1 is no longer operational, being available only in the oldest phone basebands; however, that is not a feat. Seeing the government being a part of such incentives is indeed devastating while pretending to be an elite source of protection for the public.
Lastly, the researchers recommended the users to stick to GEA-3 and following networks for a safe experience while declaring that the use of GEA-1 was discontinued at the time.
H/T: Vice / 1 / 2.
Read next: Study Reveals the Startling Impact of Ransomware, 8 in 10 of Those Who Paid a Ransom Experienced Another Attack