A joint US-UK operation has obtained the master encryption keys to billions of mobile phones:
The hack was perpetrated by a joint unit consisting of operatives from the NSA and its British counterpart Government Communications Headquarters, or GCHQ. The breach, detailed in a secret 2010 GCHQ document, gave the surveillance agencies the potential to secretly monitor a large portion of the world’s cellular communications, including both voice and data.
With these stolen encryption keys, intelligence agencies can monitor mobile communications without seeking or receiving approval from telecom companies and foreign governments. Possessing the keys also sidesteps the need to get a warrant or a wiretap, while leaving no trace on the wireless provider’s network that the communications were intercepted. Bulk key theft additionally enables the intelligence agencies to unlock any previously encrypted communications they had already intercepted, but did not yet have the ability to decrypt.
Oh, goody. Essentially, if you have a phone with a SIM card (in the U.S., that means you have AT&T or T-Mobile), the NSA and Britain's GCHQ can listen in to your conversation in real time. (The article goes into some good technical depth about the exploits and how they did it.)
Of course, they would have to be looking for you in order to do that, but still. This is the kind of revelation that (a) makes me think Edward Snowden may not have been such a bad guy after all, and (b) that because so few people care, the world is a scarier place.
By the way, I'm right now reading The Honourable Schoolboy, having finished Tinker Tailor Soldier Spy in London last weekend. I'm rooting for Smiley and Westerby just the same. But you know, the USSR had 15,000 nuclear bombs pointed at us, and Western spying back then was aimed at the USSR, not at its own citizens.