<article>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#article09_12_28_1931256</id>
	<title>GSM Decryption Published</title>
	<author>ScuttleMonkey</author>
	<datestamp>1262008500000</datestamp>
	<htmltext><a href="http://hughpickens.com/" rel="nofollow">Hugh Pickens</a> writes <i>"The NY Times reports that German encryption expert Karsten Nohl says that he has <a href="http://www.nytimes.com/2009/12/29/technology/29hack.html">deciphered and published the 21-year-old GSM algorithm</a>, the secret code used to encrypt most of the world's digital mobile phone calls, in what he called an attempt to expose weaknesses in the security system used by about 3.5 billion of the 4.3 billion wireless connections across the globe. Others have cracked the A5/1 encryption technology used in GSM before, but their <a href="http://spectrum.ieee.org/telecom/wireless/open-source-effort-to-hack-gsm">results have remained secret</a>. 'This shows that existing GSM security is inadequate,' Nohl told about 600 people attending the Chaos Communication Congress. 'We are trying to push operators to adopt better security measures for mobile phone calls.' The GSM Association, the industry group based in London that devised the algorithm and represents wireless operators, called Mr. Nohl's efforts illegal and said they overstated the security threat to wireless calls. 'This is theoretically possible but practically unlikely,' says Claire Cranton, a GSM spokeswoman, noting that no one else had broken the code since its adoption. 'What he is doing would be illegal in Britain and the United States. To do this while supposedly being concerned about privacy is beyond me.' Simon Bransfield-Garth, the chief executive of Cellcrypt, says Nohl's efforts could put sophisticated mobile interception technology &mdash; limited to governments and intelligence agencies &mdash; within the reach of any reasonable well-funded criminal organization. 'This will reduce the time to break a GSM call from weeks to hours,' Bransfield-Garth says. 'We expect as this further develops it will be reduced to minutes.'"</i></htmltext>
<tokenext>Hugh Pickens writes " The NY Times reports that German encryption expert Karsten Nohl says that he has deciphered and published the 21-year-old GSM algorithm , the secret code used to encrypt most of the world 's digital mobile phone calls , in what he called an attempt to expose weaknesses in the security system used by about 3.5 billion of the 4.3 billion wireless connections across the globe .
Others have cracked the A5/1 encryption technology used in GSM before , but their results have remained secret .
'This shows that existing GSM security is inadequate, ' Nohl told about 600 people attending the Chaos Communication Congress .
'We are trying to push operators to adopt better security measures for mobile phone calls .
' The GSM Association , the industry group based in London that devised the algorithm and represents wireless operators , called Mr. Nohl 's efforts illegal and said they overstated the security threat to wireless calls .
'This is theoretically possible but practically unlikely, ' says Claire Cranton , a GSM spokeswoman , noting that no one else had broken the code since its adoption .
'What he is doing would be illegal in Britain and the United States .
To do this while supposedly being concerned about privacy is beyond me .
' Simon Bransfield-Garth , the chief executive of Cellcrypt , says Nohl 's efforts could put sophisticated mobile interception technology    limited to governments and intelligence agencies    within the reach of any reasonable well-funded criminal organization .
'This will reduce the time to break a GSM call from weeks to hours, ' Bransfield-Garth says .
'We expect as this further develops it will be reduced to minutes .
' "</tokentext>
<sentencetext>Hugh Pickens writes "The NY Times reports that German encryption expert Karsten Nohl says that he has deciphered and published the 21-year-old GSM algorithm, the secret code used to encrypt most of the world's digital mobile phone calls, in what he called an attempt to expose weaknesses in the security system used by about 3.5 billion of the 4.3 billion wireless connections across the globe.
Others have cracked the A5/1 encryption technology used in GSM before, but their results have remained secret.
'This shows that existing GSM security is inadequate,' Nohl told about 600 people attending the Chaos Communication Congress.
'We are trying to push operators to adopt better security measures for mobile phone calls.
' The GSM Association, the industry group based in London that devised the algorithm and represents wireless operators, called Mr. Nohl's efforts illegal and said they overstated the security threat to wireless calls.
'This is theoretically possible but practically unlikely,' says Claire Cranton, a GSM spokeswoman, noting that no one else had broken the code since its adoption.
'What he is doing would be illegal in Britain and the United States.
To do this while supposedly being concerned about privacy is beyond me.
' Simon Bransfield-Garth, the chief executive of Cellcrypt, says Nohl's efforts could put sophisticated mobile interception technology — limited to governments and intelligence agencies — within the reach of any reasonable well-funded criminal organization.
'This will reduce the time to break a GSM call from weeks to hours,' Bransfield-Garth says.
'We expect as this further develops it will be reduced to minutes.
'"</sentencetext>
</article>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30579808</id>
	<title>Re:Ha Ha</title>
	<author>Anonymous</author>
	<datestamp>1262117340000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p><i>What the operators really want is something secure enough so you can't practically listen to a politician's conversations, but open enough so the state can listen to any citizen's conversation.</i></p><p>Ummm, no. The state listens in when the phone call is carried in the clear over the wire, not when the call is (weakly) encrypted over-the-air by GSM. The state doesn't even need to decrypt.</p></htmltext>
<tokenext>What the operators really want is something secure enough so you ca n't practically listen to a politician 's conversations , but open enough so the state can listen to any citizen 's conversation.Ummm , no .
The state listens in when the phone call is carried in the clear over the wire , not when the call is ( weakly ) encrypted over-the-air by GSM .
The state does n't even need to decrypt .</tokentext>
<sentencetext>What the operators really want is something secure enough so you can't practically listen to a politician's conversations, but open enough so the state can listen to any citizen's conversation.Ummm, no.
The state listens in when the phone call is carried in the clear over the wire, not when the call is (weakly) encrypted over-the-air by GSM.
The state doesn't even need to decrypt.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578238</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30579214</id>
	<title>Re:Pna lbh urne zr abj?</title>
	<author>Locke2005</author>
	<datestamp>1262022240000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>Now I really know I've been on slashdot for two long... I just translated the rot13 to "Can you hear me now? Why yes, I can!" all in my head!</htmltext>
<tokenext>Now I really know I 've been on slashdot for two long... I just translated the rot13 to " Can you hear me now ?
Why yes , I can !
" all in my head !</tokentext>
<sentencetext>Now I really know I've been on slashdot for two long... I just translated the rot13 to "Can you hear me now?
Why yes, I can!
" all in my head!</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578212</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30579564</id>
	<title>Re:GSM Talk Video</title>
	<author>myddrn</author>
	<datestamp>1262026440000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>2</modscore>
	<htmltext>MOAR DETAILS:<br> <br>

Code: <a href="http://reflextor.com/trac/a51" title="reflextor.com" rel="nofollow">http://reflextor.com/trac/a51</a> [reflextor.com] <br> <br>

(SSL cert expired a couple of weeks ago)<br>
Paper: <a href="https://har2009.org/program/attachments/119\_GSM.A51.Cracking.Nohl.pdf" title="har2009.org" rel="nofollow">Subverting the security base of GSM</a> [har2009.org]</htmltext>
<tokenext>MOAR DETAILS : Code : http : //reflextor.com/trac/a51 [ reflextor.com ] ( SSL cert expired a couple of weeks ago ) Paper : Subverting the security base of GSM [ har2009.org ]</tokentext>
<sentencetext>MOAR DETAILS: 

Code: http://reflextor.com/trac/a51 [reflextor.com]  

(SSL cert expired a couple of weeks ago)
Paper: Subverting the security base of GSM [har2009.org]</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578470</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578258</id>
	<title>And this is a nearly unsolveable problem.</title>
	<author>chaboud</author>
	<datestamp>1262012880000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>5</modscore>
	<htmltext><p>We allow people to fear-monger by saying that this can allow criminals to decrypt calls more easily, but, if a couple of dozen hackers at a conference can piece this together through brute-force-ish tactics, are we sure that others haven't already?  That's the point that they've made, a point entirely lost in the article.</p><p>This does *next-to-nothing* to make the system less secure.  It was insecure to begin with.  Regulations rendering the dissemination of code-breaking and system-compromising codes and techniques illegal aren't there to protect our data security.  They're there to allow companies to use inadequate security measures without public shame.</p><p>Of course, this is Slashdot.  Anyone who doesn't already know that security through obscurity is ridiculous is an idiot (or a troll).  Anyone who relates cryptographic security to fake-rock-key-hiding and calls that rock obscurity (inevitable in a story like this) is just a troll.</p></htmltext>
<tokenext>We allow people to fear-monger by saying that this can allow criminals to decrypt calls more easily , but , if a couple of dozen hackers at a conference can piece this together through brute-force-ish tactics , are we sure that others have n't already ?
That 's the point that they 've made , a point entirely lost in the article.This does * next-to-nothing * to make the system less secure .
It was insecure to begin with .
Regulations rendering the dissemination of code-breaking and system-compromising codes and techniques illegal are n't there to protect our data security .
They 're there to allow companies to use inadequate security measures without public shame.Of course , this is Slashdot .
Anyone who does n't already know that security through obscurity is ridiculous is an idiot ( or a troll ) .
Anyone who relates cryptographic security to fake-rock-key-hiding and calls that rock obscurity ( inevitable in a story like this ) is just a troll .</tokentext>
<sentencetext>We allow people to fear-monger by saying that this can allow criminals to decrypt calls more easily, but, if a couple of dozen hackers at a conference can piece this together through brute-force-ish tactics, are we sure that others haven't already?
That's the point that they've made, a point entirely lost in the article.This does *next-to-nothing* to make the system less secure.
It was insecure to begin with.
Regulations rendering the dissemination of code-breaking and system-compromising codes and techniques illegal aren't there to protect our data security.
They're there to allow companies to use inadequate security measures without public shame.Of course, this is Slashdot.
Anyone who doesn't already know that security through obscurity is ridiculous is an idiot (or a troll).
Anyone who relates cryptographic security to fake-rock-key-hiding and calls that rock obscurity (inevitable in a story like this) is just a troll.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578458</id>
	<title>Re:And this is a nearly unsolveable problem.</title>
	<author>orlanz</author>
	<datestamp>1262014260000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p><nobr> <wbr></nobr></p><div class="quote"><p>... sophisticated mobile interception technology &mdash; limited to governments and intelligence agencies &mdash; within the reach of any reasonable well-funded criminal organization.</p></div><p>I hate it when I hear this crap from the "good guys"!  Why do so many people assume the bad guys are always dumber than them, and have the same moral &amp; legal limits?  This is rarely true no matter how many PR guys you send out and how many laws you make.  Seriously, this isn't rocket science.  Stop thinking it is and patting yourself on your back for figuring it out while assuming that no one else will.</p></div>
	</htmltext>
<tokenext>... sophisticated mobile interception technology    limited to governments and intelligence agencies    within the reach of any reasonable well-funded criminal organization.I hate it when I hear this crap from the " good guys " !
Why do so many people assume the bad guys are always dumber than them , and have the same moral &amp; legal limits ?
This is rarely true no matter how many PR guys you send out and how many laws you make .
Seriously , this is n't rocket science .
Stop thinking it is and patting yourself on your back for figuring it out while assuming that no one else will .</tokentext>
<sentencetext> ... sophisticated mobile interception technology — limited to governments and intelligence agencies — within the reach of any reasonable well-funded criminal organization.I hate it when I hear this crap from the "good guys"!
Why do so many people assume the bad guys are always dumber than them, and have the same moral &amp; legal limits?
This is rarely true no matter how many PR guys you send out and how many laws you make.
Seriously, this isn't rocket science.
Stop thinking it is and patting yourself on your back for figuring it out while assuming that no one else will.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578258</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30579708</id>
	<title>Re:Pna lbh urne zr abj?</title>
	<author>Anonymous</author>
	<datestamp>1262028540000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>I prefer ROT-26</p></htmltext>
<tokenext>I prefer ROT-26</tokentext>
<sentencetext>I prefer ROT-26</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578348</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578480</id>
	<title>Why it's unsolvable</title>
	<author>Anonymous</author>
	<datestamp>1262014380000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>4</modscore>
	<htmltext><p><div class="quote"><p>They're there to allow companies to use inadequate security measures without public shame.</p></div><p>And the politics is really the problem.</p><p>Let's classify the world into four types of people: politicians, security experts, telecommunications lobbyists and the regular citizens.</p><p>The politicians want to stay in office.  The security experts want good security.  The telecommunications lobbyists want cheap security.  The regular citizens don't know there's a security concern (except from what they hear from Hollywood).</p><p>The politicians can stay in office if they can afford a good campaign.  The telecommunication lobbyists want to make a deal.  The security experts are few, unconnected and don't have much money in comparison.  The uneducated masses aren't going to change their voting based on GSM security even if they knew about it and understood the issues.</p><p>And so you will have the politicians portraying the security experts as evil people (which the media will dutifully transmit to the public), all while the telecommunications people get to use cheap and poor security.</p><p>(replace telecommunications with banking if you want to get <em>really</em> bummed out...)</p><p>Or am I wrong?  Please, someone tell me I'm wrong.</p></div>
	</htmltext>
<tokenext>They 're there to allow companies to use inadequate security measures without public shame.And the politics is really the problem.Let 's classify the world into four types of people : politicians , security experts , telecommunications lobbyists and the regular citizens.The politicians want to stay in office .
The security experts want good security .
The telecommunications lobbyists want cheap security .
The regular citizens do n't know there 's a security concern ( except from what they hear from Hollywood ) .The politicians can stay in office if they can afford a good campaign .
The telecommunication lobbyists want to make a deal .
The security experts are few , unconnected and do n't have much money in comparison .
The uneducated masses are n't going to change their voting based on GSM security even if they knew about it and understood the issues.And so you will have the politicians portraying the security experts as evil people ( which the media will dutifully transmit to the public ) , all while the telecommunications people get to use cheap and poor security .
( replace telecommunications with banking if you want to get really bummed out... ) Or am I wrong ?
Please , someone tell me I 'm wrong .</tokentext>
<sentencetext>They're there to allow companies to use inadequate security measures without public shame.And the politics is really the problem.Let's classify the world into four types of people: politicians, security experts, telecommunications lobbyists and the regular citizens.The politicians want to stay in office.
The security experts want good security.
The telecommunications lobbyists want cheap security.
The regular citizens don't know there's a security concern (except from what they hear from Hollywood).The politicians can stay in office if they can afford a good campaign.
The telecommunication lobbyists want to make a deal.
The security experts are few, unconnected and don't have much money in comparison.
The uneducated masses aren't going to change their voting based on GSM security even if they knew about it and understood the issues.And so you will have the politicians portraying the security experts as evil people (which the media will dutifully transmit to the public), all while the telecommunications people get to use cheap and poor security.
(replace telecommunications with banking if you want to get really bummed out...)Or am I wrong?
Please, someone tell me I'm wrong.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578258</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30580856</id>
	<title>let me see if i understand this...</title>
	<author>(arg!)Styopa</author>
	<datestamp>1262091000000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>...You're complaining that your CELL PHONE call is insecure?  Really?  Isn't that like complaining that your neighbor can hear when you're shouting from the rooftop?</p><p>If you want a secure conversation, don't use a cellphone.  (And hint1: without supplemental hardware, that's not secure either; hint2:even WITH supplemental hardware, its probably not secure anyway.)</p></htmltext>
<tokenext>...You 're complaining that your CELL PHONE call is insecure ?
Really ? Is n't that like complaining that your neighbor can hear when you 're shouting from the rooftop ? If you want a secure conversation , do n't use a cellphone .
( And hint1 : without supplemental hardware , that 's not secure either ; hint2 : even WITH supplemental hardware , its probably not secure anyway .
)</tokentext>
<sentencetext>...You're complaining that your CELL PHONE call is insecure?
Really?  Isn't that like complaining that your neighbor can hear when you're shouting from the rooftop?If you want a secure conversation, don't use a cellphone.
(And hint1: without supplemental hardware, that's not secure either; hint2:even WITH supplemental hardware, its probably not secure anyway.
)</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30579720</id>
	<title>Not a smart move</title>
	<author>Corson</author>
	<datestamp>1262029020000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext>This was a selfish and thoughtless act. His own security and that of his country may be at risk eventually.</htmltext>
<tokenext>This was a selfish and thoughtless act .
His own security and that of his country may be at risk eventually .</tokentext>
<sentencetext>This was a selfish and thoughtless act.
His own security and that of his country may be at risk eventually.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578210</id>
	<title>Irony</title>
	<author>Anonymous</author>
	<datestamp>1262012400000</datestamp>
	<modclass>Troll</modclass>
	<modscore>-1</modscore>
	<htmltext><p>Wow, what an interesting way to force innovation at such a "minor" expense to the people their efforts are supposed to help. Kinda ironic their efforts have done the exact opposite of their goals... and if the past is any indication, the harm they may have just caused will be around for a while.

</p><p>Most of my calls are pretty boring, so I generally dont care. Some of my calls are regarding patient information entries in a database we maintain - in which case this becomes serious.</p></htmltext>
<tokenext>Wow , what an interesting way to force innovation at such a " minor " expense to the people their efforts are supposed to help .
Kinda ironic their efforts have done the exact opposite of their goals... and if the past is any indication , the harm they may have just caused will be around for a while .
Most of my calls are pretty boring , so I generally dont care .
Some of my calls are regarding patient information entries in a database we maintain - in which case this becomes serious .</tokentext>
<sentencetext>Wow, what an interesting way to force innovation at such a "minor" expense to the people their efforts are supposed to help.
Kinda ironic their efforts have done the exact opposite of their goals... and if the past is any indication, the harm they may have just caused will be around for a while.
Most of my calls are pretty boring, so I generally dont care.
Some of my calls are regarding patient information entries in a database we maintain - in which case this becomes serious.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30580436</id>
	<title>Re:Why it's unsolvable</title>
	<author>Anonymous</author>
	<datestamp>1262084820000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>2</modscore>
	<htmltext><p>Actually, let me put this in a different way:  You have three groups of people.</p><p>The governments.<br>Businesses (not just meaning the megacorps, but even SMBs).<br>The people.</p><p>The governments WANT good security, cost be damned.  They want to have AES-256 while the other guys are still using rot-13.  If their secrets get cracked, it might be that they may not be around in a few years.  Look at WWII and how the cracked Enigma hurt Germany and the Navajo code talkers kept the US secrets protected.</p><p>The people want good security too, but ease of use matters.  They want to know that if they send something via a secure tunnel, that some attacker won't have that info.  Same with having files encrypted on a laptop and the laptop getting stolen.  However, the difference between people and governments is that governments don't care about ease of use.  People rather have ease of use over security.  Look how PGP webs of trust have almost gone extinct while S/MIME and SSL are the dominant factor... and I'm sure almost no people have looked through the trusted root certificate store to see whom they are trusting.</p><p>Now businesses:  Their overriding motive is cost.  If they can get away with outright lying about encryption when in reality they are using no security at all, that's good for their bottom line.  To them, security has no ROI, and every dollar spent towards security is one that is wasted and could be going to an exec's retirement fund, or to fund more advertising.</p><p>I have seen numerous businesses that didn't even want to secure their corporate wireless network.  Why?  They believed no hacker would drive to their facility with a high gain antenna.  To boot, most businesses I encountered that had this lax mentality, when I posed the question about what they would do if breached:  "I'll just call Geek Squad."  A lot of businesses, a security breach will cost them nothing, even if all their payroll data and personal employee data ends up leaked.</p><p>Upper level business management just has zero incentive for security.  Public relations mishaps can be easily patched up by putting out a new security "policy" that makes no sense, then paying for an ad blitz.  I don't know about Europe, but Americans have a short memory, and are used to hearing "company foo had someone store 5,000,000 records on a laptop and the laptop got stolen and all the stuff is now on the Internet... want a year's subscription to a ID theft detection plan if you are one of those victimized?"</p><p>You won't be seeing any improvements in security from the private sector because there is no real reason to actually institute it.  If a backup tape is lost, throw the guy the guy who dropped the tape under the bus and call it done.  Security is a cost center, thus by modern MBA philosophy, it needs to be cut no matter what, even if it leaves a company at major risk.</p><p>So, if you want to see any real security in the commercial sector, you have to get after governments to get regulations out there.  Not knee-jerk shit like Sarbanes Oxley which has made the storage companies rich but has done nothing for data confidentiality, but stuff like PCI-DSS which makes it hurt and hurt bad if there is a security breach.  We also need data storage time limits, and laws requiring as little information as possible to complete a transaction.</p><p>The key is that businesses are not self policing.  Unless they are kicked in the butt by the government to do honest to God security measures which work, they will not do a single thing except PR campaigns.</p><p>GSM falls under this.  What the EU and US need to do is get the next iteration of the GSM standard to use well known hardware protocols, with a failover algorithm in case of the feared complete crack.  The SIM card should use AES-256 and a fall back to Serpent or even 3DES for the bulk encryption algorithm.  Yes, we will have to use block ciphers in stream mode, but modern chips can handle that.  For the public keys, RSA [1] goes without saying, but a backup algorithm should be ECC, as that is re</p></htmltext>
<tokenext>Actually , let me put this in a different way : You have three groups of people.The governments.Businesses ( not just meaning the megacorps , but even SMBs ) .The people.The governments WANT good security , cost be damned .
They want to have AES-256 while the other guys are still using rot-13 .
If their secrets get cracked , it might be that they may not be around in a few years .
Look at WWII and how the cracked Enigma hurt Germany and the Navajo code talkers kept the US secrets protected.The people want good security too , but ease of use matters .
They want to know that if they send something via a secure tunnel , that some attacker wo n't have that info .
Same with having files encrypted on a laptop and the laptop getting stolen .
However , the difference between people and governments is that governments do n't care about ease of use .
People rather have ease of use over security .
Look how PGP webs of trust have almost gone extinct while S/MIME and SSL are the dominant factor... and I 'm sure almost no people have looked through the trusted root certificate store to see whom they are trusting.Now businesses : Their overriding motive is cost .
If they can get away with outright lying about encryption when in reality they are using no security at all , that 's good for their bottom line .
To them , security has no ROI , and every dollar spent towards security is one that is wasted and could be going to an exec 's retirement fund , or to fund more advertising.I have seen numerous businesses that did n't even want to secure their corporate wireless network .
Why ? They believed no hacker would drive to their facility with a high gain antenna .
To boot , most businesses I encountered that had this lax mentality , when I posed the question about what they would do if breached : " I 'll just call Geek Squad .
" A lot of businesses , a security breach will cost them nothing , even if all their payroll data and personal employee data ends up leaked.Upper level business management just has zero incentive for security .
Public relations mishaps can be easily patched up by putting out a new security " policy " that makes no sense , then paying for an ad blitz .
I do n't know about Europe , but Americans have a short memory , and are used to hearing " company foo had someone store 5,000,000 records on a laptop and the laptop got stolen and all the stuff is now on the Internet... want a year 's subscription to a ID theft detection plan if you are one of those victimized ?
" You wo n't be seeing any improvements in security from the private sector because there is no real reason to actually institute it .
If a backup tape is lost , throw the guy the guy who dropped the tape under the bus and call it done .
Security is a cost center , thus by modern MBA philosophy , it needs to be cut no matter what , even if it leaves a company at major risk.So , if you want to see any real security in the commercial sector , you have to get after governments to get regulations out there .
Not knee-jerk shit like Sarbanes Oxley which has made the storage companies rich but has done nothing for data confidentiality , but stuff like PCI-DSS which makes it hurt and hurt bad if there is a security breach .
We also need data storage time limits , and laws requiring as little information as possible to complete a transaction.The key is that businesses are not self policing .
Unless they are kicked in the butt by the government to do honest to God security measures which work , they will not do a single thing except PR campaigns.GSM falls under this .
What the EU and US need to do is get the next iteration of the GSM standard to use well known hardware protocols , with a failover algorithm in case of the feared complete crack .
The SIM card should use AES-256 and a fall back to Serpent or even 3DES for the bulk encryption algorithm .
Yes , we will have to use block ciphers in stream mode , but modern chips can handle that .
For the public keys , RSA [ 1 ] goes without saying , but a backup algorithm should be ECC , as that is re</tokentext>
<sentencetext>Actually, let me put this in a different way:  You have three groups of people.The governments.Businesses (not just meaning the megacorps, but even SMBs).The people.The governments WANT good security, cost be damned.
They want to have AES-256 while the other guys are still using rot-13.
If their secrets get cracked, it might be that they may not be around in a few years.
Look at WWII and how the cracked Enigma hurt Germany and the Navajo code talkers kept the US secrets protected.The people want good security too, but ease of use matters.
They want to know that if they send something via a secure tunnel, that some attacker won't have that info.
Same with having files encrypted on a laptop and the laptop getting stolen.
However, the difference between people and governments is that governments don't care about ease of use.
People rather have ease of use over security.
Look how PGP webs of trust have almost gone extinct while S/MIME and SSL are the dominant factor... and I'm sure almost no people have looked through the trusted root certificate store to see whom they are trusting.Now businesses:  Their overriding motive is cost.
If they can get away with outright lying about encryption when in reality they are using no security at all, that's good for their bottom line.
To them, security has no ROI, and every dollar spent towards security is one that is wasted and could be going to an exec's retirement fund, or to fund more advertising.I have seen numerous businesses that didn't even want to secure their corporate wireless network.
Why?  They believed no hacker would drive to their facility with a high gain antenna.
To boot, most businesses I encountered that had this lax mentality, when I posed the question about what they would do if breached:  "I'll just call Geek Squad.
"  A lot of businesses, a security breach will cost them nothing, even if all their payroll data and personal employee data ends up leaked.Upper level business management just has zero incentive for security.
Public relations mishaps can be easily patched up by putting out a new security "policy" that makes no sense, then paying for an ad blitz.
I don't know about Europe, but Americans have a short memory, and are used to hearing "company foo had someone store 5,000,000 records on a laptop and the laptop got stolen and all the stuff is now on the Internet... want a year's subscription to a ID theft detection plan if you are one of those victimized?
"You won't be seeing any improvements in security from the private sector because there is no real reason to actually institute it.
If a backup tape is lost, throw the guy the guy who dropped the tape under the bus and call it done.
Security is a cost center, thus by modern MBA philosophy, it needs to be cut no matter what, even if it leaves a company at major risk.So, if you want to see any real security in the commercial sector, you have to get after governments to get regulations out there.
Not knee-jerk shit like Sarbanes Oxley which has made the storage companies rich but has done nothing for data confidentiality, but stuff like PCI-DSS which makes it hurt and hurt bad if there is a security breach.
We also need data storage time limits, and laws requiring as little information as possible to complete a transaction.The key is that businesses are not self policing.
Unless they are kicked in the butt by the government to do honest to God security measures which work, they will not do a single thing except PR campaigns.GSM falls under this.
What the EU and US need to do is get the next iteration of the GSM standard to use well known hardware protocols, with a failover algorithm in case of the feared complete crack.
The SIM card should use AES-256 and a fall back to Serpent or even 3DES for the bulk encryption algorithm.
Yes, we will have to use block ciphers in stream mode, but modern chips can handle that.
For the public keys, RSA [1] goes without saying, but a backup algorithm should be ECC, as that is re</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578480</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578598</id>
	<title>What he is doing would be illegal...</title>
	<author>countertrolling</author>
	<datestamp>1262015400000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Good thing he's not in the states or Britain. I hope he doesn't plan on visiting or get extradited to either.</p><p><nobr> <wbr></nobr><i>...governments and intelligence agencies... well-funded criminal organization.</i></p><p>To anyone who says there's a difference, I want proof.</p></htmltext>
<tokenext>Good thing he 's not in the states or Britain .
I hope he does n't plan on visiting or get extradited to either .
...governments and intelligence agencies... well-funded criminal organization.To anyone who says there 's a difference , I want proof .</tokentext>
<sentencetext>Good thing he's not in the states or Britain.
I hope he doesn't plan on visiting or get extradited to either.
...governments and intelligence agencies... well-funded criminal organization.To anyone who says there's a difference, I want proof.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578194</id>
	<title>FP</title>
	<author>Anonymous</author>
	<datestamp>1262012160000</datestamp>
	<modclass>None</modclass>
	<modscore>-1</modscore>
	<htmltext>Cracked by me!</htmltext>
<tokenext>Cracked by me !</tokentext>
<sentencetext>Cracked by me!</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30580612</id>
	<title>Re:And this is a nearly unsolveable problem.</title>
	<author>AHuxley</author>
	<datestamp>1262087520000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>The state backed terror groups made the EU think long and hard when drawing up a new telco system.<br>
They where not going to let the press listen in, but did not want Enigma in your pocket.<br>  So they came up with the best system they could with the tech of the time. <br> They made it easy to track and listen in.   Leaders, celebs and important people got some cover from the press too. <br> The main reason it was not made strong was for fast voice recognition.  Known number, trigger word, decode, find ID, save or dump.</htmltext>
<tokenext>The state backed terror groups made the EU think long and hard when drawing up a new telco system .
They where not going to let the press listen in , but did not want Enigma in your pocket .
So they came up with the best system they could with the tech of the time .
They made it easy to track and listen in .
Leaders , celebs and important people got some cover from the press too .
The main reason it was not made strong was for fast voice recognition .
Known number , trigger word , decode , find ID , save or dump .</tokentext>
<sentencetext>The state backed terror groups made the EU think long and hard when drawing up a new telco system.
They where not going to let the press listen in, but did not want Enigma in your pocket.
So they came up with the best system they could with the tech of the time.
They made it easy to track and listen in.
Leaders, celebs and important people got some cover from the press too.
The main reason it was not made strong was for fast voice recognition.
Known number, trigger word, decode, find ID, save or dump.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578402</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30579488</id>
	<title>Re:And this is a nearly unsolveable problem.</title>
	<author>Anonymous</author>
	<datestamp>1262025480000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>You'd think that would help but then they have to implement the algorithm correctly.  WEP isn't insecure because RC4 was broken, it was insecure because their implementatiion of a "well known" algorithm was poorly done.</p></htmltext>
<tokenext>You 'd think that would help but then they have to implement the algorithm correctly .
WEP is n't insecure because RC4 was broken , it was insecure because their implementatiion of a " well known " algorithm was poorly done .</tokentext>
<sentencetext>You'd think that would help but then they have to implement the algorithm correctly.
WEP isn't insecure because RC4 was broken, it was insecure because their implementatiion of a "well known" algorithm was poorly done.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578402</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30584606</id>
	<title>Re:Criminals?</title>
	<author>HTH NE1</author>
	<datestamp>1262115480000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p><div class="quote"><p>Can someone please tell me the difference between "governments" and "well-funded criminal organizations"?</p></div><p>According to the quotation, the difference is that well-funded criminal organizations are reasonable.</p></div>
	</htmltext>
<tokenext>Can someone please tell me the difference between " governments " and " well-funded criminal organizations " ? According to the quotation , the difference is that well-funded criminal organizations are reasonable .</tokentext>
<sentencetext>Can someone please tell me the difference between "governments" and "well-funded criminal organizations"?According to the quotation, the difference is that well-funded criminal organizations are reasonable.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30579872</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30579366</id>
	<title>I love the use of the term "unintended surveillanc</title>
	<author>Anonymous</author>
	<datestamp>1262023860000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p><div class="quote"><p>operators, by simply modifying the existing algorithm, could thwart any unintended surveillance.</p></div><p>I love the use of the term "unintended surveillance".</p></div>
	</htmltext>
<tokenext>operators , by simply modifying the existing algorithm , could thwart any unintended surveillance.I love the use of the term " unintended surveillance " .</tokentext>
<sentencetext>operators, by simply modifying the existing algorithm, could thwart any unintended surveillance.I love the use of the term "unintended surveillance".
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578362</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30579996</id>
	<title>How narrow minded and short sighted.</title>
	<author>desmogod</author>
	<datestamp>1262119800000</datestamp>
	<modclass>None</modclass>
	<modscore>-1</modscore>
	<htmltext><p><div class="quote"><p>says Claire Cranton, a GSM spokeswoman,...snip...To do this while supposedly being concerned about privacy is beyond me.'</p></div><p>Wow, how narrow minded and short sighted of you, not all people break, crack and hack stuff for nefarious means, seriously, are you that stupid that the reasoning behind this is "beyond you"? or is it that you think others are beneath you?
Some do it because they can, other to see if they can, and some to show narrow minded, short sighted execs what \_could\_ be done by those with the skills.
Wise up, listen and act instead of pointing fingers and jumping up and down.</p></div>
	</htmltext>
<tokenext>says Claire Cranton , a GSM spokeswoman,...snip...To do this while supposedly being concerned about privacy is beyond me .
'Wow , how narrow minded and short sighted of you , not all people break , crack and hack stuff for nefarious means , seriously , are you that stupid that the reasoning behind this is " beyond you " ?
or is it that you think others are beneath you ?
Some do it because they can , other to see if they can , and some to show narrow minded , short sighted execs what \ _could \ _ be done by those with the skills .
Wise up , listen and act instead of pointing fingers and jumping up and down .</tokentext>
<sentencetext>says Claire Cranton, a GSM spokeswoman,...snip...To do this while supposedly being concerned about privacy is beyond me.
'Wow, how narrow minded and short sighted of you, not all people break, crack and hack stuff for nefarious means, seriously, are you that stupid that the reasoning behind this is "beyond you"?
or is it that you think others are beneath you?
Some do it because they can, other to see if they can, and some to show narrow minded, short sighted execs what \_could\_ be done by those with the skills.
Wise up, listen and act instead of pointing fingers and jumping up and down.
	</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578228</id>
	<title>A Haiku</title>
	<author>Anonymous</author>
	<datestamp>1262012520000</datestamp>
	<modclass>Funny</modclass>
	<modscore>3</modscore>
	<htmltext><p>G S M secure<br>All your financial passwords<br>Are belong to us</p></htmltext>
<tokenext>G S M secureAll your financial passwordsAre belong to us</tokentext>
<sentencetext>G S M secureAll your financial passwordsAre belong to us</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578428</id>
	<title>What the hell is wrong here?</title>
	<author>jonaskoelker</author>
	<datestamp>1262014020000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>4</modscore>
	<htmltext><p><div class="quote"><p>'This is theoretically possible but practically unlikely,' says Claire Cranton, a GSM spokeswoman, [...] 'To do this while supposedly being concerned about privacy is beyond me.'</p></div><p>What?  Come again?</p><p>If Ms. Cranton doesn't even know the argument for full disclosure, why is she the person speaking on behalf of the GSM Association?</p><p>Now, we can discuss among ourselves when full disclosure is better than limited disclosure and vice versa, but at least we understand both positions.  She doesn't?</p><p>Also, if the attack is practically unlikely, why the big concern about privacy?  Didn't Ms. Cranton just say this wasn't a big problem, yet at the same time shame Nohl for causing a big problem?</p><p><div class="quote"><p>Simon Bransfield-Garth, the chief executive of Cellcrypt, says Nohl's efforts <b>combined with inadequate security designed into the damn thing</b> could put sophisticated mobile interception technology [in the hands of outlaws].</p></div><p>Fixed that for Mr. Bransfield-Garth.  The system isn't weak because of Nohl's deeds or misdeeds.  It's weak because it's poorly designed.  I have seen telecoms security protocols.  Only banks have protocols worse than these<nobr> <wbr></nobr>:(</p></div>
	</htmltext>
<tokenext>'This is theoretically possible but practically unlikely, ' says Claire Cranton , a GSM spokeswoman , [ ... ] 'To do this while supposedly being concerned about privacy is beyond me.'What ?
Come again ? If Ms. Cranton does n't even know the argument for full disclosure , why is she the person speaking on behalf of the GSM Association ? Now , we can discuss among ourselves when full disclosure is better than limited disclosure and vice versa , but at least we understand both positions .
She does n't ? Also , if the attack is practically unlikely , why the big concern about privacy ?
Did n't Ms. Cranton just say this was n't a big problem , yet at the same time shame Nohl for causing a big problem ? Simon Bransfield-Garth , the chief executive of Cellcrypt , says Nohl 's efforts combined with inadequate security designed into the damn thing could put sophisticated mobile interception technology [ in the hands of outlaws ] .Fixed that for Mr. Bransfield-Garth. The system is n't weak because of Nohl 's deeds or misdeeds .
It 's weak because it 's poorly designed .
I have seen telecoms security protocols .
Only banks have protocols worse than these : (</tokentext>
<sentencetext>'This is theoretically possible but practically unlikely,' says Claire Cranton, a GSM spokeswoman, [...] 'To do this while supposedly being concerned about privacy is beyond me.'What?
Come again?If Ms. Cranton doesn't even know the argument for full disclosure, why is she the person speaking on behalf of the GSM Association?Now, we can discuss among ourselves when full disclosure is better than limited disclosure and vice versa, but at least we understand both positions.
She doesn't?Also, if the attack is practically unlikely, why the big concern about privacy?
Didn't Ms. Cranton just say this wasn't a big problem, yet at the same time shame Nohl for causing a big problem?Simon Bransfield-Garth, the chief executive of Cellcrypt, says Nohl's efforts combined with inadequate security designed into the damn thing could put sophisticated mobile interception technology [in the hands of outlaws].Fixed that for Mr. Bransfield-Garth.  The system isn't weak because of Nohl's deeds or misdeeds.
It's weak because it's poorly designed.
I have seen telecoms security protocols.
Only banks have protocols worse than these :(
	</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30582640</id>
	<title>Re:Not a smart move</title>
	<author>AntiDragon</author>
	<datestamp>1262105820000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>*squints* Where be those sarcasm tags, arrr !?</p></htmltext>
<tokenext>* squints * Where be those sarcasm tags , arrr !
?</tokentext>
<sentencetext>*squints* Where be those sarcasm tags, arrr !
?</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30579720</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30579786</id>
	<title>Re:Ha Ha</title>
	<author>Martin P. Hellwig</author>
	<datestamp>1262116800000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>So is it more likely that people are incompetent than deliberately immoral? My experience is rather more blurred, people tend to be very incompetent in rejecting immoral orders, even if they are fully aware of their immoral nature. But then again not following orders on something as vaguely defined as morality isn't that easy anyway. Or as a drill sergeant of mine used to say; 'It may not be heroic, but living in guilt of an order well executed is still preferable than the prospect of letting your own children starve'.  Or as Bertolt Brecht put it: 'Erst kommt das Fressen, dann kommt die Moral'.</p><p>About conspiracies in general, I always find it surprising that I generally accept the main stream media as truth, though I am equally surprised every time a subject is brought forward, of which I have expertise, that it is at best presented wrongly, leading to the wrong conclusions but most of the time just plain wrong.</p><p>It is in the nature of humans to try to explain their world in alternative terms to suit what ever fits best, that doesn't necessarily has to be that what actually happened. But then again, can you blame the conspiracies theorist in making theories if the official theory itself doesn't fit Occam's razor?</p><p>So what has it to to with wiretaps? Well I sure always found it easier to do things when I thought it was necessary than to wait for formal permission/cooperation of the telco, perhaps because strictly speaking I shouldn't be doing it anyway. Although I wasn't in the position to official do wiretaps I was in the position to write up some of the technical requirements of the network itself, which is good enough for all intends and purposes.</p></htmltext>
<tokenext>So is it more likely that people are incompetent than deliberately immoral ?
My experience is rather more blurred , people tend to be very incompetent in rejecting immoral orders , even if they are fully aware of their immoral nature .
But then again not following orders on something as vaguely defined as morality is n't that easy anyway .
Or as a drill sergeant of mine used to say ; 'It may not be heroic , but living in guilt of an order well executed is still preferable than the prospect of letting your own children starve' .
Or as Bertolt Brecht put it : 'Erst kommt das Fressen , dann kommt die Moral'.About conspiracies in general , I always find it surprising that I generally accept the main stream media as truth , though I am equally surprised every time a subject is brought forward , of which I have expertise , that it is at best presented wrongly , leading to the wrong conclusions but most of the time just plain wrong.It is in the nature of humans to try to explain their world in alternative terms to suit what ever fits best , that does n't necessarily has to be that what actually happened .
But then again , can you blame the conspiracies theorist in making theories if the official theory itself does n't fit Occam 's razor ? So what has it to to with wiretaps ?
Well I sure always found it easier to do things when I thought it was necessary than to wait for formal permission/cooperation of the telco , perhaps because strictly speaking I should n't be doing it anyway .
Although I was n't in the position to official do wiretaps I was in the position to write up some of the technical requirements of the network itself , which is good enough for all intends and purposes .</tokentext>
<sentencetext>So is it more likely that people are incompetent than deliberately immoral?
My experience is rather more blurred, people tend to be very incompetent in rejecting immoral orders, even if they are fully aware of their immoral nature.
But then again not following orders on something as vaguely defined as morality isn't that easy anyway.
Or as a drill sergeant of mine used to say; 'It may not be heroic, but living in guilt of an order well executed is still preferable than the prospect of letting your own children starve'.
Or as Bertolt Brecht put it: 'Erst kommt das Fressen, dann kommt die Moral'.About conspiracies in general, I always find it surprising that I generally accept the main stream media as truth, though I am equally surprised every time a subject is brought forward, of which I have expertise, that it is at best presented wrongly, leading to the wrong conclusions but most of the time just plain wrong.It is in the nature of humans to try to explain their world in alternative terms to suit what ever fits best, that doesn't necessarily has to be that what actually happened.
But then again, can you blame the conspiracies theorist in making theories if the official theory itself doesn't fit Occam's razor?So what has it to to with wiretaps?
Well I sure always found it easier to do things when I thought it was necessary than to wait for formal permission/cooperation of the telco, perhaps because strictly speaking I shouldn't be doing it anyway.
Although I wasn't in the position to official do wiretaps I was in the position to write up some of the technical requirements of the network itself, which is good enough for all intends and purposes.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578700</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30582556</id>
	<title>Hes nothing but a criminal</title>
	<author>Stan92057</author>
	<datestamp>1262105340000</datestamp>
	<modclass>Troll</modclass>
	<modscore>-1</modscore>
	<htmltext>Hes nothing but a criminal in descise. What did he do? he deciphered the code,he didn't find a flaw or anything else he just figured out that the code is. Then just like all spoiled hackers who are ignored, he published it. Will normal people use the code? No,Governments already know the codes so that only leaves the criminals and voyeurs. The man belongs in jail if one person looses money because of him publishing the code,its just that simple.</htmltext>
<tokenext>Hes nothing but a criminal in descise .
What did he do ?
he deciphered the code,he did n't find a flaw or anything else he just figured out that the code is .
Then just like all spoiled hackers who are ignored , he published it .
Will normal people use the code ?
No,Governments already know the codes so that only leaves the criminals and voyeurs .
The man belongs in jail if one person looses money because of him publishing the code,its just that simple .</tokentext>
<sentencetext>Hes nothing but a criminal in descise.
What did he do?
he deciphered the code,he didn't find a flaw or anything else he just figured out that the code is.
Then just like all spoiled hackers who are ignored, he published it.
Will normal people use the code?
No,Governments already know the codes so that only leaves the criminals and voyeurs.
The man belongs in jail if one person looses money because of him publishing the code,its just that simple.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30579280</id>
	<title>Re:GSM Talk Video</title>
	<author>Anonymous</author>
	<datestamp>1262022960000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Raw indeed. I can't get the files to play back properly on any media player I've got access to.</p><p>MPC-HC (latest) either crashes or hangs when opening the file. VLC (latest) plays the video, but audio cannot be heard. Mplayer with Smplayer GUI just crashes. Latest Directshow filters from xiph.org and WMP crashes. Tried disabling MPC-HC's internal filters and same crashing occurs.</p><p>If this is the state of open source video, I'm not surprised the adoption is so slow.</p></htmltext>
<tokenext>Raw indeed .
I ca n't get the files to play back properly on any media player I 've got access to.MPC-HC ( latest ) either crashes or hangs when opening the file .
VLC ( latest ) plays the video , but audio can not be heard .
Mplayer with Smplayer GUI just crashes .
Latest Directshow filters from xiph.org and WMP crashes .
Tried disabling MPC-HC 's internal filters and same crashing occurs.If this is the state of open source video , I 'm not surprised the adoption is so slow .</tokentext>
<sentencetext>Raw indeed.
I can't get the files to play back properly on any media player I've got access to.MPC-HC (latest) either crashes or hangs when opening the file.
VLC (latest) plays the video, but audio cannot be heard.
Mplayer with Smplayer GUI just crashes.
Latest Directshow filters from xiph.org and WMP crashes.
Tried disabling MPC-HC's internal filters and same crashing occurs.If this is the state of open source video, I'm not surprised the adoption is so slow.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578470</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30581418</id>
	<title>Hogan's Heroes anecdote</title>
	<author>DickieRay</author>
	<datestamp>1262097600000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>2</modscore>
	<htmltext><p>'This is theoretically possible but practically unlikely,' says Claire Cranton, a GSM spokeswoman, noting that no one else had broken the code since its adoption.</p><p>"There has never been a successful escape from Stalag 13." - Werner Klemperer as Colonel Klink, Hogan's Heroes</p></htmltext>
<tokenext>'This is theoretically possible but practically unlikely, ' says Claire Cranton , a GSM spokeswoman , noting that no one else had broken the code since its adoption .
" There has never been a successful escape from Stalag 13 .
" - Werner Klemperer as Colonel Klink , Hogan 's Heroes</tokentext>
<sentencetext>'This is theoretically possible but practically unlikely,' says Claire Cranton, a GSM spokeswoman, noting that no one else had broken the code since its adoption.
"There has never been a successful escape from Stalag 13.
" - Werner Klemperer as Colonel Klink, Hogan's Heroes</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30579888</id>
	<title>It could be more secure</title>
	<author>Anonymous</author>
	<datestamp>1262118420000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext>It could be more secure if the TSA were put in charge. Random body cavity searches for cellphone users would make me feel more secure about talking on my cellphone. Limiting calls to between 3am and 3:15 am local time would also be effective at defeating any attempt to use Al Gore-isms to decrypt my calls. The TSA is da bomb.</htmltext>
<tokenext>It could be more secure if the TSA were put in charge .
Random body cavity searches for cellphone users would make me feel more secure about talking on my cellphone .
Limiting calls to between 3am and 3 : 15 am local time would also be effective at defeating any attempt to use Al Gore-isms to decrypt my calls .
The TSA is da bomb .</tokentext>
<sentencetext>It could be more secure if the TSA were put in charge.
Random body cavity searches for cellphone users would make me feel more secure about talking on my cellphone.
Limiting calls to between 3am and 3:15 am local time would also be effective at defeating any attempt to use Al Gore-isms to decrypt my calls.
The TSA is da bomb.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578610</id>
	<title>Wait a minute....</title>
	<author>Anonymous</author>
	<datestamp>1262015520000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>"This is theoretically possible but practically unlikely"</p><p>"This will reduce the time to break a GSM call from weeks to hours"</p></htmltext>
<tokenext>" This is theoretically possible but practically unlikely " " This will reduce the time to break a GSM call from weeks to hours "</tokentext>
<sentencetext>"This is theoretically possible but practically unlikely""This will reduce the time to break a GSM call from weeks to hours"</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578432</id>
	<title>basic rules of crypto</title>
	<author>bcrowell</author>
	<datestamp>1262014080000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>
One of the basic rules of the game for anyone who's a competent cryptographer is that if you're not selling snake-oil, you expose your <i>algorithm</i> to public scrutiny. The modern approach to crypto is based on the assumption that it's only the keys that are secret, not the algorithm. If you don't take this approach, then essentially you never have any way of knowing whether what you've got is any good. Imagine if Toyota thought that it was a good idea to suppress discussion and research about reports of uncontrolled acceleration in their cars. Now imagine that Toyota was able to get the government to pass a law suppressing such discussion. Then how would you ever know if your car was safe or not?
</p><p>
They can't even keep their story straight. First they say that the attack is "theoretically possible but practically unlikely." Then they say that it's so bad and evil that it's a good thing that "What he is doing would be illegal in Britain and the United States." How can it be so bad and evil if it's not workable?
</p><p>
I can understand why companies that sell DRM'd media want to outlaw academic research into their encryption methods. It makes sense, because DRM is fundamentally snake-oil, and it can never be anything but snake oil. Therefore the only way they can keep on selling their snake oil is to forbid open discussion. This is why we have the anti-circumvention parts of the DMCA. It's an evil position, but it's an intelligent, self-consistent evil position.
</p><p>
But cell phone carriers really can provide good security, if they try hard enough. There is nothing fundamentally theoretically suspect about secure communication, as there is about DRM. So why do they need to try to suppress research? It seems like it would have to be because they're either incompetent or stupid.
</p></htmltext>
<tokenext>One of the basic rules of the game for anyone who 's a competent cryptographer is that if you 're not selling snake-oil , you expose your algorithm to public scrutiny .
The modern approach to crypto is based on the assumption that it 's only the keys that are secret , not the algorithm .
If you do n't take this approach , then essentially you never have any way of knowing whether what you 've got is any good .
Imagine if Toyota thought that it was a good idea to suppress discussion and research about reports of uncontrolled acceleration in their cars .
Now imagine that Toyota was able to get the government to pass a law suppressing such discussion .
Then how would you ever know if your car was safe or not ?
They ca n't even keep their story straight .
First they say that the attack is " theoretically possible but practically unlikely .
" Then they say that it 's so bad and evil that it 's a good thing that " What he is doing would be illegal in Britain and the United States .
" How can it be so bad and evil if it 's not workable ?
I can understand why companies that sell DRM 'd media want to outlaw academic research into their encryption methods .
It makes sense , because DRM is fundamentally snake-oil , and it can never be anything but snake oil .
Therefore the only way they can keep on selling their snake oil is to forbid open discussion .
This is why we have the anti-circumvention parts of the DMCA .
It 's an evil position , but it 's an intelligent , self-consistent evil position .
But cell phone carriers really can provide good security , if they try hard enough .
There is nothing fundamentally theoretically suspect about secure communication , as there is about DRM .
So why do they need to try to suppress research ?
It seems like it would have to be because they 're either incompetent or stupid .</tokentext>
<sentencetext>
One of the basic rules of the game for anyone who's a competent cryptographer is that if you're not selling snake-oil, you expose your algorithm to public scrutiny.
The modern approach to crypto is based on the assumption that it's only the keys that are secret, not the algorithm.
If you don't take this approach, then essentially you never have any way of knowing whether what you've got is any good.
Imagine if Toyota thought that it was a good idea to suppress discussion and research about reports of uncontrolled acceleration in their cars.
Now imagine that Toyota was able to get the government to pass a law suppressing such discussion.
Then how would you ever know if your car was safe or not?
They can't even keep their story straight.
First they say that the attack is "theoretically possible but practically unlikely.
" Then they say that it's so bad and evil that it's a good thing that "What he is doing would be illegal in Britain and the United States.
" How can it be so bad and evil if it's not workable?
I can understand why companies that sell DRM'd media want to outlaw academic research into their encryption methods.
It makes sense, because DRM is fundamentally snake-oil, and it can never be anything but snake oil.
Therefore the only way they can keep on selling their snake oil is to forbid open discussion.
This is why we have the anti-circumvention parts of the DMCA.
It's an evil position, but it's an intelligent, self-consistent evil position.
But cell phone carriers really can provide good security, if they try hard enough.
There is nothing fundamentally theoretically suspect about secure communication, as there is about DRM.
So why do they need to try to suppress research?
It seems like it would have to be because they're either incompetent or stupid.
</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30580654</id>
	<title>Re:A Haiku</title>
	<author>SgtChaireBourne</author>
	<datestamp>1262088120000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p><div class="quote"><p>G S M secure<br>
All your financial passwords<br>
Are belong to us</p></div><p>
Half-assed system<br>
Authenticates one side<br>
Spoofing cash transfer</p></div>
	</htmltext>
<tokenext>G S M secure All your financial passwords Are belong to us Half-assed system Authenticates one side Spoofing cash transfer</tokentext>
<sentencetext>G S M secure
All your financial passwords
Are belong to us
Half-assed system
Authenticates one side
Spoofing cash transfer
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578228</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30580620</id>
	<title>Re:Pna lbh urne zr abj?</title>
	<author>Anonymous</author>
	<datestamp>1262087640000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Uncryption:</p><p>Can you hear me now?</p><p>Why yes, I can!<br>- NSA</p></htmltext>
<tokenext>Uncryption : Can you hear me now ? Why yes , I can ! - NSA</tokentext>
<sentencetext>Uncryption:Can you hear me now?Why yes, I can!- NSA</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578212</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30580134</id>
	<title>Re:And this is a nearly unsolveable problem.</title>
	<author>Anonymous</author>
	<datestamp>1262079000000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Between hackers, government, evil telco employees, evil government employees its not worth thinking any phone conversation is secure even if all security measures were infallable.</p><p>If you want to communicate over distance in private use a VPN, SRTP, zphone..etc.  End to end encryption is your friend.</p><p>Criminial abuse of the network for profit or stalking is something in all carriers best interests to address.</p><p>I guess in general there needs to be more cipher agility in the network layer of mobile phones.  My fear is the ever omnipresent and universal "SIM" card will be hopelessly fragmented in the process denying customers the same level of freedom of device selection they now enjoy.</p><p>Heres an analogy most of us non-telco ppl get..  Most Internet hotspots are not secure allowing attackers to easily at the very least hijack paying customers sessions.  Hotspots are in widespread use and there is no sign of that changing anytime soon despite a number of efforts to provide secure solutions.</p><p>At some level there is a practical consideration WRT cost of fixing the problem (includes wholesale replacement of billions of handsets) or live with some measure of fraud and abuse.  Unfortunately the value propisition is able to change much more rapidly than the technology so carriers need to be very very careful.</p><p>Future xG protocols should at least start demanding better security so there can be reasonable transition to new technologies at some finite point in the future.</p></htmltext>
<tokenext>Between hackers , government , evil telco employees , evil government employees its not worth thinking any phone conversation is secure even if all security measures were infallable.If you want to communicate over distance in private use a VPN , SRTP , zphone..etc .
End to end encryption is your friend.Criminial abuse of the network for profit or stalking is something in all carriers best interests to address.I guess in general there needs to be more cipher agility in the network layer of mobile phones .
My fear is the ever omnipresent and universal " SIM " card will be hopelessly fragmented in the process denying customers the same level of freedom of device selection they now enjoy.Heres an analogy most of us non-telco ppl get.. Most Internet hotspots are not secure allowing attackers to easily at the very least hijack paying customers sessions .
Hotspots are in widespread use and there is no sign of that changing anytime soon despite a number of efforts to provide secure solutions.At some level there is a practical consideration WRT cost of fixing the problem ( includes wholesale replacement of billions of handsets ) or live with some measure of fraud and abuse .
Unfortunately the value propisition is able to change much more rapidly than the technology so carriers need to be very very careful.Future xG protocols should at least start demanding better security so there can be reasonable transition to new technologies at some finite point in the future .</tokentext>
<sentencetext>Between hackers, government, evil telco employees, evil government employees its not worth thinking any phone conversation is secure even if all security measures were infallable.If you want to communicate over distance in private use a VPN, SRTP, zphone..etc.
End to end encryption is your friend.Criminial abuse of the network for profit or stalking is something in all carriers best interests to address.I guess in general there needs to be more cipher agility in the network layer of mobile phones.
My fear is the ever omnipresent and universal "SIM" card will be hopelessly fragmented in the process denying customers the same level of freedom of device selection they now enjoy.Heres an analogy most of us non-telco ppl get..  Most Internet hotspots are not secure allowing attackers to easily at the very least hijack paying customers sessions.
Hotspots are in widespread use and there is no sign of that changing anytime soon despite a number of efforts to provide secure solutions.At some level there is a practical consideration WRT cost of fixing the problem (includes wholesale replacement of billions of handsets) or live with some measure of fraud and abuse.
Unfortunately the value propisition is able to change much more rapidly than the technology so carriers need to be very very careful.Future xG protocols should at least start demanding better security so there can be reasonable transition to new technologies at some finite point in the future.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578402</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578510</id>
	<title>Security through incompetance?</title>
	<author>Anonymous</author>
	<datestamp>1262014620000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>"To do this while supposedly being concerned about privacy is beyond me."</p><p>And thence lies the problem.</p></htmltext>
<tokenext>" To do this while supposedly being concerned about privacy is beyond me .
" And thence lies the problem .</tokentext>
<sentencetext>"To do this while supposedly being concerned about privacy is beyond me.
"And thence lies the problem.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578806</id>
	<title>Who cares anyway?</title>
	<author>gzipped\_tar</author>
	<datestamp>1262017740000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>An increasing number of people I know are stopping using mobile phones blindly. One should use mobile phones like postcards -- you say something over the phone only if you could shout the same thing to the public without having privacy concerns.</htmltext>
<tokenext>An increasing number of people I know are stopping using mobile phones blindly .
One should use mobile phones like postcards -- you say something over the phone only if you could shout the same thing to the public without having privacy concerns .</tokentext>
<sentencetext>An increasing number of people I know are stopping using mobile phones blindly.
One should use mobile phones like postcards -- you say something over the phone only if you could shout the same thing to the public without having privacy concerns.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30580756</id>
	<title>"Illegal and Overstated"</title>
	<author>Anonymous</author>
	<datestamp>1262089620000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>This sounds a bit like the Scientology Defense - "this is completely made up and it's also copyrighted by us."</p></htmltext>
<tokenext>This sounds a bit like the Scientology Defense - " this is completely made up and it 's also copyrighted by us .
"</tokentext>
<sentencetext>This sounds a bit like the Scientology Defense - "this is completely made up and it's also copyrighted by us.
"</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30579478</id>
	<title>Re:And this is a nearly unsolveable problem.</title>
	<author>Johnno74</author>
	<datestamp>1262025360000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Bad choice of algorithm isn't normally the cause of a break in a crypto system.  Its normally caused by the bad implementation of an algorythm, or handling the keys badly.</p><p>Did you know WEP uses RC4?  RC4 *can* be fairly secure, SSL still uses it.</p><p>Unfortunately RC4 has known weaknesses, and the WEP spec wasn't written to avoid these weaknesses.</p></htmltext>
<tokenext>Bad choice of algorithm is n't normally the cause of a break in a crypto system .
Its normally caused by the bad implementation of an algorythm , or handling the keys badly.Did you know WEP uses RC4 ?
RC4 * can * be fairly secure , SSL still uses it.Unfortunately RC4 has known weaknesses , and the WEP spec was n't written to avoid these weaknesses .</tokentext>
<sentencetext>Bad choice of algorithm isn't normally the cause of a break in a crypto system.
Its normally caused by the bad implementation of an algorythm, or handling the keys badly.Did you know WEP uses RC4?
RC4 *can* be fairly secure, SSL still uses it.Unfortunately RC4 has known weaknesses, and the WEP spec wasn't written to avoid these weaknesses.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578402</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578974</id>
	<title>Re:Irony</title>
	<author>mlts</author>
	<datestamp>1262019780000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>This is why GSM was invented.  In the days of analog phones, it was not hard at all for a decently equipped thief to clone a phone and either make calls, or sell the cloned phone for cash.  This goes until the victim calls the cellphone provider about the multi-thousand dollar bills.</p><p>For a long while, GSM's security through obscurity did well for protection, but if this guy can decrypt the algorithm, I'm sure blackhat organizations have been exploiting this for fraud for years.</p></htmltext>
<tokenext>This is why GSM was invented .
In the days of analog phones , it was not hard at all for a decently equipped thief to clone a phone and either make calls , or sell the cloned phone for cash .
This goes until the victim calls the cellphone provider about the multi-thousand dollar bills.For a long while , GSM 's security through obscurity did well for protection , but if this guy can decrypt the algorithm , I 'm sure blackhat organizations have been exploiting this for fraud for years .</tokentext>
<sentencetext>This is why GSM was invented.
In the days of analog phones, it was not hard at all for a decently equipped thief to clone a phone and either make calls, or sell the cloned phone for cash.
This goes until the victim calls the cellphone provider about the multi-thousand dollar bills.For a long while, GSM's security through obscurity did well for protection, but if this guy can decrypt the algorithm, I'm sure blackhat organizations have been exploiting this for fraud for years.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578392</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30579130</id>
	<title>Re:And this is a nearly unsolveable problem.</title>
	<author>plover</author>
	<datestamp>1262021400000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>4</modscore>
	<htmltext><p><div class="quote"><p>I have never understood why systems like GSM, Wifi, or whatever didn't or don't use well known crypto algorithms (and already implemented in hardware even).</p></div><p>Because 22 years ago when it was developed, the processing power and electrical power requirements required for DES to keep pace with a voice stream with automatic error recovery and no more than about 100 milliseconds of delay would likely have been prohibitively expensive for a device intended for the mass market.  In addition, the U.S. government's ITAR/EAR restrictions would have made it almost impossible to import or export such devices into or out of the country, and ignoring the U.S. cell phone market could have meant financial ruin for the cell phone makers.</p><p>A5/1 probably got laughed at by the NSA wonks, who said, "Sure, let them import it."</p><p>And for those who would point out it's a European standard that doesn't care about American laws, the French have placed far more restrictions on encryption than the U.S. government ever has.  Strong encryption would have cut both of those markets out.</p></div>
	</htmltext>
<tokenext>I have never understood why systems like GSM , Wifi , or whatever did n't or do n't use well known crypto algorithms ( and already implemented in hardware even ) .Because 22 years ago when it was developed , the processing power and electrical power requirements required for DES to keep pace with a voice stream with automatic error recovery and no more than about 100 milliseconds of delay would likely have been prohibitively expensive for a device intended for the mass market .
In addition , the U.S. government 's ITAR/EAR restrictions would have made it almost impossible to import or export such devices into or out of the country , and ignoring the U.S. cell phone market could have meant financial ruin for the cell phone makers.A5/1 probably got laughed at by the NSA wonks , who said , " Sure , let them import it .
" And for those who would point out it 's a European standard that does n't care about American laws , the French have placed far more restrictions on encryption than the U.S. government ever has .
Strong encryption would have cut both of those markets out .</tokentext>
<sentencetext>I have never understood why systems like GSM, Wifi, or whatever didn't or don't use well known crypto algorithms (and already implemented in hardware even).Because 22 years ago when it was developed, the processing power and electrical power requirements required for DES to keep pace with a voice stream with automatic error recovery and no more than about 100 milliseconds of delay would likely have been prohibitively expensive for a device intended for the mass market.
In addition, the U.S. government's ITAR/EAR restrictions would have made it almost impossible to import or export such devices into or out of the country, and ignoring the U.S. cell phone market could have meant financial ruin for the cell phone makers.A5/1 probably got laughed at by the NSA wonks, who said, "Sure, let them import it.
"And for those who would point out it's a European standard that doesn't care about American laws, the French have placed far more restrictions on encryption than the U.S. government ever has.
Strong encryption would have cut both of those markets out.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578402</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578362</id>
	<title>This is the epitome of security through obscurity</title>
	<author>selven</author>
	<datestamp>1262013360000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>4</modscore>
	<htmltext><p><div class="quote"><p>worked independently to generate the necessary volume of random combinations until they reproduced the G.S.M. algorithm&rsquo;s code book &mdash; a vast log of binary codes that could theoretically be used to decipher G.S.M. phone calls.</p></div><p>Wait, so just having the encoding algorithm is enough to decipher a message? That's kindergarten cryptography, not something designed for the real world.</p><p><div class="quote"><p>The group said that hackers intent on illegal eavesdropping would need a radio receiver system and signal processing software to process raw radio data, much of which is copyrighted.</p></div><p>Yes, that's right. Their main weapon in defending your privacy against crackers who don't care about the law at all is <b>copyright</b>.</p><p><div class="quote"><p>operators, by simply modifying the existing algorithm, could thwart any unintended surveillance.</p></div><p>If that's not security through obscurity, I don't know what is.</p></div>
	</htmltext>
<tokenext>worked independently to generate the necessary volume of random combinations until they reproduced the G.S.M .
algorithm    s code book    a vast log of binary codes that could theoretically be used to decipher G.S.M .
phone calls.Wait , so just having the encoding algorithm is enough to decipher a message ?
That 's kindergarten cryptography , not something designed for the real world.The group said that hackers intent on illegal eavesdropping would need a radio receiver system and signal processing software to process raw radio data , much of which is copyrighted.Yes , that 's right .
Their main weapon in defending your privacy against crackers who do n't care about the law at all is copyright.operators , by simply modifying the existing algorithm , could thwart any unintended surveillance.If that 's not security through obscurity , I do n't know what is .</tokentext>
<sentencetext>worked independently to generate the necessary volume of random combinations until they reproduced the G.S.M.
algorithm’s code book — a vast log of binary codes that could theoretically be used to decipher G.S.M.
phone calls.Wait, so just having the encoding algorithm is enough to decipher a message?
That's kindergarten cryptography, not something designed for the real world.The group said that hackers intent on illegal eavesdropping would need a radio receiver system and signal processing software to process raw radio data, much of which is copyrighted.Yes, that's right.
Their main weapon in defending your privacy against crackers who don't care about the law at all is copyright.operators, by simply modifying the existing algorithm, could thwart any unintended surveillance.If that's not security through obscurity, I don't know what is.
	</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30579770</id>
	<title>Re:What the hell is wrong here?</title>
	<author>Anonymous</author>
	<datestamp>1262030100000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>These kinds of people generally fall into two kinds. The first kind believes their own bullshit. The second kind knows that it doesn't matter if they believe their own bullshit because most people will. Would *you* hire a person for a PR job that wasn't willing to do damage control at all costs?</p><p>No? You're too honest? Yeah, me too. That's why we aren't in charge of hiring PR people.</p></htmltext>
<tokenext>These kinds of people generally fall into two kinds .
The first kind believes their own bullshit .
The second kind knows that it does n't matter if they believe their own bullshit because most people will .
Would * you * hire a person for a PR job that was n't willing to do damage control at all costs ? No ?
You 're too honest ?
Yeah , me too .
That 's why we are n't in charge of hiring PR people .</tokentext>
<sentencetext>These kinds of people generally fall into two kinds.
The first kind believes their own bullshit.
The second kind knows that it doesn't matter if they believe their own bullshit because most people will.
Would *you* hire a person for a PR job that wasn't willing to do damage control at all costs?No?
You're too honest?
Yeah, me too.
That's why we aren't in charge of hiring PR people.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578428</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30586178</id>
	<title>Re:And this is a nearly unsolveable problem.</title>
	<author>Yvanhoe</author>
	<datestamp>1262079420000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>When "nice" hackers have done it. It is very plausible that criminals with good finance and potential huge gains did it before.</htmltext>
<tokenext>When " nice " hackers have done it .
It is very plausible that criminals with good finance and potential huge gains did it before .</tokentext>
<sentencetext>When "nice" hackers have done it.
It is very plausible that criminals with good finance and potential huge gains did it before.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578258</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30599712</id>
	<title>Re:Comparison with CDMA</title>
	<author>Guy Harris</author>
	<datestamp>1259835660000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p><div class="quote"><p>CDMA uses the <a href="http://www.schneier.com/paper-cmea.pdf" title="schneier.com">CMEA</a> [schneier.com] and <a href="http://www.schneier.com/paper-oryx.pdf" title="schneier.com">ORYX</a> [schneier.com] algorithms, which are pretty weak as well, as shown in the linked papers.</p></div><p>That's presumably "CDMA" as in "Qualcomm's cdmaOne and CDMA2000", not "CDMA" as in "Code Division Multiple Access".</p><p><div class="quote"><p>However, CDMA has somewhat of an advantage, because it's difficult to obtain the encrypted data stream in the first place: the nature of CDMA transmission means you can't pull a signal out of the noise unless you know the codes being used by the base station and handset.</p></div><p>That sounds as if it's referring to "CDMA" as in "Code Division Multiple Access",   Does it apply to W-CDMA as used in UMTS 3G networks (such as AT&amp;T in the US and just about everybody in Europe)?</p></div>
	</htmltext>
<tokenext>CDMA uses the CMEA [ schneier.com ] and ORYX [ schneier.com ] algorithms , which are pretty weak as well , as shown in the linked papers.That 's presumably " CDMA " as in " Qualcomm 's cdmaOne and CDMA2000 " , not " CDMA " as in " Code Division Multiple Access " .However , CDMA has somewhat of an advantage , because it 's difficult to obtain the encrypted data stream in the first place : the nature of CDMA transmission means you ca n't pull a signal out of the noise unless you know the codes being used by the base station and handset.That sounds as if it 's referring to " CDMA " as in " Code Division Multiple Access " , Does it apply to W-CDMA as used in UMTS 3G networks ( such as AT&amp;T in the US and just about everybody in Europe ) ?</tokentext>
<sentencetext>CDMA uses the CMEA [schneier.com] and ORYX [schneier.com] algorithms, which are pretty weak as well, as shown in the linked papers.That's presumably "CDMA" as in "Qualcomm's cdmaOne and CDMA2000", not "CDMA" as in "Code Division Multiple Access".However, CDMA has somewhat of an advantage, because it's difficult to obtain the encrypted data stream in the first place: the nature of CDMA transmission means you can't pull a signal out of the noise unless you know the codes being used by the base station and handset.That sounds as if it's referring to "CDMA" as in "Code Division Multiple Access",   Does it apply to W-CDMA as used in UMTS 3G networks (such as AT&amp;T in the US and just about everybody in Europe)?
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30581322</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30583198</id>
	<title>The TFT says "Published"</title>
	<author>Anonymous</author>
	<datestamp>1262108760000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>.. but there aren't any links in TFA. Could anyone provide it here?</p></htmltext>
<tokenext>.. but there are n't any links in TFA .
Could anyone provide it here ?</tokentext>
<sentencetext>.. but there aren't any links in TFA.
Could anyone provide it here?</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578402</id>
	<title>Re:And this is a nearly unsolveable problem.</title>
	<author>Anonymous</author>
	<datestamp>1262013780000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>5</modscore>
	<htmltext><p>I have never understood why systems like GSM, Wifi, or whatever didn't or don't use well known crypto algorithms (and already implemented in hardware even).  Very smart people have already done the hard work and it has been time tested and proven secure.  DES (and by extension 3DES) encryption has been available for a long time, long before GSM "encryption" was invented.  Why didn't they just use that?  New systems should be using AES or equivalent modern and proven algorithms.</p><p>What the hell is wrong with the morons that designed these standards?  Cryptography is one of the hardest mathematical fields out there, attempting a home-grown solution is absurd and wasteful.</p><p>It seems like the Wifi groups finally got the hint when they introduced AES to the WPA standard.  Why it took them so long baffles me.  As I mentioned, we have had good hardware implementation that can do secure crypto work for ages and ages.  I mean most of the algorithms like DES and AES are <em>designed</em> to be implemented in hardware.</p></htmltext>
<tokenext>I have never understood why systems like GSM , Wifi , or whatever did n't or do n't use well known crypto algorithms ( and already implemented in hardware even ) .
Very smart people have already done the hard work and it has been time tested and proven secure .
DES ( and by extension 3DES ) encryption has been available for a long time , long before GSM " encryption " was invented .
Why did n't they just use that ?
New systems should be using AES or equivalent modern and proven algorithms.What the hell is wrong with the morons that designed these standards ?
Cryptography is one of the hardest mathematical fields out there , attempting a home-grown solution is absurd and wasteful.It seems like the Wifi groups finally got the hint when they introduced AES to the WPA standard .
Why it took them so long baffles me .
As I mentioned , we have had good hardware implementation that can do secure crypto work for ages and ages .
I mean most of the algorithms like DES and AES are designed to be implemented in hardware .</tokentext>
<sentencetext>I have never understood why systems like GSM, Wifi, or whatever didn't or don't use well known crypto algorithms (and already implemented in hardware even).
Very smart people have already done the hard work and it has been time tested and proven secure.
DES (and by extension 3DES) encryption has been available for a long time, long before GSM "encryption" was invented.
Why didn't they just use that?
New systems should be using AES or equivalent modern and proven algorithms.What the hell is wrong with the morons that designed these standards?
Cryptography is one of the hardest mathematical fields out there, attempting a home-grown solution is absurd and wasteful.It seems like the Wifi groups finally got the hint when they introduced AES to the WPA standard.
Why it took them so long baffles me.
As I mentioned, we have had good hardware implementation that can do secure crypto work for ages and ages.
I mean most of the algorithms like DES and AES are designed to be implemented in hardware.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578258</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578762</id>
	<title>Decrypting phone calls...really?</title>
	<author>Anonymous</author>
	<datestamp>1262017020000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext>I see how decrypting a phone call could be cool...if this was 1985 and i wanted to brag to my friends on BBS about it.  I know it wouldnt be impossible but how difficult would it be to follow one user around all day with surveillance equipment waiting for them to make one phone call.  i guess the thing to do would be to set up shop around a busy work place and setup a piece of hardware to log ALL of the GSM data traffic (text, net, and other packets) until you have a harddrive full of information.  At some point you would luck out and get some poor schmoes passwords and dirty text messages.<br> <br>or is that the actually concern.<br> <br>there is a story floating around about terrorist using $26 software to watch the video feeds from UAV's.  Basically they can do this because no one wants to spend the money to make the hardware and software secure...so the terrorist win.  But the only people affected by this dont have any recourse against the government if they are killed because of intercepted information.  But god forbid that my BFF Jill has her facebook password intercepted and stolen via text, because this will result in an endless series of lawsuits that will never fix the problem.<br> <br>This doesn't have anything to doe with global government, they could care less (they are always one subpeona (if you are lucky) from ALL of your personal data).  This comes down to the fact that, for what its worth, GSM encryption worked well enough, it was reliable, and most importantly, it had payed for itself.<br> <br>So now, the real concerns is how can they replace it before GSM providers start getting their asses sued off, and how cheaply can they do it.</htmltext>
<tokenext>I see how decrypting a phone call could be cool...if this was 1985 and i wanted to brag to my friends on BBS about it .
I know it wouldnt be impossible but how difficult would it be to follow one user around all day with surveillance equipment waiting for them to make one phone call .
i guess the thing to do would be to set up shop around a busy work place and setup a piece of hardware to log ALL of the GSM data traffic ( text , net , and other packets ) until you have a harddrive full of information .
At some point you would luck out and get some poor schmoes passwords and dirty text messages .
or is that the actually concern .
there is a story floating around about terrorist using $ 26 software to watch the video feeds from UAV 's .
Basically they can do this because no one wants to spend the money to make the hardware and software secure...so the terrorist win .
But the only people affected by this dont have any recourse against the government if they are killed because of intercepted information .
But god forbid that my BFF Jill has her facebook password intercepted and stolen via text , because this will result in an endless series of lawsuits that will never fix the problem .
This does n't have anything to doe with global government , they could care less ( they are always one subpeona ( if you are lucky ) from ALL of your personal data ) .
This comes down to the fact that , for what its worth , GSM encryption worked well enough , it was reliable , and most importantly , it had payed for itself .
So now , the real concerns is how can they replace it before GSM providers start getting their asses sued off , and how cheaply can they do it .</tokentext>
<sentencetext>I see how decrypting a phone call could be cool...if this was 1985 and i wanted to brag to my friends on BBS about it.
I know it wouldnt be impossible but how difficult would it be to follow one user around all day with surveillance equipment waiting for them to make one phone call.
i guess the thing to do would be to set up shop around a busy work place and setup a piece of hardware to log ALL of the GSM data traffic (text, net, and other packets) until you have a harddrive full of information.
At some point you would luck out and get some poor schmoes passwords and dirty text messages.
or is that the actually concern.
there is a story floating around about terrorist using $26 software to watch the video feeds from UAV's.
Basically they can do this because no one wants to spend the money to make the hardware and software secure...so the terrorist win.
But the only people affected by this dont have any recourse against the government if they are killed because of intercepted information.
But god forbid that my BFF Jill has her facebook password intercepted and stolen via text, because this will result in an endless series of lawsuits that will never fix the problem.
This doesn't have anything to doe with global government, they could care less (they are always one subpeona (if you are lucky) from ALL of your personal data).
This comes down to the fact that, for what its worth, GSM encryption worked well enough, it was reliable, and most importantly, it had payed for itself.
So now, the real concerns is how can they replace it before GSM providers start getting their asses sued off, and how cheaply can they do it.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578488</id>
	<title>old system?</title>
	<author>hitmark</author>
	<datestamp>1262014440000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>iirc, when this have come up before, its been pointed out that only a really old, in gsm terms, phone, would still be using said encryption. And that more recent phones are able to use more modern encryptions, if the network allows it...</p></htmltext>
<tokenext>iirc , when this have come up before , its been pointed out that only a really old , in gsm terms , phone , would still be using said encryption .
And that more recent phones are able to use more modern encryptions , if the network allows it.. .</tokentext>
<sentencetext>iirc, when this have come up before, its been pointed out that only a really old, in gsm terms, phone, would still be using said encryption.
And that more recent phones are able to use more modern encryptions, if the network allows it...</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30581146</id>
	<title>Re:Ha Ha</title>
	<author>hapalibashi</author>
	<datestamp>1262094660000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>A dangerous proposition? Its public knowledge that operators must provide network based interception facilities. Its a legislative requirement in virtual every country in the world and its standardised.
Beyond that, operators can be told to turn off the encryption entirely allowing security forces to directly listen directly using scanners (some phones will display a warning icon in this case). This happened in Moscow after the theatre bombing.</htmltext>
<tokenext>A dangerous proposition ?
Its public knowledge that operators must provide network based interception facilities .
Its a legislative requirement in virtual every country in the world and its standardised .
Beyond that , operators can be told to turn off the encryption entirely allowing security forces to directly listen directly using scanners ( some phones will display a warning icon in this case ) .
This happened in Moscow after the theatre bombing .</tokentext>
<sentencetext>A dangerous proposition?
Its public knowledge that operators must provide network based interception facilities.
Its a legislative requirement in virtual every country in the world and its standardised.
Beyond that, operators can be told to turn off the encryption entirely allowing security forces to directly listen directly using scanners (some phones will display a warning icon in this case).
This happened in Moscow after the theatre bombing.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578452</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30579872</id>
	<title>Criminals?</title>
	<author>sjdude</author>
	<datestamp>1262118240000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>1</modscore>
	<htmltext><p><div class="quote"><p>Simon Bransfield-Garth, the chief executive of Cellcrypt, says Nohl's efforts could put sophisticated mobile interception technology &mdash; limited to governments and intelligence agencies &mdash; within the reach of any reasonable well-funded criminal organization.</p> </div><p>
Can someone please tell me the difference between "governments" and "well-funded criminal organizations"?</p></div>
	</htmltext>
<tokenext>Simon Bransfield-Garth , the chief executive of Cellcrypt , says Nohl 's efforts could put sophisticated mobile interception technology    limited to governments and intelligence agencies    within the reach of any reasonable well-funded criminal organization .
Can someone please tell me the difference between " governments " and " well-funded criminal organizations " ?</tokentext>
<sentencetext>Simon Bransfield-Garth, the chief executive of Cellcrypt, says Nohl's efforts could put sophisticated mobile interception technology — limited to governments and intelligence agencies — within the reach of any reasonable well-funded criminal organization.
Can someone please tell me the difference between "governments" and "well-funded criminal organizations"?
	</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30584308</id>
	<title>You're not thinking globally enough</title>
	<author>pem</author>
	<datestamp>1262114160000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>The US wants to be able to intercept phone calls in <b>other</b> countries.
<p>
That's what the weak encryption is all about.</p></htmltext>
<tokenext>The US wants to be able to intercept phone calls in other countries .
That 's what the weak encryption is all about .</tokentext>
<sentencetext>The US wants to be able to intercept phone calls in other countries.
That's what the weak encryption is all about.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578700</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30579862</id>
	<title>kinda not news</title>
	<author>Eil</author>
	<datestamp>1262118060000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>4</modscore>
	<htmltext><p>(Note: I have RTFA, but I'm quoting mainly from the summary here.)</p><blockquote><div><p>Others have cracked the A5/1 encryption technology used in GSM before, but their results have remained secret.</p></div></blockquote><p>Feh. Steve Gibson explained the flaws in GSM in very precise, technical detail in his podcast with Leo LaPorte <b>back in September</b>. See episode 213 of <a href="http://www.grc.com/securitynow.htm" title="grc.com">Security Now</a> [grc.com], "Cracking GSM Cellphones". He explained how the algorithm was implemented in hardware, right down to the hardware level.</p><blockquote><div><p>The GSM Association, the industry group based in London that devised the algorithm and represents wireless operators, called Mr. Nohl's efforts illegal</p></div></blockquote><p>Oh yes, they'd like us to believe that reverse engineering encryption is illegal. It is not. Eavesdropping on cell phone calls is illegal only because cell phone carriers have always used technology decades behind the state of the art. It's a crappy regulatory patch to a massive technical loophole. It's akin to a law forbidding wifi cards from supporting "monitor mode" because you can use it to eavesdrop on unencrypted wifi traffic. Karsten Nohl is not recommending that anyone eavesdrop on other people's phone calls. He's trying to show the public that their conversations are as good as "in the clear" and gosh darn it, the billion-dollar wireless industry just doesn't like that a bit.</p><blockquote><div><p>Simon Bransfield-Garth, the chief executive of Cellcrypt, says Nohl's efforts could put sophisticated mobile interception technology -- limited to governments and intelligence agencies -- within the reach of any reasonable well-funded criminal organization.</p></div> </blockquote><p>Nope, even better: it puts GSM decryption technology within the reach of anyone with a 2TB hard disk, $1000 of radio equipment, and the time to figure out some software. And, as I pointed out already, this has been known for some time. Until recently, the weaknesses of GSM has been the skeleton in the closet of the wireless industry. It should have seen the light of day years ago.</p><p>This is not an easy problem for them to solve, either. A5/3 is much better encryption, but as I understand it, almost every handset in existence can be forced to fall back to A5/1 (or even A5/0, no encryption) relatively easily.</p></div>
	</htmltext>
<tokenext>( Note : I have RTFA , but I 'm quoting mainly from the summary here .
) Others have cracked the A5/1 encryption technology used in GSM before , but their results have remained secret.Feh .
Steve Gibson explained the flaws in GSM in very precise , technical detail in his podcast with Leo LaPorte back in September .
See episode 213 of Security Now [ grc.com ] , " Cracking GSM Cellphones " .
He explained how the algorithm was implemented in hardware , right down to the hardware level.The GSM Association , the industry group based in London that devised the algorithm and represents wireless operators , called Mr. Nohl 's efforts illegalOh yes , they 'd like us to believe that reverse engineering encryption is illegal .
It is not .
Eavesdropping on cell phone calls is illegal only because cell phone carriers have always used technology decades behind the state of the art .
It 's a crappy regulatory patch to a massive technical loophole .
It 's akin to a law forbidding wifi cards from supporting " monitor mode " because you can use it to eavesdrop on unencrypted wifi traffic .
Karsten Nohl is not recommending that anyone eavesdrop on other people 's phone calls .
He 's trying to show the public that their conversations are as good as " in the clear " and gosh darn it , the billion-dollar wireless industry just does n't like that a bit.Simon Bransfield-Garth , the chief executive of Cellcrypt , says Nohl 's efforts could put sophisticated mobile interception technology -- limited to governments and intelligence agencies -- within the reach of any reasonable well-funded criminal organization .
Nope , even better : it puts GSM decryption technology within the reach of anyone with a 2TB hard disk , $ 1000 of radio equipment , and the time to figure out some software .
And , as I pointed out already , this has been known for some time .
Until recently , the weaknesses of GSM has been the skeleton in the closet of the wireless industry .
It should have seen the light of day years ago.This is not an easy problem for them to solve , either .
A5/3 is much better encryption , but as I understand it , almost every handset in existence can be forced to fall back to A5/1 ( or even A5/0 , no encryption ) relatively easily .</tokentext>
<sentencetext>(Note: I have RTFA, but I'm quoting mainly from the summary here.
)Others have cracked the A5/1 encryption technology used in GSM before, but their results have remained secret.Feh.
Steve Gibson explained the flaws in GSM in very precise, technical detail in his podcast with Leo LaPorte back in September.
See episode 213 of Security Now [grc.com], "Cracking GSM Cellphones".
He explained how the algorithm was implemented in hardware, right down to the hardware level.The GSM Association, the industry group based in London that devised the algorithm and represents wireless operators, called Mr. Nohl's efforts illegalOh yes, they'd like us to believe that reverse engineering encryption is illegal.
It is not.
Eavesdropping on cell phone calls is illegal only because cell phone carriers have always used technology decades behind the state of the art.
It's a crappy regulatory patch to a massive technical loophole.
It's akin to a law forbidding wifi cards from supporting "monitor mode" because you can use it to eavesdrop on unencrypted wifi traffic.
Karsten Nohl is not recommending that anyone eavesdrop on other people's phone calls.
He's trying to show the public that their conversations are as good as "in the clear" and gosh darn it, the billion-dollar wireless industry just doesn't like that a bit.Simon Bransfield-Garth, the chief executive of Cellcrypt, says Nohl's efforts could put sophisticated mobile interception technology -- limited to governments and intelligence agencies -- within the reach of any reasonable well-funded criminal organization.
Nope, even better: it puts GSM decryption technology within the reach of anyone with a 2TB hard disk, $1000 of radio equipment, and the time to figure out some software.
And, as I pointed out already, this has been known for some time.
Until recently, the weaknesses of GSM has been the skeleton in the closet of the wireless industry.
It should have seen the light of day years ago.This is not an easy problem for them to solve, either.
A5/3 is much better encryption, but as I understand it, almost every handset in existence can be forced to fall back to A5/1 (or even A5/0, no encryption) relatively easily.
	</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578804</id>
	<title>Re:And this is a nearly unsolveable problem.</title>
	<author>Anonymous</author>
	<datestamp>1262017680000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>3</modscore>
	<htmltext>Some thoughts, the most terrifying phrase in the abstract was "'What he is doing would be illegal in Britain and the United States".  I find these laws are very unscientific, they are effectively trying to hide \_the\_ truth.  Which in this case is that the GSM encryption algorithm is shoddy.  Secondly as a brit I find it very worrying when people justify draconian laws by saying other people do it.  On to more technical things, the above post mentioned DES and AES, as I remember did EFF not build a 250k$ DES cracking machine some time back.  I thought triple DES had now superseded DES.  As for AES, according to wikipedia weaknesses have been found quite recently in AES. <a href="http://en.wikipedia.org/wiki/Advanced\_Encryption\_Standard" title="wikipedia.org">http://en.wikipedia.org/wiki/Advanced\_Encryption\_Standard</a> [wikipedia.org].  I don't understand how compromising these attacks are though (presumably very).</htmltext>
<tokenext>Some thoughts , the most terrifying phrase in the abstract was " 'What he is doing would be illegal in Britain and the United States " .
I find these laws are very unscientific , they are effectively trying to hide \ _the \ _ truth .
Which in this case is that the GSM encryption algorithm is shoddy .
Secondly as a brit I find it very worrying when people justify draconian laws by saying other people do it .
On to more technical things , the above post mentioned DES and AES , as I remember did EFF not build a 250k $ DES cracking machine some time back .
I thought triple DES had now superseded DES .
As for AES , according to wikipedia weaknesses have been found quite recently in AES .
http : //en.wikipedia.org/wiki/Advanced \ _Encryption \ _Standard [ wikipedia.org ] .
I do n't understand how compromising these attacks are though ( presumably very ) .</tokentext>
<sentencetext>Some thoughts, the most terrifying phrase in the abstract was "'What he is doing would be illegal in Britain and the United States".
I find these laws are very unscientific, they are effectively trying to hide \_the\_ truth.
Which in this case is that the GSM encryption algorithm is shoddy.
Secondly as a brit I find it very worrying when people justify draconian laws by saying other people do it.
On to more technical things, the above post mentioned DES and AES, as I remember did EFF not build a 250k$ DES cracking machine some time back.
I thought triple DES had now superseded DES.
As for AES, according to wikipedia weaknesses have been found quite recently in AES.
http://en.wikipedia.org/wiki/Advanced\_Encryption\_Standard [wikipedia.org].
I don't understand how compromising these attacks are though (presumably very).</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578402</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578348</id>
	<title>Re:Pna lbh urne zr abj?</title>
	<author>chaboud</author>
	<datestamp>1262013300000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>4</modscore>
	<htmltext><p>Is this encryption only secure until I tell people that this is ROT-13?</p><p>That's it.  We should just ROT-13 GSM traffic.</p><p>And that, kids, is the point.  This should be "+1, Troll rating was idiotic."</p></htmltext>
<tokenext>Is this encryption only secure until I tell people that this is ROT-13 ? That 's it .
We should just ROT-13 GSM traffic.And that , kids , is the point .
This should be " + 1 , Troll rating was idiotic .
"</tokentext>
<sentencetext>Is this encryption only secure until I tell people that this is ROT-13?That's it.
We should just ROT-13 GSM traffic.And that, kids, is the point.
This should be "+1, Troll rating was idiotic.
"</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578212</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30589512</id>
	<title>Re:Irony</title>
	<author>RobertM1968</author>
	<datestamp>1262097180000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Wow... seems there are some idiots with Mod Points...

</p><p>I'm thrilled if this gets things updated to be more secure... but this method can in the meantime create a LOT of damage. Perhaps I should have expounded on my original post.


</p><p>Point was, yeah, I know others (the bad guys) will figure this out eventually - probably ones with more malicious intents...

</p><p>BUT, (1) they are unlikely to publish the findings, (2) now, they (the bad guys) dont even have to do the work... they can jump in now and take advantage of the work that the above people did (meaning the network's security, in effect, has already been breached by the more malicious types thanks to them releasing this info), and (3) those of less technical inclination can now also jump right in with invasive stuff to utilize their research.

</p><p>Simple math folks... before "the bad guys" were limited to however many or few figured this out on their own... now EVERY "bad guy" in this line of "bad-guyness" can just jump right in.

</p><p>Inotherwords, (bad analogy time) to point out that there was a hole in the boat letting water in, they (a) made the hole a lot bigger so everyone's feet got wet, and (b) made holes in every other boat too (ie: people who would never have the skills to figure this out now dont need to worry about that - they too have access to this info and dont need to figure it out).

</p><p>The bad guys no longer have to do it... it's been done for them, regardless of whether they have or can buy the skills to have done it on their own. Would you rather every crazed criminal out there having guns, or just the ones with the means to find em?

</p><p>Best, Robert

</p><p>-1 Troll is not an "I don't like what you wrote even though it's true" option.</p></htmltext>
<tokenext>Wow... seems there are some idiots with Mod Points.. . I 'm thrilled if this gets things updated to be more secure... but this method can in the meantime create a LOT of damage .
Perhaps I should have expounded on my original post .
Point was , yeah , I know others ( the bad guys ) will figure this out eventually - probably ones with more malicious intents.. . BUT , ( 1 ) they are unlikely to publish the findings , ( 2 ) now , they ( the bad guys ) dont even have to do the work... they can jump in now and take advantage of the work that the above people did ( meaning the network 's security , in effect , has already been breached by the more malicious types thanks to them releasing this info ) , and ( 3 ) those of less technical inclination can now also jump right in with invasive stuff to utilize their research .
Simple math folks... before " the bad guys " were limited to however many or few figured this out on their own... now EVERY " bad guy " in this line of " bad-guyness " can just jump right in .
Inotherwords , ( bad analogy time ) to point out that there was a hole in the boat letting water in , they ( a ) made the hole a lot bigger so everyone 's feet got wet , and ( b ) made holes in every other boat too ( ie : people who would never have the skills to figure this out now dont need to worry about that - they too have access to this info and dont need to figure it out ) .
The bad guys no longer have to do it... it 's been done for them , regardless of whether they have or can buy the skills to have done it on their own .
Would you rather every crazed criminal out there having guns , or just the ones with the means to find em ?
Best , Robert -1 Troll is not an " I do n't like what you wrote even though it 's true " option .</tokentext>
<sentencetext>Wow... seems there are some idiots with Mod Points...

I'm thrilled if this gets things updated to be more secure... but this method can in the meantime create a LOT of damage.
Perhaps I should have expounded on my original post.
Point was, yeah, I know others (the bad guys) will figure this out eventually - probably ones with more malicious intents...

BUT, (1) they are unlikely to publish the findings, (2) now, they (the bad guys) dont even have to do the work... they can jump in now and take advantage of the work that the above people did (meaning the network's security, in effect, has already been breached by the more malicious types thanks to them releasing this info), and (3) those of less technical inclination can now also jump right in with invasive stuff to utilize their research.
Simple math folks... before "the bad guys" were limited to however many or few figured this out on their own... now EVERY "bad guy" in this line of "bad-guyness" can just jump right in.
Inotherwords, (bad analogy time) to point out that there was a hole in the boat letting water in, they (a) made the hole a lot bigger so everyone's feet got wet, and (b) made holes in every other boat too (ie: people who would never have the skills to figure this out now dont need to worry about that - they too have access to this info and dont need to figure it out).
The bad guys no longer have to do it... it's been done for them, regardless of whether they have or can buy the skills to have done it on their own.
Would you rather every crazed criminal out there having guns, or just the ones with the means to find em?
Best, Robert

-1 Troll is not an "I don't like what you wrote even though it's true" option.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578210</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30584034</id>
	<title>Solution is to use "phone" as Terminal</title>
	<author>Anonymous</author>
	<datestamp>1262112780000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>I was very surprised when I figured companies like Nokia calls their "smart phones" or even dumb phones as "Terminals" in documents.</p><p>Basically the thing we call a "phone" today is a handheld, almost general purpose computer with advanced communication capabilities and sensors (GPS etc.).</p><p>So, if you think outside the box and use your "phone" (terminal) as a TCP/IP connected client rather than using the network's GSM system for voice, the problem should be solved. Why not use Skype, Nimbuzz, Fring, Gizmo instead of GSM internally at company or between friends? Well, Skype can be cracked at some point, that is the time you move to another system/api.</p><p>The real solution is of course, using SIP/XMPP and openly encyripting it with real, time tested protocols which are documented. The third parties above (excluding Gizmo, which is open) are temporary solutions. If Google doesn't mess it up with privacy questionable "add in" stuff, Gizmo seems to be more scalable and open way of doing it.</p></htmltext>
<tokenext>I was very surprised when I figured companies like Nokia calls their " smart phones " or even dumb phones as " Terminals " in documents.Basically the thing we call a " phone " today is a handheld , almost general purpose computer with advanced communication capabilities and sensors ( GPS etc .
) .So , if you think outside the box and use your " phone " ( terminal ) as a TCP/IP connected client rather than using the network 's GSM system for voice , the problem should be solved .
Why not use Skype , Nimbuzz , Fring , Gizmo instead of GSM internally at company or between friends ?
Well , Skype can be cracked at some point , that is the time you move to another system/api.The real solution is of course , using SIP/XMPP and openly encyripting it with real , time tested protocols which are documented .
The third parties above ( excluding Gizmo , which is open ) are temporary solutions .
If Google does n't mess it up with privacy questionable " add in " stuff , Gizmo seems to be more scalable and open way of doing it .</tokentext>
<sentencetext>I was very surprised when I figured companies like Nokia calls their "smart phones" or even dumb phones as "Terminals" in documents.Basically the thing we call a "phone" today is a handheld, almost general purpose computer with advanced communication capabilities and sensors (GPS etc.
).So, if you think outside the box and use your "phone" (terminal) as a TCP/IP connected client rather than using the network's GSM system for voice, the problem should be solved.
Why not use Skype, Nimbuzz, Fring, Gizmo instead of GSM internally at company or between friends?
Well, Skype can be cracked at some point, that is the time you move to another system/api.The real solution is of course, using SIP/XMPP and openly encyripting it with real, time tested protocols which are documented.
The third parties above (excluding Gizmo, which is open) are temporary solutions.
If Google doesn't mess it up with privacy questionable "add in" stuff, Gizmo seems to be more scalable and open way of doing it.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578702</id>
	<title>TFA is incomplete/incorrect.</title>
	<author>Anonymous</author>
	<datestamp>1262016420000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>
  Does anyone have a link to the Chaos Computer Club presentation?
</p><p>
A5/1 and A5/3 are Authentication Algorithms and not ENCRYPTION/Decryption.  The Ciphering Encryption Algorithm for GSM/GPRS is either gea1, gea2 and gea3.
</p><p>
In the United States, a certain 3 letter network operator specifically forces the newer authentication algorithms to be disabled
</p></htmltext>
<tokenext>Does anyone have a link to the Chaos Computer Club presentation ?
A5/1 and A5/3 are Authentication Algorithms and not ENCRYPTION/Decryption .
The Ciphering Encryption Algorithm for GSM/GPRS is either gea1 , gea2 and gea3 .
In the United States , a certain 3 letter network operator specifically forces the newer authentication algorithms to be disabled</tokentext>
<sentencetext>
  Does anyone have a link to the Chaos Computer Club presentation?
A5/1 and A5/3 are Authentication Algorithms and not ENCRYPTION/Decryption.
The Ciphering Encryption Algorithm for GSM/GPRS is either gea1, gea2 and gea3.
In the United States, a certain 3 letter network operator specifically forces the newer authentication algorithms to be disabled
</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578424</id>
	<title>Re:Irony</title>
	<author>Anonymous</author>
	<datestamp>1262013960000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>4</modscore>
	<htmltext><p>It has been known for a while that GSM can be hacked and that it can be done with a relatively trivial amount of readily available hardware. If you wanted to do it, you could do it. The current effort is mostly a public awareness thing and an ongoing optimization of the attack. People are not going to buy multiple software defined radio boards, tune them with an improved clock source, download or create terabytes of rainbow tables and put it all together just to listen in on their neighbors (which everybody knows would be illegal). People who go to these lengths with anything but research in mind do not need this kind of public "guide" to GSM cracking. GSM is not safe. It hasn't been for quite a while and now people know it. (Two more talks on GSM issues are on the Tuesday schedule. Apparently there are a lot of facepalm type of bugs which are undiscovered purely due to lack of attention.)</p></htmltext>
<tokenext>It has been known for a while that GSM can be hacked and that it can be done with a relatively trivial amount of readily available hardware .
If you wanted to do it , you could do it .
The current effort is mostly a public awareness thing and an ongoing optimization of the attack .
People are not going to buy multiple software defined radio boards , tune them with an improved clock source , download or create terabytes of rainbow tables and put it all together just to listen in on their neighbors ( which everybody knows would be illegal ) .
People who go to these lengths with anything but research in mind do not need this kind of public " guide " to GSM cracking .
GSM is not safe .
It has n't been for quite a while and now people know it .
( Two more talks on GSM issues are on the Tuesday schedule .
Apparently there are a lot of facepalm type of bugs which are undiscovered purely due to lack of attention .
)</tokentext>
<sentencetext>It has been known for a while that GSM can be hacked and that it can be done with a relatively trivial amount of readily available hardware.
If you wanted to do it, you could do it.
The current effort is mostly a public awareness thing and an ongoing optimization of the attack.
People are not going to buy multiple software defined radio boards, tune them with an improved clock source, download or create terabytes of rainbow tables and put it all together just to listen in on their neighbors (which everybody knows would be illegal).
People who go to these lengths with anything but research in mind do not need this kind of public "guide" to GSM cracking.
GSM is not safe.
It hasn't been for quite a while and now people know it.
(Two more talks on GSM issues are on the Tuesday schedule.
Apparently there are a lot of facepalm type of bugs which are undiscovered purely due to lack of attention.
)</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578210</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578838</id>
	<title>Decryption is illegal.... so nobody try it!!</title>
	<author>purpleraison</author>
	<datestamp>1262018100000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>How stupid! While I wouldn't be happy about having my work decrypted, throwing the whole 'it's illegal' red herring out there is just plain dumb-assery!</p><p>The fact is, you want to know when your OUTDATED encryption techniques are no longer useful....  but perhaps Bransfield-Garth would prefer a hostile agency do the work and leave it unpublished?? Yeah, I thought that was the less desirable option.</p><p>What a dick!</p></htmltext>
<tokenext>How stupid !
While I would n't be happy about having my work decrypted , throwing the whole 'it 's illegal ' red herring out there is just plain dumb-assery ! The fact is , you want to know when your OUTDATED encryption techniques are no longer useful.... but perhaps Bransfield-Garth would prefer a hostile agency do the work and leave it unpublished ? ?
Yeah , I thought that was the less desirable option.What a dick !</tokentext>
<sentencetext>How stupid!
While I wouldn't be happy about having my work decrypted, throwing the whole 'it's illegal' red herring out there is just plain dumb-assery!The fact is, you want to know when your OUTDATED encryption techniques are no longer useful....  but perhaps Bransfield-Garth would prefer a hostile agency do the work and leave it unpublished??
Yeah, I thought that was the less desirable option.What a dick!</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578672</id>
	<title>Quote</title>
	<author>1000101</author>
	<datestamp>1262016120000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>"If you  something that you don't want anyone to know, maybe you shouldn't be  it in the first place"
<br>
- ~anonymous</htmltext>
<tokenext>" If you something that you do n't want anyone to know , maybe you should n't be it in the first place " - ~ anonymous</tokentext>
<sentencetext>"If you  something that you don't want anyone to know, maybe you shouldn't be  it in the first place"

- ~anonymous</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30581266</id>
	<title>Re:TFA is incomplete/incorrect.</title>
	<author>hughk</author>
	<datestamp>1262096340000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>2</modscore>
	<htmltext>The slides are <a href="http://events.ccc.de/congress/2009/Fahrplan/attachments/1479\_26C3.Karsten.Nohl.GSM.pdf" title="events.ccc.de">here</a> [events.ccc.de] and A5/1 and A5/3 are encryption algorithms.</htmltext>
<tokenext>The slides are here [ events.ccc.de ] and A5/1 and A5/3 are encryption algorithms .</tokentext>
<sentencetext>The slides are here [events.ccc.de] and A5/1 and A5/3 are encryption algorithms.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578702</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30580324</id>
	<title>Re:Pna lbh urne zr abj?</title>
	<author>Anonymous</author>
	<datestamp>1262082480000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Anybody whose first thought wasn't ROT-13 should GTFO<nobr> <wbr></nobr>/.<nobr> <wbr></nobr>;)</p></htmltext>
<tokenext>Anybody whose first thought was n't ROT-13 should GTFO / .
; )</tokentext>
<sentencetext>Anybody whose first thought wasn't ROT-13 should GTFO /.
;)</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578348</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578896</id>
	<title>Does anyone care?</title>
	<author>marciot</author>
	<datestamp>1262018820000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Surely not the people who loudly yak away on their cellphones in public where everyone can hear.</p></htmltext>
<tokenext>Surely not the people who loudly yak away on their cellphones in public where everyone can hear .</tokentext>
<sentencetext>Surely not the people who loudly yak away on their cellphones in public where everyone can hear.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30579176</id>
	<title>Re:This is the epitome of security through obscuri</title>
	<author>ceoyoyo</author>
	<datestamp>1262021940000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>There has to be more to it than that.  If the "encryption" literally uses a substitution cypher or something that depends on a "codebook" then that codebook would have to be stored on every device and would be fairly trivial to discover and copy (not to mention any reasonable codebook would have crushed the available memory in any mobile devices back when GSM was invented).  There would also be nothing theoretical about decrypting messages.</p><p>I think the article author is using the term figuratively.</p></htmltext>
<tokenext>There has to be more to it than that .
If the " encryption " literally uses a substitution cypher or something that depends on a " codebook " then that codebook would have to be stored on every device and would be fairly trivial to discover and copy ( not to mention any reasonable codebook would have crushed the available memory in any mobile devices back when GSM was invented ) .
There would also be nothing theoretical about decrypting messages.I think the article author is using the term figuratively .</tokentext>
<sentencetext>There has to be more to it than that.
If the "encryption" literally uses a substitution cypher or something that depends on a "codebook" then that codebook would have to be stored on every device and would be fairly trivial to discover and copy (not to mention any reasonable codebook would have crushed the available memory in any mobile devices back when GSM was invented).
There would also be nothing theoretical about decrypting messages.I think the article author is using the term figuratively.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578362</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578676</id>
	<title>back haul is in the clear</title>
	<author>Anonymous</author>
	<datestamp>1262016180000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>1</modscore>
	<htmltext><p><div class="quote"><p>What the operators really want is something secure enough so you can't practically listen to a politician's conversations, but open enough so the state can listen to any citizen's conversation. All in the same of National Security. We will only be secure when the reverse is true.</p></div><p>Things are only encrypted over the air. Once it hits the tower and starts bouncing around SSPs and STPs the signals are in the clear and can be tapped easily. There's no point having a weak cipher for the radio component as any lawful (!) tapping will occur over the back haul.</p></div>
	</htmltext>
<tokenext>What the operators really want is something secure enough so you ca n't practically listen to a politician 's conversations , but open enough so the state can listen to any citizen 's conversation .
All in the same of National Security .
We will only be secure when the reverse is true.Things are only encrypted over the air .
Once it hits the tower and starts bouncing around SSPs and STPs the signals are in the clear and can be tapped easily .
There 's no point having a weak cipher for the radio component as any lawful ( !
) tapping will occur over the back haul .</tokentext>
<sentencetext>What the operators really want is something secure enough so you can't practically listen to a politician's conversations, but open enough so the state can listen to any citizen's conversation.
All in the same of National Security.
We will only be secure when the reverse is true.Things are only encrypted over the air.
Once it hits the tower and starts bouncing around SSPs and STPs the signals are in the clear and can be tapped easily.
There's no point having a weak cipher for the radio component as any lawful (!
) tapping will occur over the back haul.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578238</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30580996</id>
	<title>Re:kinda not news</title>
	<author>snaz555</author>
	<datestamp>1262092740000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>3</modscore>
	<htmltext><p><div class="quote"><p>Oh yes, they'd like us to believe that reverse engineering encryption is illegal. It is not.</p></div><p>Right you are.  However, what <i>is</i> illegal is publically stating someone has committed illegal acts.  Nohl should sue for slander.</p></div>
	</htmltext>
<tokenext>Oh yes , they 'd like us to believe that reverse engineering encryption is illegal .
It is not.Right you are .
However , what is illegal is publically stating someone has committed illegal acts .
Nohl should sue for slander .</tokentext>
<sentencetext>Oh yes, they'd like us to believe that reverse engineering encryption is illegal.
It is not.Right you are.
However, what is illegal is publically stating someone has committed illegal acts.
Nohl should sue for slander.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30579862</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578452</id>
	<title>Re:Ha Ha</title>
	<author>mysidia</author>
	<datestamp>1262014200000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>4</modscore>
	<htmltext><p>
No... that's not an issue the operators need be concerned with.  The government can listen in regardless, through FISA, CALEA, Patriot Act, Lawful Interception technologies on the carrier's networks.
</p><p>
I wish I could elaborate further on the matter, but that's a dangerous proposition.
</p><p>
One reason to stick with simpler encryption technology, is it's a cheaper, commodity part.
New algorithms take time to develop: R and D costs, mean more expensive products, not to mention the requirement to replace expensive network infrastructure  in order to adopt new standards.
</p></htmltext>
<tokenext>No... that 's not an issue the operators need be concerned with .
The government can listen in regardless , through FISA , CALEA , Patriot Act , Lawful Interception technologies on the carrier 's networks .
I wish I could elaborate further on the matter , but that 's a dangerous proposition .
One reason to stick with simpler encryption technology , is it 's a cheaper , commodity part .
New algorithms take time to develop : R and D costs , mean more expensive products , not to mention the requirement to replace expensive network infrastructure in order to adopt new standards .</tokentext>
<sentencetext>
No... that's not an issue the operators need be concerned with.
The government can listen in regardless, through FISA, CALEA, Patriot Act, Lawful Interception technologies on the carrier's networks.
I wish I could elaborate further on the matter, but that's a dangerous proposition.
One reason to stick with simpler encryption technology, is it's a cheaper, commodity part.
New algorithms take time to develop: R and D costs, mean more expensive products, not to mention the requirement to replace expensive network infrastructure  in order to adopt new standards.
</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578238</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30581218</id>
	<title>Re:Not a smart move</title>
	<author>hughk</author>
	<datestamp>1262095860000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>Why? The balm of secrecy only makes you feel better. Someone else may already be doing this on the quiet. It should be noted that the GSM associateion has been climing that this was impossible.</htmltext>
<tokenext>Why ?
The balm of secrecy only makes you feel better .
Someone else may already be doing this on the quiet .
It should be noted that the GSM associateion has been climing that this was impossible .</tokentext>
<sentencetext>Why?
The balm of secrecy only makes you feel better.
Someone else may already be doing this on the quiet.
It should be noted that the GSM associateion has been climing that this was impossible.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30579720</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30580516</id>
	<title>I emailed press@gsm.org and this is what they said</title>
	<author>DrSkwid</author>
	<datestamp>1262086200000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p><a href="http://news.ycombinator.com/item?id=1019162" title="ycombinator.com">http://news.ycombinator.com/item?id=1019162</a> [ycombinator.com]</p></htmltext>
<tokenext>http : //news.ycombinator.com/item ? id = 1019162 [ ycombinator.com ]</tokentext>
<sentencetext>http://news.ycombinator.com/item?id=1019162 [ycombinator.com]</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30580130</id>
	<title>why do they punish these guys?</title>
	<author>circletimessquare</author>
	<datestamp>1262079000000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>whenever i hear about a crack like this, there's always this threat to sue/ jail immediately put forth. why shouldn't there be an open promise to reward crackers instead? why don't they HIRE the guy who cracked their scheme to fix the weakness?</p><p>1. it encourages crackers to go to you, rather than going underground<br>2. it suggests to your clients that there are no challenges to your scheme out there, it ensures your algorithm/ scheme is sound, since a crack would reveal itself in an open, non criminal/ non litigious, reward-oriented environment</p><p>surely there's someone in business who understands these two attributes are worth far more to you than paying some lawyers to chase ghosts around the internet</p><p>and the secret always gets out regardless, its not like they ever stop the crack from gaining wide knowledge</p></htmltext>
<tokenext>whenever i hear about a crack like this , there 's always this threat to sue/ jail immediately put forth .
why should n't there be an open promise to reward crackers instead ?
why do n't they HIRE the guy who cracked their scheme to fix the weakness ? 1 .
it encourages crackers to go to you , rather than going underground2 .
it suggests to your clients that there are no challenges to your scheme out there , it ensures your algorithm/ scheme is sound , since a crack would reveal itself in an open , non criminal/ non litigious , reward-oriented environmentsurely there 's someone in business who understands these two attributes are worth far more to you than paying some lawyers to chase ghosts around the internetand the secret always gets out regardless , its not like they ever stop the crack from gaining wide knowledge</tokentext>
<sentencetext>whenever i hear about a crack like this, there's always this threat to sue/ jail immediately put forth.
why shouldn't there be an open promise to reward crackers instead?
why don't they HIRE the guy who cracked their scheme to fix the weakness?1.
it encourages crackers to go to you, rather than going underground2.
it suggests to your clients that there are no challenges to your scheme out there, it ensures your algorithm/ scheme is sound, since a crack would reveal itself in an open, non criminal/ non litigious, reward-oriented environmentsurely there's someone in business who understands these two attributes are worth far more to you than paying some lawyers to chase ghosts around the internetand the secret always gets out regardless, its not like they ever stop the crack from gaining wide knowledge</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578892</id>
	<title>License to Practice Security</title>
	<author>Anonymous</author>
	<datestamp>1262018760000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Perhaps there should be a license to practice security, like there is a license to practice medicine.</p><p>I can't just flop open a sturdy table and hang out a cardboard sign "Your Appendix Out -- CHEAP!"</p><p>Likewise, perhaps we can cut down on some of this security theater crap if there was a license to practice security.</p><p>Offering and defending quack remedies like security through obscurity would be grounds to have your license permanently revoked.</p><p>Selling unapproved encryption as "secure" would also be grounds for license revocation. (Selling unapproved encryption as "experimental and probably insecure" is fine, so long as that's clearly labeled on the product.)</p></htmltext>
<tokenext>Perhaps there should be a license to practice security , like there is a license to practice medicine.I ca n't just flop open a sturdy table and hang out a cardboard sign " Your Appendix Out -- CHEAP !
" Likewise , perhaps we can cut down on some of this security theater crap if there was a license to practice security.Offering and defending quack remedies like security through obscurity would be grounds to have your license permanently revoked.Selling unapproved encryption as " secure " would also be grounds for license revocation .
( Selling unapproved encryption as " experimental and probably insecure " is fine , so long as that 's clearly labeled on the product .
)</tokentext>
<sentencetext>Perhaps there should be a license to practice security, like there is a license to practice medicine.I can't just flop open a sturdy table and hang out a cardboard sign "Your Appendix Out -- CHEAP!
"Likewise, perhaps we can cut down on some of this security theater crap if there was a license to practice security.Offering and defending quack remedies like security through obscurity would be grounds to have your license permanently revoked.Selling unapproved encryption as "secure" would also be grounds for license revocation.
(Selling unapproved encryption as "experimental and probably insecure" is fine, so long as that's clearly labeled on the product.
)</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578592</id>
	<title>Illegal?</title>
	<author>Anonymous</author>
	<datestamp>1262015280000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>1</modscore>
	<htmltext><p>"Claire Cranton, a GSM spokeswoman, noting that no one else had broken the code since its adoption. 'What he is doing would be illegal in Britain and the United States."</p><p>a. So Mr. Nohl is the ONLY person that succeeded in breaking this crypt? I doubt it, he is the only one that published it just because its limp. Did you really believe it was impenetrable? Soooo naive.</p><p>b. So hackers would not crack messages because thats illegal? Ms. Cranton must be living in some delusional never never land.</p><p>Wake up folks. This BS won't stop the Mafia, CIA, alqada or anyone else that is determined. What will stop them is replacing your 21 year old spaghetti code with a new, clean encryption algorithm. In evolutionary terms, you have succumbed to The Darwin Principal, get a grip on it.</p></htmltext>
<tokenext>" Claire Cranton , a GSM spokeswoman , noting that no one else had broken the code since its adoption .
'What he is doing would be illegal in Britain and the United States. " a .
So Mr. Nohl is the ONLY person that succeeded in breaking this crypt ?
I doubt it , he is the only one that published it just because its limp .
Did you really believe it was impenetrable ?
Soooo naive.b .
So hackers would not crack messages because thats illegal ?
Ms. Cranton must be living in some delusional never never land.Wake up folks .
This BS wo n't stop the Mafia , CIA , alqada or anyone else that is determined .
What will stop them is replacing your 21 year old spaghetti code with a new , clean encryption algorithm .
In evolutionary terms , you have succumbed to The Darwin Principal , get a grip on it .</tokentext>
<sentencetext>"Claire Cranton, a GSM spokeswoman, noting that no one else had broken the code since its adoption.
'What he is doing would be illegal in Britain and the United States."a.
So Mr. Nohl is the ONLY person that succeeded in breaking this crypt?
I doubt it, he is the only one that published it just because its limp.
Did you really believe it was impenetrable?
Soooo naive.b.
So hackers would not crack messages because thats illegal?
Ms. Cranton must be living in some delusional never never land.Wake up folks.
This BS won't stop the Mafia, CIA, alqada or anyone else that is determined.
What will stop them is replacing your 21 year old spaghetti code with a new, clean encryption algorithm.
In evolutionary terms, you have succumbed to The Darwin Principal, get a grip on it.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578906</id>
	<title>Re:And this is a nearly unsolveable problem.</title>
	<author>Anonymous</author>
	<datestamp>1262018940000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>4</modscore>
	<htmltext><p>At a guess, they didn't use DES back when because DES is computationally intensive, i.e. slow.  This is especially important when you've got a small-for-the-day device that runs on batteries and must provide something approaching real-time performance.</p></htmltext>
<tokenext>At a guess , they did n't use DES back when because DES is computationally intensive , i.e .
slow. This is especially important when you 've got a small-for-the-day device that runs on batteries and must provide something approaching real-time performance .</tokentext>
<sentencetext>At a guess, they didn't use DES back when because DES is computationally intensive, i.e.
slow.  This is especially important when you've got a small-for-the-day device that runs on batteries and must provide something approaching real-time performance.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578402</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30583232</id>
	<title>Re:Who cares anyway?</title>
	<author>Hatta</author>
	<datestamp>1262109000000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>That's a good rule for every phone.</p></htmltext>
<tokenext>That 's a good rule for every phone .</tokentext>
<sentencetext>That's a good rule for every phone.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578806</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578970</id>
	<title>Re:And this is a nearly unsolveable problem.</title>
	<author>dachshund</author>
	<datestamp>1262019720000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>5</modscore>
	<htmltext><p><i>I have never understood why systems like GSM, Wifi, or whatever didn't or don't use well known crypto algorithms </i><br>A combination of factors:</p><p>1. GSM is very old (for a digital standard).  The more robust cryptographic algorithms known at the time were enormously expensive on the limited hardware available (this is back in the 80s or so).</p><p>2. GSM was created by a consortium of manufacturers and national governments.  Germany in particular was very concerned about calls being eavedropped by the eastern block; countries like France wanted the ability to (more) easily monitor calls.  The France block won the negotiation.</p><p>3. Cryptographic techniques have been evolving, even over the past decades.  Cracking hardware has gotten faster (distributed computing, FPGAs) and researchers have developed a lot of expertise at breaking symmetric ciphers.  Key sizes that seemed appropriate really aren't anymore.</p><p>4. Carriers don't really give a crap about theoretical weaknesses.  Unless you can buy a call decryptor on Amazon it doesn't count to them.  And even then it's probably still not worth the money to upgrade.</p><p>Wifi does use well known cryptographic algorithms, at least if you use WPA-AES, not WEP or the TKIP hack, both of which were designed to enable secure communications on very weak chipsets.</p></htmltext>
<tokenext>I have never understood why systems like GSM , Wifi , or whatever did n't or do n't use well known crypto algorithms A combination of factors : 1 .
GSM is very old ( for a digital standard ) .
The more robust cryptographic algorithms known at the time were enormously expensive on the limited hardware available ( this is back in the 80s or so ) .2 .
GSM was created by a consortium of manufacturers and national governments .
Germany in particular was very concerned about calls being eavedropped by the eastern block ; countries like France wanted the ability to ( more ) easily monitor calls .
The France block won the negotiation.3 .
Cryptographic techniques have been evolving , even over the past decades .
Cracking hardware has gotten faster ( distributed computing , FPGAs ) and researchers have developed a lot of expertise at breaking symmetric ciphers .
Key sizes that seemed appropriate really are n't anymore.4 .
Carriers do n't really give a crap about theoretical weaknesses .
Unless you can buy a call decryptor on Amazon it does n't count to them .
And even then it 's probably still not worth the money to upgrade.Wifi does use well known cryptographic algorithms , at least if you use WPA-AES , not WEP or the TKIP hack , both of which were designed to enable secure communications on very weak chipsets .</tokentext>
<sentencetext>I have never understood why systems like GSM, Wifi, or whatever didn't or don't use well known crypto algorithms A combination of factors:1.
GSM is very old (for a digital standard).
The more robust cryptographic algorithms known at the time were enormously expensive on the limited hardware available (this is back in the 80s or so).2.
GSM was created by a consortium of manufacturers and national governments.
Germany in particular was very concerned about calls being eavedropped by the eastern block; countries like France wanted the ability to (more) easily monitor calls.
The France block won the negotiation.3.
Cryptographic techniques have been evolving, even over the past decades.
Cracking hardware has gotten faster (distributed computing, FPGAs) and researchers have developed a lot of expertise at breaking symmetric ciphers.
Key sizes that seemed appropriate really aren't anymore.4.
Carriers don't really give a crap about theoretical weaknesses.
Unless you can buy a call decryptor on Amazon it doesn't count to them.
And even then it's probably still not worth the money to upgrade.Wifi does use well known cryptographic algorithms, at least if you use WPA-AES, not WEP or the TKIP hack, both of which were designed to enable secure communications on very weak chipsets.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578402</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30586544</id>
	<title>Re:This is the epitome of security through obscuri</title>
	<author>StikyPad</author>
	<datestamp>1262081220000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><blockquote><div><p> <i>The group said that hackers intent on illegal eavesdropping would need a radio receiver system and signal processing software to process raw radio data, much of which is copyrighted.</i></p><p>Yes, that's right. Their main weapon in defending your privacy against crackers who don't care about the law at all is copyright.</p></div></blockquote><p>Moreover, any such equipment can be purchased or rented from a number of suppliers without any licensing whatsoever, at least in the US.  There might be "watch lists" for that sort of thing -- who knows -- but regardless, the availability of such equipment is no barrier whatsoever.</p></div>
	</htmltext>
<tokenext>The group said that hackers intent on illegal eavesdropping would need a radio receiver system and signal processing software to process raw radio data , much of which is copyrighted.Yes , that 's right .
Their main weapon in defending your privacy against crackers who do n't care about the law at all is copyright.Moreover , any such equipment can be purchased or rented from a number of suppliers without any licensing whatsoever , at least in the US .
There might be " watch lists " for that sort of thing -- who knows -- but regardless , the availability of such equipment is no barrier whatsoever .</tokentext>
<sentencetext> The group said that hackers intent on illegal eavesdropping would need a radio receiver system and signal processing software to process raw radio data, much of which is copyrighted.Yes, that's right.
Their main weapon in defending your privacy against crackers who don't care about the law at all is copyright.Moreover, any such equipment can be purchased or rented from a number of suppliers without any licensing whatsoever, at least in the US.
There might be "watch lists" for that sort of thing -- who knows -- but regardless, the availability of such equipment is no barrier whatsoever.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578362</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578700</id>
	<title>Re:Ha Ha</title>
	<author>Anonymous</author>
	<datestamp>1262016420000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>4</modscore>
	<htmltext><p>As another poster mentioned, the government can already get a wiretap easily enough without having to break the cipher.</p><p>I am sick and tired of conspiracy theories. Remember the sage advice to never attribute to malice what can be adequately explained by incompetence.</p></htmltext>
<tokenext>As another poster mentioned , the government can already get a wiretap easily enough without having to break the cipher.I am sick and tired of conspiracy theories .
Remember the sage advice to never attribute to malice what can be adequately explained by incompetence .</tokentext>
<sentencetext>As another poster mentioned, the government can already get a wiretap easily enough without having to break the cipher.I am sick and tired of conspiracy theories.
Remember the sage advice to never attribute to malice what can be adequately explained by incompetence.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578238</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578422</id>
	<title>Is the newest version deployed everywhere?</title>
	<author>AdamInParadise</author>
	<datestamp>1262013960000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>4</modscore>
	<htmltext><p>The weaknesses of this algorithm are well-known and a new version that fixes those issues has been available for a long time. Now, does anyone knows whether this new version has been deployed everywhere? Who is still relying on the older version?</p><p>BTW, the algorithm used by 3G networks is different. It is based on AES and the design is publically available.</p></htmltext>
<tokenext>The weaknesses of this algorithm are well-known and a new version that fixes those issues has been available for a long time .
Now , does anyone knows whether this new version has been deployed everywhere ?
Who is still relying on the older version ? BTW , the algorithm used by 3G networks is different .
It is based on AES and the design is publically available .</tokentext>
<sentencetext>The weaknesses of this algorithm are well-known and a new version that fixes those issues has been available for a long time.
Now, does anyone knows whether this new version has been deployed everywhere?
Who is still relying on the older version?BTW, the algorithm used by 3G networks is different.
It is based on AES and the design is publically available.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30581250</id>
	<title>Re:Ha Ha</title>
	<author>wkk2</author>
	<datestamp>1262096100000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>A cellphone software developer once told me that poor encryption was used because if they did better, it would never be allowed to be exported.  I've always thought that the encryption was pointless, anyway, since the phone can be told to turn it off.  Maybe by a third party micro cell site.</p></htmltext>
<tokenext>A cellphone software developer once told me that poor encryption was used because if they did better , it would never be allowed to be exported .
I 've always thought that the encryption was pointless , anyway , since the phone can be told to turn it off .
Maybe by a third party micro cell site .</tokentext>
<sentencetext>A cellphone software developer once told me that poor encryption was used because if they did better, it would never be allowed to be exported.
I've always thought that the encryption was pointless, anyway, since the phone can be told to turn it off.
Maybe by a third party micro cell site.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578452</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578470</id>
	<title>GSM Talk Video</title>
	<author>Anonymous</author>
	<datestamp>1262014320000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>4</modscore>
	<htmltext><p>The NY Times article is missing quite a lot detail. Slashdot users might appreciate the raw video from the talk (torrent): <a href="http://rnmshot.dvrdns.org/26C3\_Torrents/26C3\_Day1\_GSM\_Part1.ogg.torrent" title="dvrdns.org">part 1</a> [dvrdns.org], <a href="http://rnmshot.dvrdns.org/26C3\_Torrents/26C3\_Day1\_GSM\_Part2.ogg.torrent" title="dvrdns.org">2</a> [dvrdns.org], <a href="http://rnmshot.dvrdns.org/26C3\_Torrents/GSM\_Part\_3.torrent" title="dvrdns.org">3</a> [dvrdns.org].</p></htmltext>
<tokenext>The NY Times article is missing quite a lot detail .
Slashdot users might appreciate the raw video from the talk ( torrent ) : part 1 [ dvrdns.org ] , 2 [ dvrdns.org ] , 3 [ dvrdns.org ] .</tokentext>
<sentencetext>The NY Times article is missing quite a lot detail.
Slashdot users might appreciate the raw video from the talk (torrent): part 1 [dvrdns.org], 2 [dvrdns.org], 3 [dvrdns.org].</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578750</id>
	<title>Still more secure than AMPS</title>
	<author>starbugs</author>
	<datestamp>1262016960000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Even if decryption of GSM is easy, it's still more secure than AMPS.</p><p>I just stopped using AMPS last year and I fully knew that anything I say can easily be overheard.<br>You just don't say anything sensitive over the phone.</p><p>Those worried about corporate espionage need a smart-phone with end to end encryption.<br>Maybe this will entice some hardware company to create an option for this.</p></htmltext>
<tokenext>Even if decryption of GSM is easy , it 's still more secure than AMPS.I just stopped using AMPS last year and I fully knew that anything I say can easily be overheard.You just do n't say anything sensitive over the phone.Those worried about corporate espionage need a smart-phone with end to end encryption.Maybe this will entice some hardware company to create an option for this .</tokentext>
<sentencetext>Even if decryption of GSM is easy, it's still more secure than AMPS.I just stopped using AMPS last year and I fully knew that anything I say can easily be overheard.You just don't say anything sensitive over the phone.Those worried about corporate espionage need a smart-phone with end to end encryption.Maybe this will entice some hardware company to create an option for this.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578238</id>
	<title>Ha Ha</title>
	<author>Anonymous</author>
	<datestamp>1262012700000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>4</modscore>
	<htmltext><p>What the operators really want is something secure enough so you can't practically listen to a politician's conversations, but open enough so the state can listen to any citizen's conversation. All in the same of National Security. We will only be secure when the reverse is true.</p></htmltext>
<tokenext>What the operators really want is something secure enough so you ca n't practically listen to a politician 's conversations , but open enough so the state can listen to any citizen 's conversation .
All in the same of National Security .
We will only be secure when the reverse is true .</tokentext>
<sentencetext>What the operators really want is something secure enough so you can't practically listen to a politician's conversations, but open enough so the state can listen to any citizen's conversation.
All in the same of National Security.
We will only be secure when the reverse is true.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30579070</id>
	<title>Re:Irony</title>
	<author>Anonymous</author>
	<datestamp>1262020680000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>That's isn't exactly new. Toxyn was showing that back in '97 at HIP.</p></htmltext>
<tokenext>That 's is n't exactly new .
Toxyn was showing that back in '97 at HIP .</tokentext>
<sentencetext>That's isn't exactly new.
Toxyn was showing that back in '97 at HIP.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578392</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30579892</id>
	<title>Re:This is the epitome of security through obscuri</title>
	<author>Eil</author>
	<datestamp>1262118480000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><blockquote><div><p>The group said that hackers intent on illegal eavesdropping would need a radio receiver system and signal processing software to process raw radio data, much of which is copyrighted.</p><p>Yes, that's right. Their main weapon in defending your privacy against crackers who don't care about the law at all is copyright.</p></div></blockquote><p>Yep, it's copyrighted alright. By the <a href="http://gnuradio.org/" title="gnuradio.org">Free Software Foundation</a> [gnuradio.org].</p></div>
	</htmltext>
<tokenext>The group said that hackers intent on illegal eavesdropping would need a radio receiver system and signal processing software to process raw radio data , much of which is copyrighted.Yes , that 's right .
Their main weapon in defending your privacy against crackers who do n't care about the law at all is copyright.Yep , it 's copyrighted alright .
By the Free Software Foundation [ gnuradio.org ] .</tokentext>
<sentencetext>The group said that hackers intent on illegal eavesdropping would need a radio receiver system and signal processing software to process raw radio data, much of which is copyrighted.Yes, that's right.
Their main weapon in defending your privacy against crackers who don't care about the law at all is copyright.Yep, it's copyrighted alright.
By the Free Software Foundation [gnuradio.org].
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578362</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30586268</id>
	<title>Re:And this is a nearly unsolveable problem.</title>
	<author>StikyPad</author>
	<datestamp>1262079900000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p><i>What he is doing would be illegal in Britain and the United States. <b>To do this while supposedly being concerned about privacy is beyond me.</b> </i></p><p>And what a non-sequitur.  Nothing about a desire for privacy is predicated upon respect for the law, or vice versa.  The two may have common interests at times, but it's entirely possible to have either one without the other.</p><p>More importantly, criminals -- by definition -- don't abide by the law, and implying that researchers shouldn't test the robustness of a protection mechanism against possible criminal tactics is beyond absurd.  Shall we next stop testing physical locks because it's illegal to break and enter?  Or stop testing vehicles for roadworthiness above 55MPH because that's the maximum speed limit (in some places)?  I'm sure the police would be equally happy to stop wearing vests because it's illegal to shoot a policeman.  "The law will keep us safe!" they'll sing, while doodling rainbows and unicorns in the margins of their citation forms.</p></htmltext>
<tokenext>What he is doing would be illegal in Britain and the United States .
To do this while supposedly being concerned about privacy is beyond me .
And what a non-sequitur .
Nothing about a desire for privacy is predicated upon respect for the law , or vice versa .
The two may have common interests at times , but it 's entirely possible to have either one without the other.More importantly , criminals -- by definition -- do n't abide by the law , and implying that researchers should n't test the robustness of a protection mechanism against possible criminal tactics is beyond absurd .
Shall we next stop testing physical locks because it 's illegal to break and enter ?
Or stop testing vehicles for roadworthiness above 55MPH because that 's the maximum speed limit ( in some places ) ?
I 'm sure the police would be equally happy to stop wearing vests because it 's illegal to shoot a policeman .
" The law will keep us safe !
" they 'll sing , while doodling rainbows and unicorns in the margins of their citation forms .</tokentext>
<sentencetext>What he is doing would be illegal in Britain and the United States.
To do this while supposedly being concerned about privacy is beyond me.
And what a non-sequitur.
Nothing about a desire for privacy is predicated upon respect for the law, or vice versa.
The two may have common interests at times, but it's entirely possible to have either one without the other.More importantly, criminals -- by definition -- don't abide by the law, and implying that researchers shouldn't test the robustness of a protection mechanism against possible criminal tactics is beyond absurd.
Shall we next stop testing physical locks because it's illegal to break and enter?
Or stop testing vehicles for roadworthiness above 55MPH because that's the maximum speed limit (in some places)?
I'm sure the police would be equally happy to stop wearing vests because it's illegal to shoot a policeman.
"The law will keep us safe!
" they'll sing, while doodling rainbows and unicorns in the margins of their citation forms.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578804</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30579032</id>
	<title>Re:And this is a nearly unsolveable problem.</title>
	<author>headkase</author>
	<datestamp>1262020440000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>This is why I don't take moderation here seriously, an overrated mod when I haven't been modded up or down?  Even though it does contribute information not present in the summary: an opinion?  And is not a troll?  Now that is just a way of saying "I don't agree with you."  Thank you for making that decision for <i>everyone</i> Mr. Modder.  Now, waste your points on this reply if you must, I have karma to burn as I've been around this block.  Plurality is a lesson that has not been tempered here.</htmltext>
<tokenext>This is why I do n't take moderation here seriously , an overrated mod when I have n't been modded up or down ?
Even though it does contribute information not present in the summary : an opinion ?
And is not a troll ?
Now that is just a way of saying " I do n't agree with you .
" Thank you for making that decision for everyone Mr. Modder. Now , waste your points on this reply if you must , I have karma to burn as I 've been around this block .
Plurality is a lesson that has not been tempered here .</tokentext>
<sentencetext>This is why I don't take moderation here seriously, an overrated mod when I haven't been modded up or down?
Even though it does contribute information not present in the summary: an opinion?
And is not a troll?
Now that is just a way of saying "I don't agree with you.
"  Thank you for making that decision for everyone Mr. Modder.  Now, waste your points on this reply if you must, I have karma to burn as I've been around this block.
Plurality is a lesson that has not been tempered here.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578478</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30586786</id>
	<title>Re:Criminals?</title>
	<author>dwye</author>
	<datestamp>1262082420000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>&gt; Can someone please tell me the difference between "governments"<br>&gt; and "well-funded criminal organizations"?</p><p>In this context, the difference is that governments have never needed to decrypt GSM signals because they could compel the operators to do it for them (eg, CALEA in the USA) with just an order (sometimes with accompanying paperwork).  Now, anyone can do it with a simple application of money, probably small enough that a single Hell's Angel chapter could afford it, if they start recruiting telecommunications professionals as they did lawyers.</p></htmltext>
<tokenext>&gt; Can someone please tell me the difference between " governments " &gt; and " well-funded criminal organizations " ? In this context , the difference is that governments have never needed to decrypt GSM signals because they could compel the operators to do it for them ( eg , CALEA in the USA ) with just an order ( sometimes with accompanying paperwork ) .
Now , anyone can do it with a simple application of money , probably small enough that a single Hell 's Angel chapter could afford it , if they start recruiting telecommunications professionals as they did lawyers .</tokentext>
<sentencetext>&gt; Can someone please tell me the difference between "governments"&gt; and "well-funded criminal organizations"?In this context, the difference is that governments have never needed to decrypt GSM signals because they could compel the operators to do it for them (eg, CALEA in the USA) with just an order (sometimes with accompanying paperwork).
Now, anyone can do it with a simple application of money, probably small enough that a single Hell's Angel chapter could afford it, if they start recruiting telecommunications professionals as they did lawyers.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30579872</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30579524</id>
	<title>Re:Pna lbh urne zr abj?</title>
	<author>Anonymous</author>
	<datestamp>1262026020000</datestamp>
	<modclass>Funny</modclass>
	<modscore>5</modscore>
	<htmltext><p><div class="quote"><p>Is this encryption only secure until I tell people that this is ROT-13?</p></div><p>Yes, but what you are doing is illegal in Britain and in the United States.</p></div>
	</htmltext>
<tokenext>Is this encryption only secure until I tell people that this is ROT-13 ? Yes , but what you are doing is illegal in Britain and in the United States .</tokentext>
<sentencetext>Is this encryption only secure until I tell people that this is ROT-13?Yes, but what you are doing is illegal in Britain and in the United States.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578348</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30583068</id>
	<title>Re:Pna lbh urne zr abj?</title>
	<author>SnarfQuest</author>
	<datestamp>1262108280000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>I've been encrypting everything I use by running it through ROT-13 twice, and so far, nobody has admitted to have broken my encryption!</p><p>My professor told me that anyone would be embarassed to admit such a thing, so score one to me for the potential of using embarassment as an encryption enhancement!</p></htmltext>
<tokenext>I 've been encrypting everything I use by running it through ROT-13 twice , and so far , nobody has admitted to have broken my encryption ! My professor told me that anyone would be embarassed to admit such a thing , so score one to me for the potential of using embarassment as an encryption enhancement !</tokentext>
<sentencetext>I've been encrypting everything I use by running it through ROT-13 twice, and so far, nobody has admitted to have broken my encryption!My professor told me that anyone would be embarassed to admit such a thing, so score one to me for the potential of using embarassment as an encryption enhancement!</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578348</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578240</id>
	<title>DUH!</title>
	<author>headkase</author>
	<datestamp>1262012700000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>"To do this while supposedly concerned about privacy..."<br>
<br>
Duh.  Paint me yellow and let me run down the street.  OF COURSE he is concerned about privacy because we all know how organizations <i>always</i> act fast and in the interests of their customers with absolutely no outside stimulus!  Absolutely shocking, he should be hanged.  (Choose whoever you think I'm referring to with "he")</htmltext>
<tokenext>" To do this while supposedly concerned about privacy... " Duh .
Paint me yellow and let me run down the street .
OF COURSE he is concerned about privacy because we all know how organizations always act fast and in the interests of their customers with absolutely no outside stimulus !
Absolutely shocking , he should be hanged .
( Choose whoever you think I 'm referring to with " he " )</tokentext>
<sentencetext>"To do this while supposedly concerned about privacy..."

Duh.
Paint me yellow and let me run down the street.
OF COURSE he is concerned about privacy because we all know how organizations always act fast and in the interests of their customers with absolutely no outside stimulus!
Absolutely shocking, he should be hanged.
(Choose whoever you think I'm referring to with "he")</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30582508</id>
	<title>Re:Ha Ha</title>
	<author>Anonymous</author>
	<datestamp>1262105100000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p><div class="quote"><p>I am sick and tired of conspiracy theories.</p></div><p>That's because the government has secret division of their propaganda warmachine that troll their days in the internet, claiming to be conspiracy theorists. They make unfounded an often incoherent statements with little to no evidence, thus labeling everyone who spreads conspiracy theories as total nutjobs. Thus they can drown the real theories and arguments to the sea of incoherence.</p><p>(<a href="http://rationalwiki.com/wiki/Poe's\_Law" title="rationalwiki.com" rel="nofollow">Poe's Law</a> [rationalwiki.com])</p></div>
	</htmltext>
<tokenext>I am sick and tired of conspiracy theories.That 's because the government has secret division of their propaganda warmachine that troll their days in the internet , claiming to be conspiracy theorists .
They make unfounded an often incoherent statements with little to no evidence , thus labeling everyone who spreads conspiracy theories as total nutjobs .
Thus they can drown the real theories and arguments to the sea of incoherence .
( Poe 's Law [ rationalwiki.com ] )</tokentext>
<sentencetext>I am sick and tired of conspiracy theories.That's because the government has secret division of their propaganda warmachine that troll their days in the internet, claiming to be conspiracy theorists.
They make unfounded an often incoherent statements with little to no evidence, thus labeling everyone who spreads conspiracy theories as total nutjobs.
Thus they can drown the real theories and arguments to the sea of incoherence.
(Poe's Law [rationalwiki.com])
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578700</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30580228</id>
	<title>Re:Ha Ha</title>
	<author>cerberusss</author>
	<datestamp>1262080860000</datestamp>
	<modclass>Funny</modclass>
	<modscore>2</modscore>
	<htmltext><p><div class="quote"><p>A politician's conversations, when they are being done in his role as a representative of the public, should be a matter of public record anyway, surely?</p></div><p>This would be an excellent idea.Politicians' phones would be set to broadcast, for all to receive. And at certain hours of the day, their mobile phones will limit themselves and use a private channel for communications. We could dub these hours Warranted Hours Of Risk-free Egress, W.H.O.R.E. for short.</p></div>
	</htmltext>
<tokenext>A politician 's conversations , when they are being done in his role as a representative of the public , should be a matter of public record anyway , surely ? This would be an excellent idea.Politicians ' phones would be set to broadcast , for all to receive .
And at certain hours of the day , their mobile phones will limit themselves and use a private channel for communications .
We could dub these hours Warranted Hours Of Risk-free Egress , W.H.O.R.E .
for short .</tokentext>
<sentencetext>A politician's conversations, when they are being done in his role as a representative of the public, should be a matter of public record anyway, surely?This would be an excellent idea.Politicians' phones would be set to broadcast, for all to receive.
And at certain hours of the day, their mobile phones will limit themselves and use a private channel for communications.
We could dub these hours Warranted Hours Of Risk-free Egress, W.H.O.R.E.
for short.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578722</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30584654</id>
	<title>Re:GSM Talk Video</title>
	<author>Anonymous</author>
	<datestamp>1262115720000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Good-quality copies of the talks are now available at <a href="http://events.ccc.de/congress/2009/wiki/Conference\_Recordings" title="events.ccc.de" rel="nofollow">the web site</a> [events.ccc.de]. Look for 26c3-3654-en-gsm\_srsly.mp4.</p></htmltext>
<tokenext>Good-quality copies of the talks are now available at the web site [ events.ccc.de ] .
Look for 26c3-3654-en-gsm \ _srsly.mp4 .</tokentext>
<sentencetext>Good-quality copies of the talks are now available at the web site [events.ccc.de].
Look for 26c3-3654-en-gsm\_srsly.mp4.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578470</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578722</id>
	<title>Re:Ha Ha</title>
	<author>trawg</author>
	<datestamp>1262016660000</datestamp>
	<modclass>Funny</modclass>
	<modscore>2</modscore>
	<htmltext><p>A politician's conversations, when they are being done in his role as a representative of the public, should be a matter of public record anyway, surely?</p></htmltext>
<tokenext>A politician 's conversations , when they are being done in his role as a representative of the public , should be a matter of public record anyway , surely ?</tokentext>
<sentencetext>A politician's conversations, when they are being done in his role as a representative of the public, should be a matter of public record anyway, surely?</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578238</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578408</id>
	<title>Spin city.</title>
	<author>ScrewMaster</author>
	<datestamp>1262013840000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>5</modscore>
	<htmltext><p><div class="quote"><p>called Mr. Nohl's efforts illegal</p></div><p>So? What has that to do with whether or not he actually did what he says he did? It's not even worth mentioning. A good encryption system should not depend upon the presumed illegality of breaking it.</p><p><div class="quote"><p>says Claire Cranton, a GSM spokeswoman, noting that no one else had broken the code since its adoption.</p> </div><p>That you know of, lady. If this guy really has cracked it, odds are someone else has sometime in the past two decades, but wasn't kind enough to so inform you.</p></div>
	</htmltext>
<tokenext>called Mr. Nohl 's efforts illegalSo ?
What has that to do with whether or not he actually did what he says he did ?
It 's not even worth mentioning .
A good encryption system should not depend upon the presumed illegality of breaking it.says Claire Cranton , a GSM spokeswoman , noting that no one else had broken the code since its adoption .
That you know of , lady .
If this guy really has cracked it , odds are someone else has sometime in the past two decades , but was n't kind enough to so inform you .</tokentext>
<sentencetext>called Mr. Nohl's efforts illegalSo?
What has that to do with whether or not he actually did what he says he did?
It's not even worth mentioning.
A good encryption system should not depend upon the presumed illegality of breaking it.says Claire Cranton, a GSM spokeswoman, noting that no one else had broken the code since its adoption.
That you know of, lady.
If this guy really has cracked it, odds are someone else has sometime in the past two decades, but wasn't kind enough to so inform you.
	</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30582934</id>
	<title>Seriously...</title>
	<author>Anonymous</author>
	<datestamp>1262107620000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Come on... anybody who thought GSM was secure and nobody could intercept it is a moron. There are other well-known techniques such as IMSI-catchers which allow you to perform a MITM-attack and force the phone to use A5/0-mode (which means no encryption). </p><p>Not to mention that most governments can intercept the phone calls anyway.</p></htmltext>
<tokenext>Come on... anybody who thought GSM was secure and nobody could intercept it is a moron .
There are other well-known techniques such as IMSI-catchers which allow you to perform a MITM-attack and force the phone to use A5/0-mode ( which means no encryption ) .
Not to mention that most governments can intercept the phone calls anyway .</tokentext>
<sentencetext>Come on... anybody who thought GSM was secure and nobody could intercept it is a moron.
There are other well-known techniques such as IMSI-catchers which allow you to perform a MITM-attack and force the phone to use A5/0-mode (which means no encryption).
Not to mention that most governments can intercept the phone calls anyway.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578858</id>
	<title>Re:And this is a nearly unsolveable problem.</title>
	<author>Kjella</author>
	<datestamp>1262018400000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Simple. If they really did use a proper algorithm, then NSA would be on par with any 3rd world nation. That is why there are still crypto export restrictions, very powerful organizations don't want a level playing field. It's not about spying on your own, everyone can do that but it's about spying on everyone else. And the only reason it will get fixed is because of foreign and corporate espionage, not because you don't like them snooping. Still, I guess you should appriciate the things that do get fixed...</p></htmltext>
<tokenext>Simple .
If they really did use a proper algorithm , then NSA would be on par with any 3rd world nation .
That is why there are still crypto export restrictions , very powerful organizations do n't want a level playing field .
It 's not about spying on your own , everyone can do that but it 's about spying on everyone else .
And the only reason it will get fixed is because of foreign and corporate espionage , not because you do n't like them snooping .
Still , I guess you should appriciate the things that do get fixed.. .</tokentext>
<sentencetext>Simple.
If they really did use a proper algorithm, then NSA would be on par with any 3rd world nation.
That is why there are still crypto export restrictions, very powerful organizations don't want a level playing field.
It's not about spying on your own, everyone can do that but it's about spying on everyone else.
And the only reason it will get fixed is because of foreign and corporate espionage, not because you don't like them snooping.
Still, I guess you should appriciate the things that do get fixed...</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578402</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30582812</id>
	<title>Typo in the brief</title>
	<author>chord.wav</author>
	<datestamp>1262106840000</datestamp>
	<modclass>Funny</modclass>
	<modscore>2</modscore>
	<htmltext><p><div class="quote"><p>Nohl's efforts could put sophisticated mobile interception technology -- limited to governments and intelligence agencies -- within the reach of any <b>OTHER</b> reasonable well-funded criminal organization.</p></div><p>
Fixed</p></div>
	</htmltext>
<tokenext>Nohl 's efforts could put sophisticated mobile interception technology -- limited to governments and intelligence agencies -- within the reach of any OTHER reasonable well-funded criminal organization .
Fixed</tokentext>
<sentencetext>Nohl's efforts could put sophisticated mobile interception technology -- limited to governments and intelligence agencies -- within the reach of any OTHER reasonable well-funded criminal organization.
Fixed
	</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30581468</id>
	<title>blh</title>
	<author>Anonymous</author>
	<datestamp>1262098140000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>A5/1 was cracked in 1999.</p><p>http://cryptome.org/a51-crack.htm</p></htmltext>
<tokenext>A5/1 was cracked in 1999.http : //cryptome.org/a51-crack.htm</tokentext>
<sentencetext>A5/1 was cracked in 1999.http://cryptome.org/a51-crack.htm</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578834</id>
	<title>Re:Irony</title>
	<author>shentino</author>
	<datestamp>1262018100000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>It's already been broken.</p><p>All this does is scare people into not putting stuff on so-called secure airwaves that really are anything but.</p><p>And if you're sending patient records over a GSM network then you deserve to get stomped by the HIPAApottamus anyway.</p><p>Seriously, at least encrypt the fuckers.</p></htmltext>
<tokenext>It 's already been broken.All this does is scare people into not putting stuff on so-called secure airwaves that really are anything but.And if you 're sending patient records over a GSM network then you deserve to get stomped by the HIPAApottamus anyway.Seriously , at least encrypt the fuckers .</tokentext>
<sentencetext>It's already been broken.All this does is scare people into not putting stuff on so-called secure airwaves that really are anything but.And if you're sending patient records over a GSM network then you deserve to get stomped by the HIPAApottamus anyway.Seriously, at least encrypt the fuckers.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578210</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30581458</id>
	<title>Links to Karsten's presentation and project</title>
	<author>klapaucjusz</author>
	<datestamp>1262098020000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p> <a href="http://events.ccc.de/congress/2009/Fahrplan/attachments/1479\_26C3.Karsten.Nohl.GSM.pdf" title="events.ccc.de">Slides from Karsten's presentation at the CCC</a> [events.ccc.de].

</p><p> <a href="http://reflextor.com/trac/a51" title="reflextor.com">The A5/1 cracking project</a> [reflextor.com].</p></htmltext>
<tokenext>Slides from Karsten 's presentation at the CCC [ events.ccc.de ] .
The A5/1 cracking project [ reflextor.com ] .</tokentext>
<sentencetext> Slides from Karsten's presentation at the CCC [events.ccc.de].
The A5/1 cracking project [reflextor.com].</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30580054</id>
	<title>Re:And this is a nearly unsolveable problem.</title>
	<author>Anonymous</author>
	<datestamp>1262077440000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>4</modscore>
	<htmltext><p><div class="quote"><p>At a guess, they didn't use DES back when because DES is computationally intensive, i.e. slow.  This is especially important when you've got a small-for-the-day device that runs on batteries and must provide something approaching real-time performance.</p></div><p>It's more likely that the issue was that the US Government of the day (remember, we are talking mid 80s) would have thrown a total wobbly at the use of DES in technology being installed the world over. Crypto is an area where the effective regulatory landscape has changed rather a lot over the past 25 years.</p></div>
	</htmltext>
<tokenext>At a guess , they did n't use DES back when because DES is computationally intensive , i.e .
slow. This is especially important when you 've got a small-for-the-day device that runs on batteries and must provide something approaching real-time performance.It 's more likely that the issue was that the US Government of the day ( remember , we are talking mid 80s ) would have thrown a total wobbly at the use of DES in technology being installed the world over .
Crypto is an area where the effective regulatory landscape has changed rather a lot over the past 25 years .</tokentext>
<sentencetext>At a guess, they didn't use DES back when because DES is computationally intensive, i.e.
slow.  This is especially important when you've got a small-for-the-day device that runs on batteries and must provide something approaching real-time performance.It's more likely that the issue was that the US Government of the day (remember, we are talking mid 80s) would have thrown a total wobbly at the use of DES in technology being installed the world over.
Crypto is an area where the effective regulatory landscape has changed rather a lot over the past 25 years.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578906</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30589352</id>
	<title>Re:And this is a nearly unsolveable problem.</title>
	<author>Anonymous</author>
	<datestamp>1262095800000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>     DES (and 3DES) was rejected for GSM for 2 reasons:<br>
&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; 1) It was considered too computationally expensive.  Recall that GSM is NOT a modern standard, it was standardized in the mid-1980s.  3DES would have been far too expensive to run in something like a phone back then, and if there was a hardware implementation it was very expensive.</p><p>
&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; 2) There was a raging fight due to Cold War concerns regarding the Soviet bloc, Berlin wall, etc... Recall there's a very long border between the (big W) Western European countries, and the Soviet bloc eastern European countries, making it realistically possible to aim an antenna over the border and pick up signals.  Some countries wanted very weak crypto, so they could spy on the Soviet bloc.  The ones near the border wanted strong crypto so the Soviet bloc could not spy on them.  The compromise was A5/0, which is a null crypto, A5/1 which is the "standard" crypto (but weaker then Germany for instance wanted), and A5/2 which was a weaker crypto specifically for export hardware (i.e. exported to soviet countries, etc.)</p><p>From the article:<br>
&nbsp; 'This is theoretically possible but practically unlikely,' says Claire Cranton, a GSM spokeswoman, noting that no one else had broken the code since its adoption.</p><p>
&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; This is a flat-out lie.  Weaknesses were found by 2000, and it was proven several years ago that a rainbow table could easily be generated (around 2TB of data) to crack GSM.  The GSM Association spokeperson then also made the absurd claim that the attack was infeasbile because nobody could store 2TB of data -- despite 2TB of storage costing about $400 back then.  There were vague rumours of real-time cracking not only being possible but in the wild going back to at least 2002.  Also, by trying to use legal posturing, frankly they can go fuck themselves.</p><p>
&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; This is not a big deal though -- as Krasten Nohl says, A5/3 exists, it's MUCH stronger than A5/1, both in terms of longer key length and actually being subject to more modern cryptological analysis before being released.  What he doesn't say is A5/3 support is mandatory in all UMTS (i.e. GSM "3G") phones and base stations, and for the most part newer GSM (non-"3G") phones also support A5/3.  So the cell companies equipment and the user's phone most likely both support A5/3 already.  They just need to use it.</p></htmltext>
<tokenext>DES ( and 3DES ) was rejected for GSM for 2 reasons :           1 ) It was considered too computationally expensive .
Recall that GSM is NOT a modern standard , it was standardized in the mid-1980s .
3DES would have been far too expensive to run in something like a phone back then , and if there was a hardware implementation it was very expensive .
          2 ) There was a raging fight due to Cold War concerns regarding the Soviet bloc , Berlin wall , etc... Recall there 's a very long border between the ( big W ) Western European countries , and the Soviet bloc eastern European countries , making it realistically possible to aim an antenna over the border and pick up signals .
Some countries wanted very weak crypto , so they could spy on the Soviet bloc .
The ones near the border wanted strong crypto so the Soviet bloc could not spy on them .
The compromise was A5/0 , which is a null crypto , A5/1 which is the " standard " crypto ( but weaker then Germany for instance wanted ) , and A5/2 which was a weaker crypto specifically for export hardware ( i.e .
exported to soviet countries , etc .
) From the article :   'This is theoretically possible but practically unlikely, ' says Claire Cranton , a GSM spokeswoman , noting that no one else had broken the code since its adoption .
          This is a flat-out lie .
Weaknesses were found by 2000 , and it was proven several years ago that a rainbow table could easily be generated ( around 2TB of data ) to crack GSM .
The GSM Association spokeperson then also made the absurd claim that the attack was infeasbile because nobody could store 2TB of data -- despite 2TB of storage costing about $ 400 back then .
There were vague rumours of real-time cracking not only being possible but in the wild going back to at least 2002 .
Also , by trying to use legal posturing , frankly they can go fuck themselves .
          This is not a big deal though -- as Krasten Nohl says , A5/3 exists , it 's MUCH stronger than A5/1 , both in terms of longer key length and actually being subject to more modern cryptological analysis before being released .
What he does n't say is A5/3 support is mandatory in all UMTS ( i.e .
GSM " 3G " ) phones and base stations , and for the most part newer GSM ( non- " 3G " ) phones also support A5/3 .
So the cell companies equipment and the user 's phone most likely both support A5/3 already .
They just need to use it .</tokentext>
<sentencetext>     DES (and 3DES) was rejected for GSM for 2 reasons:
          1) It was considered too computationally expensive.
Recall that GSM is NOT a modern standard, it was standardized in the mid-1980s.
3DES would have been far too expensive to run in something like a phone back then, and if there was a hardware implementation it was very expensive.
          2) There was a raging fight due to Cold War concerns regarding the Soviet bloc, Berlin wall, etc... Recall there's a very long border between the (big W) Western European countries, and the Soviet bloc eastern European countries, making it realistically possible to aim an antenna over the border and pick up signals.
Some countries wanted very weak crypto, so they could spy on the Soviet bloc.
The ones near the border wanted strong crypto so the Soviet bloc could not spy on them.
The compromise was A5/0, which is a null crypto, A5/1 which is the "standard" crypto (but weaker then Germany for instance wanted), and A5/2 which was a weaker crypto specifically for export hardware (i.e.
exported to soviet countries, etc.
)From the article:
  'This is theoretically possible but practically unlikely,' says Claire Cranton, a GSM spokeswoman, noting that no one else had broken the code since its adoption.
          This is a flat-out lie.
Weaknesses were found by 2000, and it was proven several years ago that a rainbow table could easily be generated (around 2TB of data) to crack GSM.
The GSM Association spokeperson then also made the absurd claim that the attack was infeasbile because nobody could store 2TB of data -- despite 2TB of storage costing about $400 back then.
There were vague rumours of real-time cracking not only being possible but in the wild going back to at least 2002.
Also, by trying to use legal posturing, frankly they can go fuck themselves.
          This is not a big deal though -- as Krasten Nohl says, A5/3 exists, it's MUCH stronger than A5/1, both in terms of longer key length and actually being subject to more modern cryptological analysis before being released.
What he doesn't say is A5/3 support is mandatory in all UMTS (i.e.
GSM "3G") phones and base stations, and for the most part newer GSM (non-"3G") phones also support A5/3.
So the cell companies equipment and the user's phone most likely both support A5/3 already.
They just need to use it.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578402</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30581164</id>
	<title>Re:Ha Ha</title>
	<author>Anonymous</author>
	<datestamp>1262095080000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>It's probably worth considering that being able to easily break the cipher means corporate opposition, criminal elements, and ex-lovers now don't have to cry that they're not entitled to wiretapping because they can do it easily.</p><p>I'd also try to get over your aversion to conspiracy theories. Humans conspire in numerous circumstances for a variety of reasons. Get used to it. By automatically dismissing anything with a whiff of "conspiracy theory" about it you'll certainly overlook all those conspiracy facts, of which there are quite a few.</p></htmltext>
<tokenext>It 's probably worth considering that being able to easily break the cipher means corporate opposition , criminal elements , and ex-lovers now do n't have to cry that they 're not entitled to wiretapping because they can do it easily.I 'd also try to get over your aversion to conspiracy theories .
Humans conspire in numerous circumstances for a variety of reasons .
Get used to it .
By automatically dismissing anything with a whiff of " conspiracy theory " about it you 'll certainly overlook all those conspiracy facts , of which there are quite a few .</tokentext>
<sentencetext>It's probably worth considering that being able to easily break the cipher means corporate opposition, criminal elements, and ex-lovers now don't have to cry that they're not entitled to wiretapping because they can do it easily.I'd also try to get over your aversion to conspiracy theories.
Humans conspire in numerous circumstances for a variety of reasons.
Get used to it.
By automatically dismissing anything with a whiff of "conspiracy theory" about it you'll certainly overlook all those conspiracy facts, of which there are quite a few.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578700</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30581050</id>
	<title>Re:And this is a nearly unsolveable problem.</title>
	<author>WegianWarrior</author>
	<datestamp>1262093400000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>Because GSM was <a href="http://en.wikipedia.org/wiki/Gsm#GSM\_security" title="wikipedia.org">designed to have a <b>moderate</b> level of security</a> [wikipedia.org], not a high one? Because in 1990 - <a href="http://en.wikipedia.org/wiki/Gsm#History" title="wikipedia.org">when the GSM specifications were published</a> [wikipedia.org] - breaking cipher streams were a magnitude harder than today? Because back then the hardware needed to implement the encryption standards you suggest were both costly and ate a lot of battery?<br>

We could probably do a lot better if we scrap the current cellphone systems and start from scratch. But like the railways with their standard gauge of 4'8&#189;", it's going to cost a LOT of cash to tear up the infrastructure and start over... not to mention that everyone would need to buy new cellphones (or rolling stock, to stick to the analogy).</htmltext>
<tokenext>Because GSM was designed to have a moderate level of security [ wikipedia.org ] , not a high one ?
Because in 1990 - when the GSM specifications were published [ wikipedia.org ] - breaking cipher streams were a magnitude harder than today ?
Because back then the hardware needed to implement the encryption standards you suggest were both costly and ate a lot of battery ?
We could probably do a lot better if we scrap the current cellphone systems and start from scratch .
But like the railways with their standard gauge of 4'8   " , it 's going to cost a LOT of cash to tear up the infrastructure and start over... not to mention that everyone would need to buy new cellphones ( or rolling stock , to stick to the analogy ) .</tokentext>
<sentencetext>Because GSM was designed to have a moderate level of security [wikipedia.org], not a high one?
Because in 1990 - when the GSM specifications were published [wikipedia.org] - breaking cipher streams were a magnitude harder than today?
Because back then the hardware needed to implement the encryption standards you suggest were both costly and ate a lot of battery?
We could probably do a lot better if we scrap the current cellphone systems and start from scratch.
But like the railways with their standard gauge of 4'8½", it's going to cost a LOT of cash to tear up the infrastructure and start over... not to mention that everyone would need to buy new cellphones (or rolling stock, to stick to the analogy).</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578402</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30579468</id>
	<title>Duck-Based Cryptanalysis</title>
	<author>beej</author>
	<datestamp>1262025180000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p><div class="quote"><p>The GSM Association, the industry group based in London that devised the algorithm and represents wireless operators, called Mr. Nohl's efforts illegal and said they overstated the security threat to wireless calls. 'This is theoretically possible but practically unlikely,' says Claire Cranton, a GSM spokeswoman, noting that no one else had broken the code since its adoption. 'What he is doing would be illegal in Britain and the United States. To do this while supposedly being concerned about privacy is beyond me.'</p></div><p>Oh, so now it's illegal to divulge impractical attacks that do not threaten privacy?</p><p>So it has come to this... At last I'm a <i>positive badass</i> for my GSM attack where you build a Turing-complete duck-based processor (using tasty duck treats to encourage the ducks to behave like little waddling transistors) and then use that to attack the crypto through brute-<b>quacking</b>-force!  Ahhh HA HA HA!</p><p>You'll never catch me, coppers!</p></div>
	</htmltext>
<tokenext>The GSM Association , the industry group based in London that devised the algorithm and represents wireless operators , called Mr. Nohl 's efforts illegal and said they overstated the security threat to wireless calls .
'This is theoretically possible but practically unlikely, ' says Claire Cranton , a GSM spokeswoman , noting that no one else had broken the code since its adoption .
'What he is doing would be illegal in Britain and the United States .
To do this while supposedly being concerned about privacy is beyond me .
'Oh , so now it 's illegal to divulge impractical attacks that do not threaten privacy ? So it has come to this... At last I 'm a positive badass for my GSM attack where you build a Turing-complete duck-based processor ( using tasty duck treats to encourage the ducks to behave like little waddling transistors ) and then use that to attack the crypto through brute-quacking-force !
Ahhh HA HA HA ! You 'll never catch me , coppers !</tokentext>
<sentencetext>The GSM Association, the industry group based in London that devised the algorithm and represents wireless operators, called Mr. Nohl's efforts illegal and said they overstated the security threat to wireless calls.
'This is theoretically possible but practically unlikely,' says Claire Cranton, a GSM spokeswoman, noting that no one else had broken the code since its adoption.
'What he is doing would be illegal in Britain and the United States.
To do this while supposedly being concerned about privacy is beyond me.
'Oh, so now it's illegal to divulge impractical attacks that do not threaten privacy?So it has come to this... At last I'm a positive badass for my GSM attack where you build a Turing-complete duck-based processor (using tasty duck treats to encourage the ducks to behave like little waddling transistors) and then use that to attack the crypto through brute-quacking-force!
Ahhh HA HA HA!You'll never catch me, coppers!
	</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578212</id>
	<title>Pna lbh urne zr abj?</title>
	<author>Tackhead</author>
	<datestamp>1262012400000</datestamp>
	<modclass>Funny</modclass>
	<modscore>4</modscore>
	<htmltext>Pna lbh urne zr abj?
<p>
Jul lrf, V pna!<br>- AFN</p></htmltext>
<tokenext>Pna lbh urne zr abj ?
Jul lrf , V pna ! - AFN</tokentext>
<sentencetext>Pna lbh urne zr abj?
Jul lrf, V pna!- AFN</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30579346</id>
	<title>Was was published were attack tables</title>
	<author>Anonymous</author>
	<datestamp>1262023560000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>The material published was not the GSM encryption algorithm, A5/1, which has been known for a long time. What is new is precomputed tables that make decryption very fast. These are similar to rainbow tables but combine additional compression techniques a better time-memory tradeoff.</p></htmltext>
<tokenext>The material published was not the GSM encryption algorithm , A5/1 , which has been known for a long time .
What is new is precomputed tables that make decryption very fast .
These are similar to rainbow tables but combine additional compression techniques a better time-memory tradeoff .</tokentext>
<sentencetext>The material published was not the GSM encryption algorithm, A5/1, which has been known for a long time.
What is new is precomputed tables that make decryption very fast.
These are similar to rainbow tables but combine additional compression techniques a better time-memory tradeoff.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30581322</id>
	<title>Comparison with CDMA</title>
	<author>Mr2001</author>
	<datestamp>1262096940000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>2</modscore>
	<htmltext><p>CDMA uses the <a href="http://www.schneier.com/paper-cmea.pdf" title="schneier.com">CMEA</a> [schneier.com] and <a href="http://www.schneier.com/paper-oryx.pdf" title="schneier.com">ORYX</a> [schneier.com] algorithms, which are pretty weak as well, as shown in the linked papers. However, CDMA has somewhat of an advantage, because it's difficult to obtain the encrypted data stream in the first place: the nature of CDMA transmission means you can't pull a signal out of the noise unless you know the codes being used by the base station and handset.</p></htmltext>
<tokenext>CDMA uses the CMEA [ schneier.com ] and ORYX [ schneier.com ] algorithms , which are pretty weak as well , as shown in the linked papers .
However , CDMA has somewhat of an advantage , because it 's difficult to obtain the encrypted data stream in the first place : the nature of CDMA transmission means you ca n't pull a signal out of the noise unless you know the codes being used by the base station and handset .</tokentext>
<sentencetext>CDMA uses the CMEA [schneier.com] and ORYX [schneier.com] algorithms, which are pretty weak as well, as shown in the linked papers.
However, CDMA has somewhat of an advantage, because it's difficult to obtain the encrypted data stream in the first place: the nature of CDMA transmission means you can't pull a signal out of the noise unless you know the codes being used by the base station and handset.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30581990</id>
	<title>Phones should encrypt end-to-end</title>
	<author>MobyDisk</author>
	<datestamp>1262102160000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>3</modscore>
	<htmltext><p>If anyone wants actual security on a phone, the phones should encrypt end-to-end so that the carrier doesn't know the phone call.  The difficulty here is getting a certificate system in place.  But there are several viable solutions to that.</p></htmltext>
<tokenext>If anyone wants actual security on a phone , the phones should encrypt end-to-end so that the carrier does n't know the phone call .
The difficulty here is getting a certificate system in place .
But there are several viable solutions to that .</tokentext>
<sentencetext>If anyone wants actual security on a phone, the phones should encrypt end-to-end so that the carrier doesn't know the phone call.
The difficulty here is getting a certificate system in place.
But there are several viable solutions to that.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30585306</id>
	<title>Re:Ha Ha</title>
	<author>sjames</author>
	<datestamp>1262118780000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Suitable encryption algorithms have been known for a very long time. Why they didn't choose one of them at the time is an open question. They actually spent more money by not choosing a readily available off-the-shelf  algorithm with a proven track record.</p><p>Presuming that any cipher is secure forever has been proven foolish time after time. Even a tiny bit of foresight would have told them they need to keep it modular and easily replaceable. Had they made the encryption negotiable, they could have phased in a new cipher years ago to keep up with the times. By now, given the churn in hardware the last of the A5/1 devices would have been retired or upgraded by now.</p></htmltext>
<tokenext>Suitable encryption algorithms have been known for a very long time .
Why they did n't choose one of them at the time is an open question .
They actually spent more money by not choosing a readily available off-the-shelf algorithm with a proven track record.Presuming that any cipher is secure forever has been proven foolish time after time .
Even a tiny bit of foresight would have told them they need to keep it modular and easily replaceable .
Had they made the encryption negotiable , they could have phased in a new cipher years ago to keep up with the times .
By now , given the churn in hardware the last of the A5/1 devices would have been retired or upgraded by now .</tokentext>
<sentencetext>Suitable encryption algorithms have been known for a very long time.
Why they didn't choose one of them at the time is an open question.
They actually spent more money by not choosing a readily available off-the-shelf  algorithm with a proven track record.Presuming that any cipher is secure forever has been proven foolish time after time.
Even a tiny bit of foresight would have told them they need to keep it modular and easily replaceable.
Had they made the encryption negotiable, they could have phased in a new cipher years ago to keep up with the times.
By now, given the churn in hardware the last of the A5/1 devices would have been retired or upgraded by now.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578452</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30582844</id>
	<title>Re:Ha Ha</title>
	<author>Anonymous</author>
	<datestamp>1262107020000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p><i>As another poster mentioned, the government can already get a wiretap easily enough without having to break the cipher.</i></p><p>Possibly not when they're sat in a flat top off someone else's coast and it's someone else's government's GSM they want to tap.</p></htmltext>
<tokenext>As another poster mentioned , the government can already get a wiretap easily enough without having to break the cipher.Possibly not when they 're sat in a flat top off someone else 's coast and it 's someone else 's government 's GSM they want to tap .</tokentext>
<sentencetext>As another poster mentioned, the government can already get a wiretap easily enough without having to break the cipher.Possibly not when they're sat in a flat top off someone else's coast and it's someone else's government's GSM they want to tap.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578700</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30582090</id>
	<title>"What they are doing is illegal in US and UK"</title>
	<author>exabrial</author>
	<datestamp>1262102640000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>You must be new here, welcome!</htmltext>
<tokenext>You must be new here , welcome !</tokentext>
<sentencetext>You must be new here, welcome!</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578478</id>
	<title>Re:And this is a nearly unsolveable problem.</title>
	<author>headkase</author>
	<datestamp>1262014380000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext>As the article mentions, they are trying to find the balance where you <i>feel</i> secure but they <i>can</i> spy on you if in their infinite wisdom <b>they</b> feel it is necessary.  Yay, government in a democracy.</htmltext>
<tokenext>As the article mentions , they are trying to find the balance where you feel secure but they can spy on you if in their infinite wisdom they feel it is necessary .
Yay , government in a democracy .</tokentext>
<sentencetext>As the article mentions, they are trying to find the balance where you feel secure but they can spy on you if in their infinite wisdom they feel it is necessary.
Yay, government in a democracy.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578402</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578406</id>
	<title>GSM Association</title>
	<author>Pooch Bushey</author>
	<datestamp>1262013780000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>5</modscore>
	<htmltext><p>"To do this while supposedly being concerned about privacy is beyond me"</p><p>can someone point me to the article where the GSM Association was outraged when it learned of the illegal wiretapping program which the carriers happily participated in as agents of the u.s. government?  i'm sure they protested that, right?  riiight?</p></htmltext>
<tokenext>" To do this while supposedly being concerned about privacy is beyond me " can someone point me to the article where the GSM Association was outraged when it learned of the illegal wiretapping program which the carriers happily participated in as agents of the u.s. government ? i 'm sure they protested that , right ?
riiight ?</tokentext>
<sentencetext>"To do this while supposedly being concerned about privacy is beyond me"can someone point me to the article where the GSM Association was outraged when it learned of the illegal wiretapping program which the carriers happily participated in as agents of the u.s. government?  i'm sure they protested that, right?
riiight?</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30580062</id>
	<title>Re:And this is a nearly unsolveable problem.</title>
	<author>koiransuklaa</author>
	<datestamp>1262077560000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>It's a single mod on a single post. Whether this one mod is correct or not (your post can be overrated even if it's not been modded) does not define the usefulness of the whole mod system. Get over it and stop whining.</p><p>"I have karma to burn" seems to mostly mean "I care about my karma more than I care about a good discussion". Mentioning it does not improve the discussion in any case.</p></htmltext>
<tokenext>It 's a single mod on a single post .
Whether this one mod is correct or not ( your post can be overrated even if it 's not been modded ) does not define the usefulness of the whole mod system .
Get over it and stop whining .
" I have karma to burn " seems to mostly mean " I care about my karma more than I care about a good discussion " .
Mentioning it does not improve the discussion in any case .</tokentext>
<sentencetext>It's a single mod on a single post.
Whether this one mod is correct or not (your post can be overrated even if it's not been modded) does not define the usefulness of the whole mod system.
Get over it and stop whining.
"I have karma to burn" seems to mostly mean "I care about my karma more than I care about a good discussion".
Mentioning it does not improve the discussion in any case.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30579032</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578392</id>
	<title>Re:Irony</title>
	<author>Anonymous</author>
	<datestamp>1262013720000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>2</modscore>
	<htmltext><p>
I'm more concerned about compromise of the user authentication process.
</p><p>
In the worst case it could result in the ability of an eavesdropper to capture your subscriber ID, and make international roaming calls as you, so they avoid racking up expensive charges themselves.
</p></htmltext>
<tokenext>I 'm more concerned about compromise of the user authentication process .
In the worst case it could result in the ability of an eavesdropper to capture your subscriber ID , and make international roaming calls as you , so they avoid racking up expensive charges themselves .</tokentext>
<sentencetext>
I'm more concerned about compromise of the user authentication process.
In the worst case it could result in the ability of an eavesdropper to capture your subscriber ID, and make international roaming calls as you, so they avoid racking up expensive charges themselves.
</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578210</parent>
</comment>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_28_1931256_1</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578210
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578424
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_28_1931256_40</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578362
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30586544
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_28_1931256_31</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578258
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578402
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30581050
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_28_1931256_17</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578238
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578722
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30580228
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_28_1931256_32</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578470
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30579564
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_28_1931256_23</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30581322
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30599712
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_28_1931256_46</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578258
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578402
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578804
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30586268
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_28_1931256_22</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578238
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578452
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30581250
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_28_1931256_8</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578258
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578458
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_28_1931256_53</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578362
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30579176
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_28_1931256_15</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578258
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578402
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578906
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30580054
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_28_1931256_38</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578806
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30583232
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_28_1931256_45</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578258
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578402
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30580134
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_28_1931256_28</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578238
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30579808
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_28_1931256_5</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578258
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578402
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578970
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_28_1931256_21</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578362
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30579892
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_28_1931256_44</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578258
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578402
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30579488
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_28_1931256_35</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578258
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578402
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30580612
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_28_1931256_18</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578228
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30580654
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_28_1931256_51</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578258
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578402
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578858
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_28_1931256_12</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30579720
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30581218
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_28_1931256_2</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578238
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578700
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30582508
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_28_1931256_36</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578210
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578392
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578974
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_28_1931256_27</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578212
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578348
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30583068
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_28_1931256_43</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578362
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30579366
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_28_1931256_26</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578258
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578480
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30580436
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_28_1931256_3</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578428
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30579770
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_28_1931256_33</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578212
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578348
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30580324
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_28_1931256_10</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30579720
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30582640
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_28_1931256_0</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578702
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30581266
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_28_1931256_49</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578258
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578402
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30579478
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_28_1931256_9</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578212
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578348
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30579524
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_28_1931256_25</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578258
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578402
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30579130
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_28_1931256_48</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578238
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578700
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30579786
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_28_1931256_39</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578258
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30586178
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_28_1931256_30</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578258
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578402
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30589352
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_28_1931256_16</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578238
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578700
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30581164
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_28_1931256_20</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578470
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30579280
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_28_1931256_6</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578238
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578676
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_28_1931256_19</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578470
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30584654
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_28_1931256_13</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578238
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578452
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30585306
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_28_1931256_47</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578238
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578452
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30581146
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_28_1931256_7</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30579862
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30580996
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_28_1931256_52</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578210
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578834
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_28_1931256_37</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578210
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30589512
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_28_1931256_14</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578238
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578700
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30584308
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_28_1931256_42</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578210
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578392
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30579070
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_28_1931256_4</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578238
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578700
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30582844
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_28_1931256_29</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578212
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30579214
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_28_1931256_11</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578212
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578348
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30579708
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_28_1931256_34</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30579872
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30584606
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_28_1931256_50</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30579872
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30586786
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_28_1931256_41</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578258
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578402
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578478
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30579032
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30580062
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_28_1931256_24</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578212
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30580620
</commentlist>
</thread>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_12_28_1931256.8</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30581990
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_12_28_1931256.2</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578408
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_12_28_1931256.20</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578470
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30584654
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30579280
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30579564
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_12_28_1931256.0</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578258
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578458
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578402
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578478
---http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30579032
----http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30580062
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30581050
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30580134
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30579488
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30580612
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578858
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30589352
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30579130
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578970
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578804
---http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30586268
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30579478
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578906
---http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30580054
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30586178
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578480
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30580436
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_12_28_1931256.14</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578488
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_12_28_1931256.12</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578362
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30586544
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30579892
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30579366
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30579176
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_12_28_1931256.15</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578210
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578424
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578392
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578974
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30579070
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30589512
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578834
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_12_28_1931256.13</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30581322
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30599712
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_12_28_1931256.18</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30579720
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30582640
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30581218
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_12_28_1931256.7</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578428
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30579770
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_12_28_1931256.16</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578238
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578700
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30581164
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30582508
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30584308
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30582844
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30579786
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30579808
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578722
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30580228
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578676
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578452
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30581250
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30585306
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30581146
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_12_28_1931256.5</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578194
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_12_28_1931256.19</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578422
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_12_28_1931256.10</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578806
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30583232
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_12_28_1931256.17</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578702
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30581266
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_12_28_1931256.9</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578212
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30579214
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30580620
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578348
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30580324
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30579708
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30583068
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30579524
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_12_28_1931256.11</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30579872
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30586786
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30584606
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_12_28_1931256.6</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30579862
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30580996
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_12_28_1931256.4</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578510
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_12_28_1931256.3</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578762
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_12_28_1931256.1</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30578228
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_28_1931256.30580654
</commentlist>
</conversation>
