Researchers find deliberate backdoor in police radio encryption algorithm | Vendors knew all about it, but most customers were clueless.

L4sBot@lemmy.worldmod to Technology@lemmy.world – 225 points – Researchers find deliberate backdoor in police radio encryption algorithm
arstechnica.com

Researchers find deliberate backdoor in police radio encryption algorithm | Vendors knew all about it, but most customers were clueless.::Vendors knew all about it, but most customers were clueless.

23

You are viewing a single comment
View all comments

Interesting. I wonder if this was due to a request from certain agencies for anything exported.

Bingo. All of these technologies are controlled by ITAR.

I have zero doubt this was for clandestine use internationally and it was almost inevitable. Outside of a back-door there is no way you’re getting access to properly encrypted net with some of the higher end technologies.

ETSI isn’t controlled by ITAR. You’re on the wrong continent.

Sure ETSI are responsible for the encryption standard.

And Motorola is free to use that standard on radio handsets made with components of ITAR controlled items.

The use of any component controlled via ITAR will have the entire unit controlled.

Having used a Motorola product covered by ITAR on “the wrong continent” many times.

ETSI isn’t responsible for “the encryption standard” - they’re responsible for the TETRA standard. TETRA isn’t encryption - it’s a type of radio system, that has encryption as one small part of it. (I know plenty about TETRA - I’ve designed transmission networks for TETRA systems.) I’ve worked on DAMM and Leonardo systems, they’re completely European designed and built, there’s no ITAR regulations on them.

Ah, yes. European radios made by European manufacturers to specifications created by a European agency primarily intended for use in Europe are, in fact, actually being controlled by the US. Am I understanding that correctly?

For sure. There are plenty of historical prevents for this exact situation. Makes you wonder why anyone would trust exported "secure" technology from America

Ah, I see you're having trouble finding the article. No worries, the link is right up there at the top of the page! I know you'd never intentionally comment before reading the article unless you were struggling to find it; only a redditor would comment without knowing what was being discussed.