I'm sure the NSA has known this for a while

Wikipedia:

Current status[edit]

As of 2009, non-military cryptography exports from the U.S. are controlled by the Department of Commerce's Bureau of Industry and Security.[9] Some restrictions still exist, even for mass market products, particularly with regard to export to "rogue states" and terrorist organizations. Militarized encryption equipment, TEMPEST-approved electronics, custom cryptographic software, and even cryptographic consulting services still require an export license[9](pp. 6–7). Furthermore, encryption registration with the BIS is required for the export of "mass market encryption commodities, software and components with encryption exceeding 64 bits" (75 F.R. 36494). In addition, other items require a one-time review by or notification to BIS prior to export to most countries.[9] For instance, the BIS must be notified before open-source cryptographic software is made publicly available on the Internet, though no review is required.[10] Export regulations have been relaxed from pre-1996 standards, but are still complex.[9] Other countries, notably those participating in the Wassenaar Arrangement,[11] have similar restrictions.[12]

US export rules[edit]

US non-military exports are controlled by Export Administration Regulations (EAR), a short name for the US Code of Federal Regulations (CFR) Title 15 chapter VII, subchapter C.

Encryption items specifically designed, developed, configured, adapted or modified for military applications (including command, control and intelligence applications) are controlled by the Department of State on the United States Munitions List.

The NSA is in the business of being able to get signals intelligence from anyone overseas. People who are shocked, shocked, that the NSA can get information from encrypted communications on cell phones aren't paying attention.

My $0.02.

Cheers,
Scott.

Post #397,356 by drook 12/19/14 1:40:53 PM Reply	I'm sure the NSA has known this for a while And if I were of a conspiratorial bent, I'd think they none-too-subtly suggested to various carriers that "fixing" the problems shouldn't be a high priority. -- Drew
Post #397,358 by a6l6e6x 12/19/14 2:00:10 PM Reply	Re: NSA has known? It is more likely that NSA has specified and got what it wanted. Alex "There is a cult of ignorance in the United States, and there has always been. The strain of anti-intellectualism has been a constant thread winding its way through our political and cultural life, nurtured by the false notion that democracy means that "my ignorance is just as good as your knowledge." -- Isaac Asimov
Post #399,345 by dmcarls 2/21/15 3:18:12 PM Reply	Re: NSA has known? A long article, but very interesting. "The massive key theft is “bad news for phone security. Really bad news.” https://firstlook.org/theintercept/2015/02/19/great-sim-heist/
Post #399,346 by Another Scott 2/21/15 3:37:37 PM Reply	Kinda related - there are still laws about exporting encryption Wikipedia: Current status[edit] As of 2009, non-military cryptography exports from the U.S. are controlled by the Department of Commerce's Bureau of Industry and Security.[9] Some restrictions still exist, even for mass market products, particularly with regard to export to "rogue states" and terrorist organizations. Militarized encryption equipment, TEMPEST-approved electronics, custom cryptographic software, and even cryptographic consulting services still require an export license[9](pp. 6–7). Furthermore, encryption registration with the BIS is required for the export of "mass market encryption commodities, software and components with encryption exceeding 64 bits" (75 F.R. 36494). In addition, other items require a one-time review by or notification to BIS prior to export to most countries.[9] For instance, the BIS must be notified before open-source cryptographic software is made publicly available on the Internet, though no review is required.[10] Export regulations have been relaxed from pre-1996 standards, but are still complex.[9] Other countries, notably those participating in the Wassenaar Arrangement,[11] have similar restrictions.[12] US export rules[edit] US non-military exports are controlled by Export Administration Regulations (EAR), a short name for the US Code of Federal Regulations (CFR) Title 15 chapter VII, subchapter C. Encryption items specifically designed, developed, configured, adapted or modified for military applications (including command, control and intelligence applications) are controlled by the Department of State on the United States Munitions List. The NSA is in the business of *being able to* get signals intelligence from anyone overseas. People who are shocked, shocked, that the NSA *can* get information from encrypted communications on cell phones aren't paying attention. My $0.02. Cheers, Scott.
Post #399,347 by a6l6e6x 2/21/15 5:23:02 PM Reply	All your base are belong to us! Alex "There is a cult of ignorance in the United States, and there has always been. The strain of anti-intellectualism has been a constant thread winding its way through our political and cultural life, nurtured by the false notion that democracy means that "my ignorance is just as good as your knowledge." -- Isaac Asimov

Welcome to IWETHEY!