Bttt.
I remember how dead set the government was against strong encryption for cell phones.
They have the SIM card data, they have the firmware, they made sure the flakey baseband processor was never cleaned up...and most of all they made certain that perfect forward secrecy was not implemented.
Still, there is a way to get hard encryption for the audio data... it requires an external Bluetooth headset with built in perfect forward secrecy crypto. To achieve security you need an external device since the phone cannot be trusted. The metadata cannot be protected though.
I hope all these spy methods can self destruct if america is taken over by a foreign power.
The story doesn’t make sense because the authentication key Ki is installed by the network operator (e.g., AT&T) during personalization. It is not installed by the SIM manufacturer. Ki is used when connecting to the mobile network and to generate Kc. Kc is a session key used from there on.
Seems that most of what we suspected or was afraid of was happening all along. We should apologize to those that kept telling of of this abuse.