Don't need to break phone to tower encryption when the vast majority of the call pathway is not encrypted. On Tue, Mar 8, 2022 at 4:59 PM Michael Thomas <mike@mtcc.com> wrote:
Hi, I was reading an article on why Russia hasn't taken out Ukraine's mobile networks and one of the premises was that they could use it to eavesdrop on calls. Depending on how old their infrastructure is, that doesn't make sense as I would assume that along with e2e SIP that they'd be using SRTP with the SRTP keys exchanged using DTLS which is my understanding of the way they are secured. My understanding could be wrong though, or either outdated, or not uniformly deployed.
The other thing that's weird is that the same article says they want to keep it up so they can use their bandwidth too which strikes me as sort of a crazy assumption in a war, but that's not much of an operational issue.
https://www.politico.com/news/2022/03/07/ukraine-phones-internet-still-work-...
Mike