A different presentation at Blackhat showed that some network operators were using weak DES encryption. TL;DR global mobile phone networks are poor at securing user privacy.

Any bets on which local network operator was rated as badly secured? :-D

--
keybase.io/kipyegonmark

On 13 Jan 2015, at 12:50, "Joseph Abala via skunkworks" <skunkworks@lists.my.co.ke> wrote:

Hey Laban,
the encryption keys if in plain text is dangerous. they are always encry[ted

On Tue, Jan 13, 2015 at 10:51 AM, Laban Mwangi via skunkworks <skunkworks@lists.my.co.ke> wrote:
Interesting report from a ccc presentation (http://events.ccc.de/congress/2014/Fahrplan/schedule/0.html):


http://ss7map.p1sec.com/country/Kenya/

---
Kenya allows 4 SS7 MAP messages to leak precise street-level subscriber location (200m).
---

Kenya has 1 operators that leak subscriber keys.

Leak of subscriber keys allows an attacker to decrypt calls and SMS of subscriber, by impersonating the network using a fake base station.