As a result, DUAL EC DRBG has been incorporated into a range of products, including those from security company RSA, in operating systems such as Microsoft Windows,and in a version of OpenSSL (a tool commonly used to facilitate website encryption). The integration of the standard with operating systems was significant because, by changing the default method by which the operating system encrypted communications traffic, an intelligence agency could decrypt data now encrypted using DUAL EC DRBG.
Dual_EC was never the default in Microsoft Windows, and you'd have to put effort into building a version of OpenSSL that used it. The article is overstating its case here.
Dual_EC was famously the default for some versions of RSA BSAFE, and RSA BSAFE seems to have acknowledged accepting money from the USG to set that default. But BSAFE's licensors used it primarily to mollify RSA's patents, which expired over a decade ago. Lots of vendors that license BSAFE don't use it for anything meaningful. OpenSSL is much, much more popular in closed-source enterprise tools than BSAFE is.
I believe it also overstates or miss-represents the way the wireless telecommunications networks operate.
While I'm honestly not familiar with the SGES or all the rules the article is alluding to about decryption,
I think this article also miss-represents the way wireless telecommunications networks work. The encryption used by networks such as UMTS and LTE are international standards specified by the 3GPP, and to my limited knowledge do not draw on DUAL EC DRBG in any way. However, my experience in this portion of the encryption is extremely limited.
Anyways, the encryption used by UMTS and LTE networks as specified by the 3GPP, are international standards, and are used to authenticate users SIM cards, and to protect the air interface for integrity and confidentiality. As such, the telephone communications should be difficult to intercept on the radio interface only, but when it enters the network the need for encryption is no longer needed.
To maybe draw a parallel to a web service, many load balancers offer SSL termination. SSL between the browser and the web server, is important to protect the connection between the client and any intermediate networks. However, once it get's to the load balancer, many services will just pass the traffic internally without encryption. Many systems like connections to a database will may also not be encrypted. Once you're within your own network, you don't keep everything encrypted at every step. The cellular network can be thought of in a similar way, the encryption is used to bring the service into the network in locations where it can be intercepted from outside the network.
Now if you think of something like say Internet traffic, for you to visit hacker news. You phone or tablet, will activate a cellular connection, and will send packets to the cellular network. The radio connection will be encrypted, but it will be decrypted by the network, because Hacker News doesn't know or understand the cellular encryption protocols, there are no end-to-end guarantee's provided. Also, the cellular network will eventually turn into an IP network, and the IP routing headers will be needed for regular Internet routing. When it leaves the cellular network, it will just be IP traffic like any other Internet traffic. What you are protected from, is that someone following you around with a special radio, can't listen in on your conversations, messages, etc.
In the case of Hacker News though, SSL is used, so that regular Internet traffic is also encrypted at a layer above TCP/IP, and the contents will be unknown.
Anyways, I hope that made sense. The article may have a lot of merit about what's going on, but in my experience it miss-represents how the mobile network operates.
To be fair, and what may be relevant, is the 3GPP did cripple cellular encryption technologies at one point, for use in countries with export restrictions if I remember correctly.
Also, at least the older encryption algorithms have known flaws. And there are also documentation of other flaws, such as being able to trick certain phones into using null encryption for example and then intercepting the radio traffic. Or getting the UE to trust a network that it shouldn't be able to.
Now for the mandatory disclaimer, the information provided are my own views, and in no way represent my employer. I do work in the wireless telecommunications sector in Canada, and all the information I provided is available to the public if you know where to look.
Dual_EC was never the default in Microsoft Windows, and you'd have to put effort into building a version of OpenSSL that used it. The article is overstating its case here.
Dual_EC was famously the default for some versions of RSA BSAFE, and RSA BSAFE seems to have acknowledged accepting money from the USG to set that default. But BSAFE's licensors used it primarily to mollify RSA's patents, which expired over a decade ago. Lots of vendors that license BSAFE don't use it for anything meaningful. OpenSSL is much, much more popular in closed-source enterprise tools than BSAFE is.