But that just means they don't need to officially own it anymore: Alex Mandl, Gemalto's current chairman, is among others a former board member of intQtel, which presents its mission on its web page as:
We identify, adapt, and deliver innovative technology solutions to support the missions of the Central Intelligence Agency and broader U.S. Intelligence Community.
So the news that nobody wants spread is: nobody cares about how much the NSA stole from Gemalto: whatever Gemalto has and NSA wants, the NSA is most likely to get by simply asking NSA affiliates installed at every interesting node in Gemalto's hierarchy.
Incidentally, it's rather easy to find sources about this in French (Gemplus used to be a French company, before the fusion with Axalto which was forced by intQtel and TPG), but surprisingly hard to find in English.
> nobody cares about how much the NSA stole from Gemalto: whatever Gemalto has and NSA wants, the NSA is most likely to get by simply asking NSA affiliates
This seems at odds with the leaked documents though. Why going to the trouble of compromising a company you've already social-engineered to the max?
Not at all. GCHQ are not usually ones to try just one approach. They often try every approach at once: partly because they can; but mostly for compartmentation; to overwhelm layered defences; and to decrease sensitive source exposure by combining the results of everything they care to try.
The doctrine has been called "penetrating targets' defences" or PTD: that's also the name of their budget/office/department/contracting scheme which is broadly equivalent to NSA's Special Source Operations/Targeted Access Operations, only more aggressive and multi-pronged. It incorporates HUMINT as well as both R&D and operational deployment of advanced technical attacks.
You may see references in the Snowden documents of this (check the bottom), or in their tenders to BAE Detica for their modular botnet software, or elsewhere. Although much of the really juicy or operational stuff is STRAP3 and thus kept off the TS//STRAP2 wiki.gchq (which the NSA have shared access to via their ic.gov portal, and which Snowden dumped - and which, yes, runs a tweaked MediaWiki on PHP).
this is the key here: any company that has stakes within the US is subject to coercion
secondly soon news will be out (give it a couple more days ;-)) which is currently not on any news sites radar - on IMSI catchers (aka fake BTS) which will put the whole story into a new context.
But that just means they don't need to officially own it anymore: Alex Mandl, Gemalto's current chairman, is among others a former board member of intQtel, which presents its mission on its web page as:
So the news that nobody wants spread is: nobody cares about how much the NSA stole from Gemalto: whatever Gemalto has and NSA wants, the NSA is most likely to get by simply asking NSA affiliates installed at every interesting node in Gemalto's hierarchy.Incidentally, it's rather easy to find sources about this in French (Gemplus used to be a French company, before the fusion with Axalto which was forced by intQtel and TPG), but surprisingly hard to find in English.