One is the idea of cracking the relatively - even more than relatively - the very weak encryption of the connection.

LEO: Just weak encryption.

I mean, it's weak encryption.

A key that is weak or too short will produce weak encryption.

Some countries do not even have encrypted phone data traffic (or very weak encryption) rendering an IMSI catcher unnecessary.

What you'd really want to do is be able to tell your phone, for example, no longer allow any weak encryption.

Even weak encryption (with a 40-bit key length, for example) is sufficient to deter most casual snoops.

They've said, oh, yeah, look, this matches the template, and then they perform a rather weak decryption of their weak encryption in order to provide the password.

Because once that's in, then you have weak encryption.

The algorithm provides no cryptographic security, and is often cited as a canonical example of weak encryption.