Re: How T-Mobil's network was compromised

[Richard Porter <rwporter () gmail com>]

> On Thu, 17 Feb 2005 09:33:48 -0800 (PST), gf gf
> <unknownsoldier93 () yahoo com> wrote:
> > ...
> > documentation.  Does any mobile carrier support PGP or
> > some other end-to-end encryption on their devices?
> > Yeeeeshh....
>
> Not sure I'd trust PGP running on carrier hardware. These are the same
> carriers who can do over the air programming and firmware upgrades.
> Sure, I bought the handset, but I sure don't control it. It wouldn't
> surprise me in the least if they were to instrument their pgp app with
> key or plaintext recovery features in support of law enforcement...
> When you think about it, having your phone/blackberry/whatever be your
> wallet and your crypto token and your password vault just seems like a
> bad idea.
>
> CK
That is a great point (And made me really think about it) but do you think
it would be a back door into the PGP implementation? Or do you think logical
separation between communication encryption and data at rest encryption can
be achieved?


_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
https://lists.immunitysec.com/mailman/listinfo/dailydave