Security Basics mailing list archives
Re: Security on CDMA for Banking Applications
From: Alessandro Bottonelli <a.bottonelli () axis-net it>
Date: Wed, 30 Mar 2005 09:43:18 +0200
On Tuesday 29 March 2005 22:17, Nick Owen wrote:
I would add to this that each carrier has different network configurations that can affect security.
Yes, you're quite right. I assumed (unnecessarily) we were talking about a radio link directly managed by the bank with no carriers involved. This is not necessarily the case. If a carrier is supplying the link, they must be involved in the security setup. The best way is to ask for a transparent radio link, pure and simple linking. Whatever gets in on one side, gets out on the other (be it voice, data, IP, ATM, or a proprietary protocol).
Just to complicate things, one carrier wouldn't take our encrypted messages unless we said it was a bitmap image ;).
;-) I wonder why they would do so. A carrier shoud be a ... carrier. If they stick their nose in what they carry from point A to point B, they might loose their status of "common carrier" (the same status airlines, post offices and the like enjoy all other the (free) world). Just like the post office doesn't ask you what's inside the envelope you mail through them, as long it is of standard size, I don't see a reason for a carrier (or even an ISP) to get into what is a (say) an IP packet as long it is correctly formatted. In some EU member states they also try to resist the idea of encrypted traffic being fed into networks (the idea being that it would make it more difficult for police agencies to monitor (legally) such traffic). Yet, it's not really enforced. -- Alessandro Bottonelli Axis-Net (Privacy & InfoSec Consulting) Tel. +39 02 93595859 Fax. +39 02 93590544 Web. http://www.axis-net.it
Current thread:
- Security on CDMA for Banking Applications shankarnarayan.d (Mar 28)
- Re: Security on CDMA for Banking Applications Alessandro Bottonelli (Mar 29)
- Re: Security on CDMA for Banking Applications Nick Owen (Mar 30)
- Re: Security on CDMA for Banking Applications Alessandro Bottonelli (Mar 30)
- Re: Security on CDMA for Banking Applications Nick Owen (Mar 30)
- Re: Security on CDMA for Banking Applications Alessandro Bottonelli (Mar 29)