Dailydave mailing list archives
Re: How T-Mobil's network was compromised
From: Paul Wouters <paul () xelerance com>
Date: Thu, 17 Feb 2005 21:25:57 +0100 (CET)
On Thu, 17 Feb 2005, Richard Porter wrote:
Not sure I'd trust PGP running on carrier hardware. These are the same
But where do you end your paranioa? Do you trust RNG's on die? You cannot really ever 'fully' trust crypto hardware that does not have an open spec. Whatever happened to the people chasing down the time delays in Pentium-I CPU's when executing onducmented (backdoor?) instructions to get to ring 0? Didn't one of them die? :)
That is a great point (And made me really think about it) but do you think it would be a back door into the PGP implementation?
If T-mobile wants to have your PGP messages, and they give you the PGP application, they can easilly use a T-mobile "Additional Decryption Key" (ADK) to ensure they can read all your messages. If you would be using a real pgp implementation on the other end, it would ask you if you want to encrypt to the ADK as well. If you'd hit another t-mobile PGP handset, this could then ofcourse happen without any notice. Blackbox cryptography is just always wrong. Paul _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com https://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- How T-Mobil's network was compromised gf gf (Feb 17)
- Re: How T-Mobil's network was compromised Chris Kuethe (Feb 17)
- Re: How T-Mobil's network was compromised Richard Porter (Feb 17)
- Re: How T-Mobil's network was compromised Paul Wouters (Feb 17)
- Re: How T-Mobil's network was compromised Chris Kuethe (Feb 17)
- Re: How T-Mobil's network was compromised Paul Wouters (Feb 18)
- Re: How T-Mobil's network was compromised - Honeypots & Case Studies gf gf (Feb 19)
- Re: Re: How T-Mobil's network was compromised - Honeypots & Case Studies Peter Busser (Feb 23)
- Re: How T-Mobil's network was compromised Richard Porter (Feb 17)
- Re: How T-Mobil's network was compromised Anthony Zboralski (Feb 19)
- Re: How T-Mobil's network was compromised halvar (Feb 19)
- Re: How T-Mobil's network was compromised Anthony Zboralski (Feb 19)
- Message not available
- Re: How T-Mobil's network was compromised Anthony Zboralski (Feb 19)
- Re: How T-Mobil's network was compromised Chris Kuethe (Feb 17)
- Re: How T-Mobil's network was compromised Chris Kuethe (Feb 17)