Hello Matej, thanks for asking us about our opinion. Maybe i can give you some other ideas about this topic.
First of all i must say you picked up a lot of important points and your conclusions are really good. I found about 50 ways to gather information without having physical access and without all that malware problems we allready know from pc and the internet. But i wouldn't say pc are more save. A lot things like secure boot, signed software in closed app stores, automatic software updates and Address Space Layout Randomization (ASLR) you could find in some of the mobile OS first. But on the other - the baseband and SIM side this technics won't help. The data between the baseband CPU and the Application Processor is transfered with shared memory, for example :) There are a few other problems... like the core network of the providers and also the lawful interception has security holes, zero-day exploits on the black marked and many people have access to this sensitive parts of the network. And not to forget the Roving Bug - this is like the queen of interception. You can (translate) and read about it all on: http://smartphone-attack-vector.de/ <http://smartphone-attack-vector.de/> It's important to understand that encryption alone is not the solution. And i think you make that point clear. And as long as we all have a GSM receiver in our smartphones the IMSI Catcher and Roving Bugs will work. And the argument of some people, that there are not many 2G base stations any more in Germany makes me mad. What about the rest of the world? Interception in China, Russia and Africa is not a problem? And by the way, there are not only drones looking for certain SIM cards, so they can kill the owner (called Gilgamesh) - that thing also exists for WiFi. It's called Shenanigans. peace!
_______________________________________________ Guardian-dev mailing list Post: [email protected] List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev To Unsubscribe Send email to: [email protected] Or visit: https://lists.mayfirst.org/mailman/options/guardian-dev/archive%40mail-archive.com You are subscribed as: [email protected]
