I highly recommend reading this article about the latest from the Snowden leaks:
https://firstlook.org/theintercept/2015/02/19/great-sim-heist/
What is directly relevant for anyone who is working with well funded state
actors in mind, is the description of the whole process of profiling
organizations in order to find out how they can be infiltrated. For the most
part, it sounds like Gemalto's security was terrible (i.e. plain text FTP for
sending secret keys), but it sounds like they improved it a lot, and those
targeting Gemalto had to find new approaches for getting key material.
.hc
--
PGP fingerprint: 5E61 C878 0F86 295C E17D 8677 9F0F E587 374B BE81
https://pgp.mit.edu/pks/lookup?op=vindex&search=0x9F0FE587374BBE81
_______________________________________________
List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev
To unsubscribe, email: [email protected]
