On Mon, Feb 23, 2015, at 08:31 AM, Hans-Christoph Steiner wrote: > > I highly recommend reading this article about the latest from the Snowden > leaks: > > https://firstlook.org/theintercept/2015/02/19/great-sim-heist/
Just so I am thinking about this correctly, this still requires the attacker to intercept the over the air radio signals between the phone and the tower, and not somewhere upstream on the net, right? Not that it wouldn't be hard for a well-funded adversary to do this, or for this to be done, say using a stingray device mounted on an airplane... > What is directly relevant for anyone who is working with well funded > state > actors in mind, is the description of the whole process of profiling > organizations in order to find out how they can be infiltrated. For the > most > part, it sounds like Gemalto's security was terrible (i.e. plain text FTP > for > sending secret keys), but it sounds like they improved it a lot, and > those > targeting Gemalto had to find new approaches for getting key material. Back to our Google Play phishing attack... thinking how someone without 2-factor auth enabled, and some sort of locked down policy on app updating might have gotten their account compromised. This would have resulted in, say, a new APK being published, but with a different signed key. Still a good attack, as many users would simply uninstall and reinstall to get the upgrade, thinking it was their fault the update had a problem. +n _______________________________________________ List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev To unsubscribe, email: [email protected]
