On Sat, Jul 21, 2007 at 12:56:00PM -0400, Steven M. Bellovin wrote:
On Sat, 21 Jul 2007 04:46:51 -0700 (PDT)
look at 18 USC 2512
(http://www4.law.cornell.edu/uscode/html/uscode18/usc_sec_18_2512000-.html)
any person who intentionally ...
manufactures, assembles,
On Thu, 19 Jul 2007, Charles Jackson wrote:
An earlier post, talking about vulnerabilities and the lack of an
appropriate market response, said:
We're talking about phone calls -- did all of the well-publicized
cellular eavesdropping (Prince Charles, Newt Gingrich (then a major US
On Sat, 21 Jul 2007 04:46:51 -0700 (PDT)
bear [EMAIL PROTECTED] wrote:
On Thu, 19 Jul 2007, Charles Jackson wrote:
An earlier post, talking about vulnerabilities and the lack of an
appropriate market response, said:
We're talking about phone calls -- did all of the
On Sat, 21 Jul 2007, Steven M. Bellovin wrote:
Not as I read the statute (and of course I'm not a lawyer). Have a
look at 18 USC 2512
(http://www4.law.cornell.edu/uscode/html/uscode18/usc_sec_18_2512000-.html)
any person who intentionally ...
manufactures, assembles,
Leichter, Jerry [EMAIL PROTECTED] writes:
Between encrypted VOIP over WIFI and eventually over broadband cell - keeping
people from running voice over their broadband connections is a battle the
telco's can't win in the long run - and just plain encrypted cell phone
calls, I think in a couple of
[EMAIL PROTECTED] (Peter Gutmann) writes:
I think you're looking at this a bit wrong. I rememeber the same opinion as
the above being expressed on the brew-a-stu list about fifteen years ago, and
no doubt some other list will carry it in another fifteen years time, with
nothing else having
| Between encrypted VOIP over WIFI and eventually over broadband cell -
| keeping people from running voice over their broadband connections is
| a battle the telco's can't win in the long run - and just plain
| encrypted cell phone calls, I think in a couple of years anyone who
| wants secure
At 07:37 AM 7/12/2007, Eric Cronin wrote:
With current CPUs and audio codecs you can get
decent voice quality over 9600bps.
Yes and no. There are lots of 8kbps codecs, and some 6.5 and 5.3kbps codecs,
all off which give acceptable voice quality if transmission's ok.
(And you can reduce
On Tue, 17 Jul 2007 13:11:41 -0400 (EDT)
Leichter, Jerry [EMAIL PROTECTED] wrote:
I'd guess that the next step will be in the business community. All
it will take is one case where a deal is visibly lost because of
proven eavesdropping (proven in quotes because it's unlikely that
there
An earlier post, talking about vulnerabilities and the lack of an
appropriate market response, said:
We're talking about phone calls -- did all of the well-publicized
cellular eavesdropping (Prince Charles, Newt Gingrich (then a major US
politician), and more) prompt a change? Well,
| Crypto has been an IP minefield for some years. With the expiry of
| certain patents, and the availability of other unencumbered crypto
| primitives (eg. AES), we may see this change. But John's other
| points are well made, and still valid. Downloadable MP3 ring tones
| are a selling
On 07/10/2007 01:59 AM, Florian Weimer wrote:
It's also an open question whether network operators subject to
interception requirements can legally offer built-in E2E encryption
capabilities without backdoors.
I agree. It's a tricky question; see below
JI responded:
You probably meant
At 10:59 PM 7/9/2007, Florian Weimer wrote:
Uh-oh, no. The protocol characteristics don't change depending on
who is selling you the device.
Of course they do, at least in the US,
where the mobile phones are generally carrier-specific,
often locked, and generally don't have open designs.
In
On 7/9/07, alan [EMAIL PROTECTED] wrote:
Makes me wonder how this will effect the OpenMoko phone if someone builds
an encryption layer for it. (OpenMoko is a totally open sourced phone.)
Leigh Honeywell and Paul Wouters presented a 'crypto-phone' effort
they have been working on at CCC in
On Jul 6, 2007, at 6:20 PM, John Ioannidis wrote:
Unfortunately, it's not so easy to roll your own on top of a 3G-
enabled smartphone. The broadband channel does not have the tight
jitter and throughput guarantees that voice needs, and some
providers (Verizon in the USA for example)
Florian Weimer wrote:
It's also an open question whether network operators subject to
interception requirements can legally offer built-in E2E encryption
capabilities without backdoors.
You probably meant device vendors, not network operators. The whole
*point* of E2E security is that
On Mon, 9 Jul 2007, Florian Weimer wrote:
* Ian Farquhar:
Crypto has been an IP minefield for some years. With the expiry of
certain patents, and the availability of other unencumbered crypto
primitives (eg. AES), we may see this change. But John's other
points are well made, and still
* John Ioannidis:
Florian Weimer wrote:
It's also an open question whether network operators subject to
interception requirements can legally offer built-in E2E encryption
capabilities without backdoors.
You probably meant device vendors, not network operators. The whole
*point* of E2E
:[EMAIL PROTECTED] On Behalf Of Steven M. Bellovin
Sent: Tuesday, 10 July 2007 12:57 AM
To: [EMAIL PROTECTED]
Cc: 'John Ioannidis'; [EMAIL PROTECTED]; 'Perry E. Metzger';
cryptography@metzdowd.com
Subject: Re: How the Greek cellphone network was tapped.
On Mon, 9 Jul 2007 17:52:38 +1000
Ian Farquhar
2. E2E crypto on mobiles would require cross-vendor support, which would mean
that it
would have to go into the standard. Unfortunately, standards in the mobile
world are
heavily influenced by governmnets, and the four horsemen of the apocalypse
(drug
dealers, paedophiles, spies, and
On Mon, 9 Jul 2007 17:52:38 +1000
Ian Farquhar \(ifarquha\) [EMAIL PROTECTED] wrote:
And don't forget, some of the biggest markets are still
crypto-phobic. Every time I enter China I have to tick a box on the
entry form indicating that I am not carrying any communications
security
* Ian Farquhar:
Crypto has been an IP minefield for some years. With the expiry of
certain patents, and the availability of other unencumbered crypto
primitives (eg. AES), we may see this change. But John's other
points are well made, and still valid. Downloadable MP3 ring tones
are a
silvio wrote:
Aren't run-of-the-mill cellphones these days powerful enough to use
available software like OpenSSL to encrypt voice/datastreams?
Again...what are the options for end-to-end cell encryption right now?
Mobile phones have had spare cycles for doing strong crypto for a very
long
Perry E. Metzger wrote:
A fascinating IEEE Spectrum article on the incident in which lawful
intercept facilities were hacked to permit the secret tapping of
the mobile phones of a large number of Greek government officials,
including the Prime Minister:
Perry E. Metzger [EMAIL PROTECTED] writes:
A fascinating IEEE Spectrum article on the incident in which lawful intercept
facilities were hacked to permit the secret tapping of the mobile phones of a
large number of Greek government officials, including the Prime Minister:
Some years ago I talked
Am Freitag, den 06.07.2007, 02:52 -0400 schrieb silvio:
http://www.spectrum.ieee.org/print/5280
So what are the options these days (the article even mentions
end-to-end
encryption to make such an attack far more difficult)?
Every crypto-phone offering seems to go stale and disappear after
A fascinating IEEE Spectrum article on the incident in which lawful
intercept facilities were hacked to permit the secret tapping of
the mobile phones of a large number of Greek government officials,
including the Prime Minister:
http://www.spectrum.ieee.org/print/5280
Hat tip: Steve Bellovin.
27 matches
Mail list logo