How the Greek cellphone network was tapped.

A fascinating IEEE Spectrum article on the incident in which lawful intercept facilities were hacked to permit the secret tapping of the mobile phones of a large number of Greek government officials, including the Prime Minister: http://www.spectrum.ieee.org/print/5280 Hat tip: Steve Bellovin.

Re: Hackers target C-level execs and their families

* Udhay Shankar N.: > Hasn't this already been going on a while? I'm only surprised there > hasn't been a big public incident yet. Doesn't this one count? | According to Chief Superintendent Arye Edelman, head of the Tel Aviv | fraud squad, which ran the investigation, Haephrati used two methods

Re: The bank fraud blame game

Hi, > > The second possiblity has been realized by some european banks now, based > > on SMS and mobile phones, which sends the important transaction details > > together with a random authorisation code, that is bound to the > > transaction in the banks database. The user can then verify the > >

Re: UK RIPA Pt 3

* Peter Fairbrother: > I forgot to mention that Pt.3 also includes coercive demands for > access keys - so for instance if Mr Bill Gates came to the UK, and if > there was some existing question about Microsoft's behaviour in some > perhaps current EU legal matter, Mr Gates could be required to gi

Re: The bank fraud blame game

Stefan Lucks <[EMAIL PROTECTED]> writes: >There is a big difference between a TPM providing this kind of service, and >Peter's device. The TPM is supposed to be hard-wired into a PC -- so if you >are using it to safe your banking applications, you can do banking at one >single PC. On the other han

Re: UK RIPA Pt 3

Peter Fairbrother wrote: The UK Home Office have just announced that they intend to bring the provisions of Pt 3 of the Regulation of Investigatory Powers Act 2000 into force on 1st October. This is the law that enables Policemen to demand keys to encrypted material, on pain of imprisonment, an

Hackers target C-level execs and their families

Hasn't this already been going on a while? I'm only surprised there hasn't been a big public incident yet. Udhay http://www.computerworld.com/action/article.do?command=viewArticleBa

Re: The bank fraud blame game

Philipp � wrote: * An external device that lets the user verify the transaction independently from the PC. The second possiblity has been realized by some european banks now, based on SMS and mobile phones, which sends the important transaction details together with a random authorisation cod

Re: The bank fraud blame game

R. Hirschfeld wrote: - differential pricing: electronic purse payments are potentially cheaper to process than those of debit cards because they are offline, but consumers find it more convenient to keep money in their bank account than on a smart card and will likely continue to do so as

UK RIPA Pt 3

The UK Home Office have just announced that they intend to bring the provisions of Pt 3 of the Regulation of Investigatory Powers Act 2000 into force on 1st October. This is the law that enables Policemen to demand keys to encrypted material, on pain of imprisonment, and without judicial approv

Re: remote-attestation is not required (Re: The bank fraud blame game)

>I think you misread what I said about "BIOS jumper required install". > >Ie this is not a one click install from email. It is something one >user in 10,000 would even install at all! If only. If you can e-mail me a cool widget with directions I can follow to install it, a virus can e-mail a mil

Re: The bank fraud blame game

R. Hirschfeld wrote: During the course of the CAFE project some commercial electronic purse systems emerged, notably Proton (from Banksys in Belgium, replicated in other counties under other names) and Mondex. These were in many ways less sophisticated than CAFE's system (which was multi-issuer,