On Sat, Jul 21, 2007 at 12:56:00PM -0400, Steven M. Bellovin wrote:
> On Sat, 21 Jul 2007 04:46:51 -0700 (PDT)
> look at 18 USC 2512
> (http://www4.law.cornell.edu/uscode/html/uscode18/usc_sec_18_2512000-.html)
>
> any person who intentionally ...
>
> manufactures, assembles,
On Sat, 21 Jul 2007, Steven M. Bellovin wrote:
>Not as I read the statute (and of course I'm not a lawyer). Have a
>look at 18 USC 2512
>(http://www4.law.cornell.edu/uscode/html/uscode18/usc_sec_18_2512000-.html)
> any person who intentionally ...
>
> manufactures, assemble
On Sat, 21 Jul 2007 04:46:51 -0700 (PDT)
bear <[EMAIL PROTECTED]> wrote:
>
>
> On Thu, 19 Jul 2007, Charles Jackson wrote:
>
> >An earlier post, talking about vulnerabilities and the lack of an
> >appropriate market response, said:
> >
> >We're talking about phone calls -- did all o
On Thu, 19 Jul 2007, Charles Jackson wrote:
>An earlier post, talking about vulnerabilities and the lack of an
>appropriate market response, said:
>
>We're talking about phone calls -- did all of the well-publicized
>cellular eavesdropping (Prince Charles, Newt Gingrich (then a major
An earlier post, talking about vulnerabilities and the lack of an
appropriate market response, said:
We're talking about phone calls -- did all of the well-publicized
cellular eavesdropping (Prince Charles, Newt Gingrich (then a major US
politician), and more) prompt a change? Well, t
On Tue, 17 Jul 2007 13:11:41 -0400 (EDT)
"Leichter, Jerry" <[EMAIL PROTECTED]> wrote:
>
> I'd guess that the next step will be in the business community. All
> it will take is one case where a deal is visibly lost because of
> "proven" eavesdropping ("proven" in quotes because it's unlikely that
At 07:37 AM 7/12/2007, Eric Cronin wrote:
> With current CPUs and audio codecs you can get
> decent voice quality over 9600bps.
Yes and no. There are lots of 8kbps codecs, and some 6.5 and 5.3kbps codecs,
all off which give acceptable voice quality if transmission's ok.
(And you can reduce avera
| >Between encrypted VOIP over WIFI and eventually over broadband cell -
| >keeping people from running voice over their broadband connections is
| >a battle the telco's can't win in the long run - and just plain
| >encrypted cell phone calls, I think in a couple of years anyone who
| >wants secure
[EMAIL PROTECTED] (Peter Gutmann) writes:
> I think you're looking at this a bit wrong. I rememeber the same opinion as
> the above being expressed on the brew-a-stu list about fifteen years ago, and
> no doubt some other list will carry it in another fifteen years time, with
> nothing else havin
"Leichter, Jerry" <[EMAIL PROTECTED]> writes:
>Between encrypted VOIP over WIFI and eventually over broadband cell - keeping
>people from running voice over their broadband connections is a battle the
>telco's can't win in the long run - and just plain encrypted cell phone
>calls, I think in a cou
On Jul 6, 2007, at 6:20 PM, John Ioannidis wrote:
Unfortunately, it's not so easy to roll your own on top of a 3G-
enabled smartphone. The "broadband" channel does not have the tight
jitter and throughput guarantees that voice needs, and some
providers (Verizon in the USA for example) con
On 7/9/07, alan <[EMAIL PROTECTED]> wrote:
Makes me wonder how this will effect the OpenMoko phone if someone builds
an encryption layer for it. (OpenMoko is a totally open sourced phone.)
Leigh Honeywell and Paul Wouters presented a 'crypto-phone' effort
they have been working on at CCC in Ge
At 10:59 PM 7/9/2007, Florian Weimer wrote:
Uh-oh, no. The protocol characteristics don't change depending on
who is selling you the device.
Of course they do, at least in the US,
where the mobile phones are generally carrier-specific,
often locked, and generally don't have open designs.
In pa
On 07/10/2007 01:59 AM, Florian Weimer wrote:
It's also an open question whether network operators subject to
interception requirements can legally offer built-in E2E encryption
capabilities without backdoors.
I agree. It's a tricky question; see below
JI responded:
You probably meant devi
| > Crypto has been an IP minefield for some years. With the expiry of
| > certain patents, and the availability of other unencumbered crypto
| > primitives (eg. AES), we may see this change. But John's other
| > points are well made, and still valid. Downloadable MP3 ring tones
| > are a sellin
D]
[mailto:[EMAIL PROTECTED] On Behalf Of Steven M. Bellovin
Sent: Tuesday, 10 July 2007 12:57 AM
To: [EMAIL PROTECTED]
Cc: 'John Ioannidis'; [EMAIL PROTECTED]; 'Perry E. Metzger';
cryptography@metzdowd.com
Subject: Re: How the Greek cellphone network was tapped.
On Mon, 9 Jul 200
* John Ioannidis:
> Florian Weimer wrote:
>
>> It's also an open question whether network operators subject to
>> interception requirements can legally offer built-in E2E encryption
>> capabilities without backdoors.
>>
>
> You probably meant device vendors, not network operators. The whole
> *po
On Mon, 9 Jul 2007, Florian Weimer wrote:
* Ian Farquhar:
Crypto has been an IP minefield for some years. With the expiry of
certain patents, and the availability of other unencumbered crypto
primitives (eg. AES), we may see this change. But John's other
points are well made, and still valid
Florian Weimer wrote:
It's also an open question whether network operators subject to
interception requirements can legally offer built-in E2E encryption
capabilities without backdoors.
You probably meant device vendors, not network operators. The whole
*point* of E2E security is that networ
* Ian Farquhar:
> Crypto has been an IP minefield for some years. With the expiry of
> certain patents, and the availability of other unencumbered crypto
> primitives (eg. AES), we may see this change. But John's other
> points are well made, and still valid. Downloadable MP3 ring tones
> are a
On Mon, 9 Jul 2007 17:52:38 +1000
"Ian Farquhar \(ifarquha\)" <[EMAIL PROTECTED]> wrote:
>
> And don't forget, some of the biggest markets are still
> crypto-phobic. Every time I enter China I have to tick a box on the
> entry form indicating that I am not carrying any "communications
> securit
> 2. E2E crypto on mobiles would require cross-vendor support, which would mean
> that it
> would have to go into the standard. Unfortunately, standards in the mobile
> world are
> heavily influenced by governmnets, and the four horsemen of the apocalypse
> (drug
> dealers, paedophiles, spies,
silvio wrote:
Aren't run-of-the-mill cellphones these days powerful enough to use
available software like OpenSSL to encrypt voice/datastreams?
Again...what are the options for end-to-end cell encryption right now?
Mobile phones have had spare cycles for doing strong crypto for a very
long ti
Am Freitag, den 06.07.2007, 02:52 -0400 schrieb silvio:
> > http://www.spectrum.ieee.org/print/5280
>
> So what are the options these days (the article even mentions
> end-to-end
> encryption to make such an attack far more difficult)?
> Every "crypto-phone" offering seems to go stale and disappea
Perry E. Metzger wrote:
> A fascinating IEEE Spectrum article on the incident in which lawful
> intercept facilities were hacked to permit the secret tapping of
> the mobile phones of a large number of Greek government officials,
> including the Prime Minister:
>
> http://www.spectrum.ieee.org/pr
"Perry E. Metzger" <[EMAIL PROTECTED]> writes:
>A fascinating IEEE Spectrum article on the incident in which lawful intercept
>facilities were hacked to permit the secret tapping of the mobile phones of a
>large number of Greek government officials, including the Prime Minister:
Some years ago I
A fascinating IEEE Spectrum article on the incident in which lawful
intercept facilities were hacked to permit the secret tapping of
the mobile phones of a large number of Greek government officials,
including the Prime Minister:
http://www.spectrum.ieee.org/print/5280
Hat tip: Steve Bellovin.
27 matches
Mail list logo