‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
On Tuesday, January 28, 2020 7:16 AM, jim bell <jdb10987@yahoo.com> wrote:
WIRED: One Small Fix Would Curb Stingray Surveillance.
https://www.wired.com/story/stingray-surveillance-cell-tower-pre-authentication
'''
The telecom and tech industries could overcome these challenges if they decided to prioritize a fix. That's a big
if. Nasser points to a solution that would
function a lot like HTTPS web encryption,
allowing phones to quickly check cell tower "certificates" to prove
their legitimacy before establishing a secure connection. Last year,
Hussain and colleagues from Purdue and the University of Iowa
developed and proposed such an authentication scheme for the bootstrapping process in 5G.
"As
long as phones will connect to anything advertising itself as a tower,
it’s kind of free-for-all," Nasser says. "This problem is big
low-hanging fruit, and there are many ways things could get better I
think."
'''
never gonna happen :(
would be nice, though...
this is a warning for lawful access to encryption; once you've compromised a system "for official purpose" it's compromised forever.
best regards,