Maybe It's Snake Oil All the Way Down
Adam Shostack
adam at homeport.org
Thu Jun 5 09:15:22 PDT 2003
On Wed, Jun 04, 2003 at 07:15:13PM -0400, John Kelsey wrote:
| At 03:50 PM 6/3/03 -0700, Eric Blossom wrote:
| ...
| >GSM and CDMA phones come with the crypto enabled. The crypto's good
| >enough to keep out your neighbor (unless he's one of us) but if you're
| >that paranoid, you should opt for the end-to-end solution. The CDMA
| >stuff (IS-95) is pretty broken: *linear* crypto function, takes 1
| >second worst case to gather data sufficient to solve 42 equations in
| >42 unknowns, but again, what's your threat model? Big brother and
| >company are going to get you at the base station...
|
| Big brother has a limited budget, just like the rest of us. If he has to
| produce a warrant or tap a wire somewhere to listen in on me, he probably
| won't bother.
|
| The only thing protecting my cellphone calls right now is trivially-broken
| encryption, the need for some moderately expensive equipment, and some laws
| prohibiting cellphone eavesdropping. That means that some bad guys may be
| eavesdropping now, and there's no telling how many bad guys will be doing
| so tomorrow. Nobody here knows how much eavesdropping is being done,
More bad guys will be listening tomorow, because SDR and Moore's law
will drive down the cost. At some point, we'll hit a knee in the
curve, and cell phones will be either made more secure, or we'll live
with the fact that all our calls are being listened to, much like the
Brits are always on video.
Adam
--
"It is seldom that liberty of any kind is lost all at once."
-Hume
More information about the cypherpunks-legacy
mailing list