Crypto mechanics in ios8 and android L

Peter Gutmann pgut001 at cs.auckland.ac.nz
Wed Oct 15 20:55:31 PDT 2014


coderman <coderman at gmail.com> writes:

>it is more private because you are separating domains of communication. the
>less trustworthy smartphone is used as a network link (cell or other uplink)
>and not trusted with the content of the encrypted communications it carries.

That bites both ways.  If I can get control of your Android device (which,
given the exploit-like-it's-the-1990s state of security of the whole ecosystem
shouldn't be that hard) then I've MITM'd your net connection, while doing the
same for your router/access point is likely to be a lot harder.

Peter.



More information about the cypherpunks mailing list