Crypto mechanics in ios8 and android L

coderman coderman at gmail.com
Tue Oct 14 22:55:27 PDT 2014


On 10/14/14, bluelotus at openmailbox.org <bluelotus at openmailbox.org> wrote:
> How would tethering a tablet or laptop to a smartphone be more private
> than directly using the smartphone?


it is more private because you are separating domains of
communication. the less trustworthy smartphone is used as a network
link (cell or other uplink) and not trusted with the content of the
encrypted communications it carries.

likewise, the cryptographic sessions live off device, on the tethered
tablet or laptop, where presumably it is beyond reach of a suspect
smartphone.

there are many attack methods which can escalate beyond the vulnerable
device, however, so this approach must be considered in the context of
threat model, and likely insufficient alone.



> Do tablets have a secret baseband?

yes, however they are fewer, and if limited to 802.11, easier to
isolate / verify with external tools.



> How to drive a phone's sms over it's usb port?

"instrumenting and automating" device behavior through remote or
programmatic means is a black art unto itself.  :P


best regards,



More information about the cypherpunks mailing list