WIRED: One Small Fix Would Curb Stingray Surveillance

coderman coderman at protonmail.com
Tue Jan 28 09:54:34 PST 2020


‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
On Tuesday, January 28, 2020 7:16 AM, jim bell <jdb10987 at yahoo.com> wrote:

> WIRED: One Small Fix Would Curb Stingray Surveillance.
> https://www.wired.com/story/stingray-surveillance-cell-tower-pre-authentication

'''
The telecom and tech industries could overcome these challenges if they decided to prioritize a fix. That's a big if. Nasser points to a solution that would [function a lot like HTTPS web encryption](https://www.wired.com/2016/04/hacker-lexicon-what-is-https-encryption/), allowing phones to quickly check cell tower "certificates" to prove their legitimacy before establishing a secure connection. Last year, Hussain and colleagues from Purdue and the University of Iowa [developed and proposed](https://dl.acm.org/doi/10.1145/3317549.3323402) such an authentication scheme for the bootstrapping process in 5G.

"As long as phones will connect to anything advertising itself as a tower, it’s kind of free-for-all," Nasser says. "This problem is big low-hanging fruit, and there are many ways things could get better I think."

'''

never gonna happen :(
  would be nice, though...

this is a warning for lawful access to encryption; once you've compromised a system "for official purpose" it's compromised forever.

best regards,
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 2084 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks/attachments/20200128/534c10b3/attachment.txt>


More information about the cypherpunks mailing list