ттттттт Original Message ттттттт On Tuesday, January 28, 2020 7:16 AM, jim bell wrote: WIRED: One Small Fix Would Curb Stingray Surveillance. [1]https://www.wired.com/story/stingray-surveillance-cell-tower-pre-authenticati on ''' The telecom and tech industries could overcome these challenges if they decided to prioritize a fix. That's a big if. Nasser points to a solution that would [2]function a lot like HTTPS web encryption, allowing phones to quickly check cell tower "certificates" to prove their legitimacy before establishing a secure connection. Last year, Hussain and colleagues from Purdue and the University of Iowa [3]developed and proposed such an authentication scheme for the bootstrapping process in 5G. "As long as phones will connect to anything advertising itself as a tower, itтs kind of free-for-all," Nasser says. "This problem is big low-hanging fruit, and there are many ways things could get better I think." ''' never gonna happen :( would be nice, though... this is a warning for lawful access to encryption; once you've compromised a system "for official purpose" it's compromised forever. best regards, References 1. https://www.wired.com/story/stingray-surveillance-cell-tower-pre-authentication 2. https://www.wired.com/2016/04/hacker-lexicon-what-is-https-encryption/ 3. https://dl.acm.org/doi/10.1145/3317549.3323402