Slashdot Mirror

← Back to Stories (view on slashdot.org)

80% of Cell Phone Encryption Solutions Insecure

Posted by timothy on from the nsa-working-on-the-rest dept.

An anonymous reader writes "Mobile Magazine writes about a blogger named Notrax who has tested 15 methods of secure encryption for mobile phones; out of those he found only 3 could not be cracked at some level. '12 of them were "worthless." It's easy to take the software at face value when it "tells you" that the call is secured. But how does someone actually go about being sure that it is secured? Notrax did some digging and discovered he could break in to almost all of them in under 30 minutes.'" (Above link is to a slightly older description of Notrax's approach; then, it was 9 out of 10 products that were worthless, instead of 12 out of 15.)

3 of 158 comments (clear)

  1. Re:Backdoors != news by sexconker · · Score: 0, Flamebait

    This goes against the whole principle of security. It doesn't need to be perfect, just harder to get around than the contents are worth.

    Wrong.
    Secure means secure.

    Hard means hard.
    Inconvenient means inconvenient.

    Hard, inconvenient, etc. do not mean secure.

    Yes, it is impossible, as it is impossible to be secure in anything, ever. It is folly to waste time entrenching yourself behind giant walls of security that will be broken in time. All walls fall eventually. The correct approach is to have a contingency plan for WHEN the walls fall.

    I'm not saying give up - I'm saying don't worry about shit that's beyond your control. The government can get your shit if they want to, no matter what you do. They are not above torturing you, killing your loved ones, etc.

    To bring up FOSS as a solution to a HARDWARE problem is a pathetic joke. To use paranoia FUD is always a joke, because paranoia never stops. How do I know that your FOSS isn't evil?
    I physically could not go through all of the source code for a modern Linux distribution and its compiler, and verify all hardware it runs on. No one person can. Peer review is a fucking joke as-is, if you want to talk about peer review in an attempt to assuage paranoia, then you're a moron - a paranoid person will simply think "conspirator review".

  2. Re:I Don't Trust Wireless In General by sexconker · · Score: 0, Flamebait

    I'd pay good money for them to install a patch cable.

    I've tried a few times to run a cable downstairs (in the wall, from upstairs, where the router is), but I can't get past the fire block.

    If I want to run a cable I'll have to cut into the drywall to do it. Since I'm in an apartment, I'll just deal with shitty wireless and run a long cable when I really need it.

  3. Re:Just 80%? by sexconker · · Score: 0, Flamebait

    Uh, what?
    Why break the key? Just grab it when person A hands it off to person B. Just beat person B in the kidneys until he tells you the key.