The thing that stinks about lego these days are all the damned themed sets. Kids put them together and then don't want to take them apart or mix the pieces with other sets. They were better for kids when you could only buy them by the bucket full.
Can you exlplain how installing a 3rd party android build would prevent OTA installs? OTA install capabilities exist at a level lower than the OS. On a GSM handset that would be the SIM. The network operator can install stuff there that you will never see and nobody AFAIK is rooting a SIM. Root the SIM and you root the phone.
Agree. If they have the capability they're not going to reveal this for a relatively uninteresting financial crime. There is some question regarding the NSA and one of the standards to generate random numbers:
http://www.schneier.com/blog/archives/2007/11/the_strange_sto.html
I recently discovered something called a "Turbo SIM" located here: http://www.bladox.com/index.php?lang=en
It is essentially a tiny microcontroller that sits between your mobile handset and your SIM card(sandwiched). The GSM standard allows network operator approved apps. to run from within the SIM. It is called "SIM toolkit" or STK. Only big business (banks etc) seem to run apps in this STK mode. The TurboSIM makes your handset think your own apps are on the SIM. The programmability of this gadget is cool as the GSM standard says that when the legit SIM is booted up it queries the hardware to find out what its capabilities are and a string of bits are returned from the handset to the SIM. One of these bits indicates whether or not the hardware is capable of OTA updates. Capturing this data and spoofing it would be trivial it would seem and is being done for other reasons (look at the forums). Something to think about.
you can download software from the lego website that will allow you to do the design in 3D. Throw down the cash and they will ship your design but you have to build it. http://ldd.lego.com/
ok. I guess I'm unclear on what the point of that link would be then. GSM can do data. You will have to explain the purpose of exchanging IP via sms as I don't understand how this would work.
I understand you can do data with GSM. "privateGSM" is for making mobile to mobile data calls and for that you need a CSD account or equivalent (read the link you provided). This is not the same thing as what is being described in the article here. CSD is like using a modem to establish a connection and it is relatively expensive. You can use your GSM mobile to make a data connection to a server on the web but it seems that if you want to make a data call directly to another mobile you have to have a special account.
I understand how ZRTP can work when a computer is calling another computer ( two things with ip addresses). What I don't understand is how you get two mobile phones to do the same thing without a special account with the network operator. It seems all those supplying encrypted mobile phones these days require you to have a CSD (circuit switched data or similar) account for your phone (it's the incoming data call that is the problem). My guess is that the purpose of the sms message is to tell the guy you want to call to initiate a data call to the "whisper" server. You are then patched together via their server for key exchange and subsequent communication. Just guessing.
If I recall correctly zrtp generates ephemeral "one time use" keys via Diffie Hellman key exchange. After the session, the keys are discarded. Also asymmetric encryption is used all the time with PGP/openGPG. I generate a key and encrypt a message to you using relatively speedy symmetric encryption, and then encrypt that key asymmetrically with your public key. I send you the bundled up pgp package. You decrypt the symmetric key with your private key and then decrypt my message. Of course the pgp protocol takes care of the details. At least that's how I think it works anyway.
There doesn't seem to be too many details on their site yet. I am wondering if both parties establish a connection with the Whisper Systems server and make the connection that way? Is this end to end encryption? Is the key exchange end to end or with their server? I didn't think that a mobile phone could receive in incoming data connection without a special account.
Slashdot Mirror
In order to "get more enraged and do something" people would likely need to give up their idiotic TV shows and care about something real. Sure pal.
Let's not forget about the expensive war that will result in a much safer nation. ;D
The thing that stinks about lego these days are all the damned themed sets. Kids put them together and then don't want to take them apart or mix the pieces with other sets. They were better for kids when you could only buy them by the bucket full.
Without cocaine and weed so many american kids would know absolutely nothing about the metric system. Think of the children!
but they will remain hot.
Can you do an OTA update to an android phone without user intervention? Can the network operator do this?
This is kind of interesting in that it's homemade and inexpensive: http://www.backpackinglight.com/cgi-bin/backpackinglight/xdpy/forum_thread/8994/index.html But I think that Doulton CeraGrav model LP5 looks nice though if you don't want to make it yourself.
Is it anything like this one?: http://doultonusa.com/HTML%20pages/water_filters_for_militaries.htm
Can you provide some info. on the system that passed military testing?
Yeah but the "This copy of windows is not genuine" crap is really annoying :D
An alternate DNS server might work for you: http://www.opendns.com/start/
Can you exlplain how installing a 3rd party android build would prevent OTA installs? OTA install capabilities exist at a level lower than the OS. On a GSM handset that would be the SIM. The network operator can install stuff there that you will never see and nobody AFAIK is rooting a SIM. Root the SIM and you root the phone.
Agree. If they have the capability they're not going to reveal this for a relatively uninteresting financial crime. There is some question regarding the NSA and one of the standards to generate random numbers: http://www.schneier.com/blog/archives/2007/11/the_strange_sto.html
I recently discovered something called a "Turbo SIM" located here: http://www.bladox.com/index.php?lang=en It is essentially a tiny microcontroller that sits between your mobile handset and your SIM card(sandwiched). The GSM standard allows network operator approved apps. to run from within the SIM. It is called "SIM toolkit" or STK. Only big business (banks etc) seem to run apps in this STK mode. The TurboSIM makes your handset think your own apps are on the SIM. The programmability of this gadget is cool as the GSM standard says that when the legit SIM is booted up it queries the hardware to find out what its capabilities are and a string of bits are returned from the handset to the SIM. One of these bits indicates whether or not the hardware is capable of OTA updates. Capturing this data and spoofing it would be trivial it would seem and is being done for other reasons (look at the forums). Something to think about.
Perfect. mod up :D
you can download software from the lego website that will allow you to do the design in 3D. Throw down the cash and they will ship your design but you have to build it. http://ldd.lego.com/
What is this service called? I don't think my GSM service provider has this (AT&T in the USA) or allows it. I'm curious.
ok. I guess I'm unclear on what the point of that link would be then. GSM can do data. You will have to explain the purpose of exchanging IP via sms as I don't understand how this would work.
Yep. The only secure hardware is harware not connected to a network. These guys learned that lesson: http://www.politechbot.com/docs/fbi.ardito.roving.bug.opinion.120106.txt
I understand you can do data with GSM. "privateGSM" is for making mobile to mobile data calls and for that you need a CSD account or equivalent (read the link you provided). This is not the same thing as what is being described in the article here. CSD is like using a modem to establish a connection and it is relatively expensive. You can use your GSM mobile to make a data connection to a server on the web but it seems that if you want to make a data call directly to another mobile you have to have a special account.
I understand how ZRTP can work when a computer is calling another computer ( two things with ip addresses). What I don't understand is how you get two mobile phones to do the same thing without a special account with the network operator. It seems all those supplying encrypted mobile phones these days require you to have a CSD (circuit switched data or similar) account for your phone (it's the incoming data call that is the problem). My guess is that the purpose of the sms message is to tell the guy you want to call to initiate a data call to the "whisper" server. You are then patched together via their server for key exchange and subsequent communication. Just guessing.
If I recall correctly zrtp generates ephemeral "one time use" keys via Diffie Hellman key exchange. After the session, the keys are discarded. Also asymmetric encryption is used all the time with PGP/openGPG. I generate a key and encrypt a message to you using relatively speedy symmetric encryption, and then encrypt that key asymmetrically with your public key. I send you the bundled up pgp package. You decrypt the symmetric key with your private key and then decrypt my message. Of course the pgp protocol takes care of the details. At least that's how I think it works anyway.
There doesn't seem to be too many details on their site yet. I am wondering if both parties establish a connection with the Whisper Systems server and make the connection that way? Is this end to end encryption? Is the key exchange end to end or with their server? I didn't think that a mobile phone could receive in incoming data connection without a special account.
From what I understand implementing encrytion correctly is tricky business. This looks good: http://www.cs.auckland.ac.nz/~pgut001/cryptlib/
Do you really believe that? I've often wondered who buys that stuff and why.