Friday, October 25, 2013

Did US Tap Chancellor Merkel’s Mobile Phone? - Opinion


I read new articles every day on how Germany complains about NSA spying. Now turned out that there is a high chance that even Merkel’s phone conversations were tapped. What is the main problem behind protecting ourselves?

1. Security solutions come from US

This is a big problem since there is not a single security solution in US that has no backdoor. Even the “most secure” PGP was compromised, however PGP has no connection to any US governmental institutes. Why not to use PGP? Read this: https://github.com/pagekite/Mailpile/issues/79. Blackberry is very popular smartphone in Germany, and guess, what encryption Blackberry uses? Yes, you all right, PGP.

2. Standard mobile encryption solutions

The standards considerably decrease the security level. You now why? Because standard sets rules that is a good help when you try to break an encryption (you know the key lenghts for example). Not mentioning that governmental institutes and corporations have hardware and software resources tailored to break standard encryptions. Any non standard encryption need substantial extra effort to break.

3. Software based solutions

To protect a communication channel you need to protect all information that provides security of that converstion. These are encryption keys in the first place. If you use software base solution, your keys are stored in standard storing elements of your device. These elements (memory for example) are readable, writeable storages, not designed to store anything in a secure way. That means your encryption keys can be read or written. Sounds secure? Not really…

Any solution?

Of course, there is a solution. The keys that provide the security of a communication network have to be stored in a secure place, which MUST BE some kind of a hardware piece. Several solutions are on the market with unique hardware protection, mainly available for governmental use. These are special hardwares, you can not use it with you smartphone. However, Secfone seems to break the rule…

Please click +Google or share on Facebook if you found this article interesting.

1 comment:

  1. Recently, the issue of mobile phones security has been highlighted and much debated. There is still no perfect solution found for it. There is a serious need of tackling this issue.

    ReplyDelete