tom at ritter.vg
Wed Aug 20 07:54:04 PDT 2014
On 19 August 2014 23:15, Tony Arcieri <bascule at gmail.com> wrote:
> On Tue, Aug 19, 2014 at 9:09 PM, Arne Renkema-Padmos
> <renkema.padmos at gmail.com> wrote:
>> About communication of the fingerprint over the phone: maybe JackPair
>> has some relevant insights?
> This has to be one of the worst ideas I've seen in recent history.
> We start with a Smartphone completely ready to be a handset for an encrypted
> telephony app like RedPhone or Signal.
Well, not always. Sometimes we start with a flip burner phone, or a
POTS line, or a device without a radio (iPod), etc.
> Except we don't trust it or something? So we try to airgap an encryption key
> into a special purpose physical hardware.
If you have a smartphone, you're right you probably do trust it. But
the ability to airgap onto dedicated hardware is desirable for a small
percentage of people. I don't know if it's enough to support
tremendous development in the area, but I would like to see some
excursions into it.
> Both parties need the same device
> to communicate. That's a lot harder than an app...
Harder is relative. Harder to distribute physically: yes. Harder to
use or understand: I'm not so certain. I would _love_ to see a
usability study of Signal, RedPhone, and this.
> Except... if we don't trust our phone to do encryption, why are we using it
> to make encrypted phone calls? If we're making POTS calls, we're on a
> network that can triangulate our location
I'm not sure why you're mixing content encryption with location privacy.
> , and if someone has compromised a
> Smartphone enough to get encryption keys, they can probably use your
> handset's microphone (or accelerometer) to figure out what you're saying.
I have strong doubts about accelerometer-based audio pickup in
real-world settings. It sounds a lot like stunt hacking to me. If one
compromises a smartphone thoroughly, yes, you should be able to
exfiltrate plaintext audio through the handset mic.
I see JackPair as many things, all of which I want to encourage:
a) Open source encryption HARDWARE (I think...)
b) Low-Cost (not as low as I'd like, but still low) dedicated hardware devices
c) With hardcoded keys in a second-generation device, this becomes a
MITM-proof device that requires no key distribution: hand off the
device and key distribution is done
d) Tackling 'legacy' cellular and POTS networks head-on
More information about the Messaging