[messaging] Pour one out for "voice authentication"

Joseph Bonneau jbonneau at gmail.com
Fri Jan 2 08:02:18 PST 2015

On Fri, Jan 2, 2015 at 7:57 AM, Mike Hearn <mike at plan99.net> wrote:

> Whilst all this is undoubtably true, it's presumably much harder and more
> expensive to scale this attack up than to do a plain old MITM key switch.

Agreed. Doing this attack for mass surveillance is probably impractical,
but for targeted surveillance it's probably quite practical.

> Also I guess by just adding video, the attack gets a lot harder.

I'm not as sure about that, but it would be an interesting follow-up
experiment. Without high-quality video (e.g. on a phone over 3G), I wonder
how many users will notice if you leave the video completely intact and
simply change the audio? I'd guess most people won't notice.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://moderncrypto.org/mail-archive/messaging/attachments/20150102/078b0c31/attachment.html>

More information about the Messaging mailing list