[messaging] Pour one out for "voice authentication"
jbonneau at gmail.com
Fri Jan 2 08:02:18 PST 2015
On Fri, Jan 2, 2015 at 7:57 AM, Mike Hearn <mike at plan99.net> wrote:
> Whilst all this is undoubtably true, it's presumably much harder and more
> expensive to scale this attack up than to do a plain old MITM key switch.
Agreed. Doing this attack for mass surveillance is probably impractical,
but for targeted surveillance it's probably quite practical.
> Also I guess by just adding video, the attack gets a lot harder.
I'm not as sure about that, but it would be an interesting follow-up
experiment. Without high-quality video (e.g. on a phone over 3G), I wonder
how many users will notice if you leave the video completely intact and
simply change the audio? I'd guess most people won't notice.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Messaging