-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, Dec 03, 2015 at 02:02:35PM +0100, Paul Boddie wrote: > On Thursday 3. December 2015 02.46.03 Werner Almesberger wrote: > > > > Well, the cool new thing seem to be those two-factor "soft tokens" > > running on smartphones. What could possibly go wrong ? :-) > > It's certainly worth considering what these solutions actually offer. My > impression is that the phones have some kind of hardware unit for storing > keys > in a similar manner to smartcards [1] - it could well be the SIM that > provides > this, given the relationship between SIM and smartcard technologies - and > that > phones use this mechanism to issue tokens [2].
Even if it looks great on paper, there is always the issue that phones are among the biggest targets of the NSA, as far as I know. They're almost certainly filled with backdoors. I would expect the same to happen to any significant crypto device that gets sold in the USA, though. Thanks, Bas -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJWYGLXAAoJEJzRfVgHwHE6j9UQAIiQJPKGRtoqfpt0LupK40l2 BjvdFoN2qLoS9fBtMJl7TGJ3h49inyDDHfN5ltqgLaFJLyZIyniPZ5W1B8hYZjH3 x4xrtKU9JScunWU5kTImZtKCOsCIm3KdRprPBO7EiRaUl62WmsG3+CDefqxksExz RFMKHNsZAS4qvrworRx4D5XO5NuD6z8neW9q5l3Hzp84K8+Y7J2LywbZTMdNgw3W 0GByu4Udeh4OuFCYQG8yDKwaYllZr6/Yv811jm0PB5HhUOfzBoLDXHYUmAjPY3wi QV3aOeW9v+NxbMci3mQYLF2XrM+KFea1PENk990WpRgnlbMeZqjueRwUYwHzSTz4 TnsesP1PsxAq7l0JXSDe5OXIkMERjXOv3HdSRgzFLPle4eXif9tmH5HXaiXNmyDu goBc9MtaQsNPST/ptv6luHMZmHhcJKtQGNzJe8jvW3gu62gPq7wZsI2tfLESJCuR V15Lo+pqEwHmmMV5Re4Nymhe6jWcs4TQmehKYbHUBJDSdl9a/PDmik3HE8q0fMeE KEdKpPUm4Mabl/7O0aGjQrM3rd9GYNahZsmdNOKqj4sLlX/RGZwseR1SVztGCpq+ ck5ubD3IfwCaqQtvq8c6yZcjrpUgHd5GHqJLHxbRNiC4Ksb6LL5Nevqd6dfGkd46 d1GhANNmAra8z/xskRY9 =OKiA -----END PGP SIGNATURE----- _______________________________________________ Qi Hardware Discussion List Mail to list (members only): [email protected] Subscribe or Unsubscribe: http://lists.en.qi-hardware.com/mailman/listinfo/discussion
