On Friday 30 January 2009, Peter Keel wrote:
[ISO]
Thou shalt not design protocols by commitee.
Or mapped to the current issue:
Security cannot be declared, one can only try hard and
constantly to implement it.
This is what many, many people don't understand. Especially those
whit lack of technical knowledge, which then poorly have to fall
back to say but its illegal.
For example see the award winning statemant of the DECT Forum
after it was discovered that most DECT phones can easly be
wiretapped:
Das DECT Forum, der internationale Verband der
Home-Communication-Industrie, hält das Abhörisiko aufgrund der
entdeckten Schwachstellen in der Kommunikation von Mobilteilen
mit der Basisstation für gering. Das leitet das DECT Forum
daraus ab, dass das Abhören von Telefongesprächen eine Straftat
darstelle und es nicht möglich sei, Telefongespräche zufällig
abzuhören.
http://www.heise.de/security/DECT-Forum-Abhoerrisiko-bei-schnurlosen-Telefonen-gering-Update--/news/meldung/121635
I don't think that this statement makes anybody feel safer.
Poore one if this statement is ones only answer.
Greets,
Michi
___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog