I think in a bid not to be left out and also to feel ' competitive' Microsoft just came clean on collecting location data.


http://packetstormsecurity.org/news/view/19060/Microsoft-Admits-That-Windows-Phone-7-Collects-Location-Data.html

-ty

On Wed, Apr 27, 2011 at 9:30 AM, John Gitau <jgitau@gmail.com> wrote:
hmm...Kinuthia, I agree and sort of disagree with you on who has
access to the technologies. True, the biggest beneficiaries are
governments.

The trick here is to figure out the motivation behind trying to
'crack' the security or lack of it. Who would have imagined trying to
crack standard 802.xx wireless networks in the past. GSM hardware is
slowly becoming commoditized. You are now using gsm/umts to do
millions in transactions from Mpesa to ATM's....currently you can get
firmware for a baseband processor, FREE, you can build in your house
today a small gsm network for tests or whatever, for less than 1000
USD...my point is...don't ignore this (well you cant do much about it,
but have it at the back of your mind) - and if a criminal, ditch the
cellphone:-)....the ATM you go to is probably using GSM/UMTS:-), so is
your MPESA and whatever mobile money transfer you use....

You still think there's no motivation to invest in this stuff....:-)

JGitau

On Tue, Apr 26, 2011 at 9:53 PM, Kinuthia Ngugi
<kinuthia.ngugi@gmail.com> wrote:
> On a similar note, a very interesting account of the Athens Affair, for
> those who maybe patient to read through. Goes to show what can be done by a
> determined person;
>
> http://spectrum.ieee.org/telecom/security/the-athens-affair/1
>
>
>
>
> On Tue, Apr 26, 2011 at 9:29 PM, Kinuthia Ngugi <kinuthia.ngugi@gmail.com>
> wrote:
>>
>> The A5/1 crack is not a theory, it's a reality and those guys in that link
>> demonstrated this sometime last yr. However, what was apparent was that to
>> achieve an actual tap is a very complicated and expensive affair, so much so
>> that to exploit it in any meaningful way would require organized entities
>> with unlimited resources (such as government security agencies). Infact, not
>> far fetched conjecture
>> within industry circles has always suggested that all the current A5/* GSM
>> ciphering algorithms were cracked long ago by some agencies (Mossad is a
>> prime suspect), its just that it's not in the public domain.
>>
>> On Tue, Apr 26, 2011 at 7:59 PM, John Adams <adams.opiyo@gmail.com> wrote:
>>>
>>> That makes this guys theory correct...that A/51 encryption is a
>>> toast!....:)...this could be the next big infiltration point....
>>>
>>> On Tue, Apr 26, 2011 at 2:38 PM, John Gitau <jgitau@gmail.com> wrote:
>>>>
>>>> actually its not just androids and Iphones, any phone with gps can
>>>> 'track' you...Im not sure how much info you need but: but the US
>>>> several years back made it a requirement that cellphones making 911
>>>> calls also send their locations or have the ability to avail it, this
>>>> was built into the baseband processor - the specs were defined on 3GPP
>>>> TS 04.31. the specification was called RRLP - radio resource location
>>>> services. http://en.wikipedia.org/wiki/RRLP
>>>>
>>>> Unfortunately for you, this communication is not authenticated. RRLP
>>>> is to say the least one of the most dangerously open protocols out
>>>> there -  gsm (well the baseband processor) is full of them -.
>>>> fortunately for you, people/governments are not interested in hacking
>>>> gsm networks and phones yet...if you're a criminal however....just use
>>>> that torch with a phone:-)
>>>>
>>>> Apple and Android probably just have apps sitting on top of this, but
>>>> all gps enabled gsm phones are a risky affair...steve if you need more
>>>> details on the baseband processor/gps and maybe a few papers you know
>>>> where to reach me..
>>>>
>>>> JGitau
>>>> On Sat, Apr 23, 2011 at 11:45 PM, Kinuthia Ngugi
>>>> <kinuthia.ngugi@gmail.com> wrote:
>>>> > I think if Android devices were found to be doing this it wont be much
>>>> > of a
>>>> > fuss, after all android has very strong open source thus geek
>>>> > community
>>>> > roots...this is normally taken as a shameless excuse to do all sorts
>>>> > things
>>>> > and get away with it :) :)..... But iPhone doing this kind of thing
>>>> > after
>>>> > some sort of rogue update and not declaring??? Walalalala!!....
>>>> >
>>>> > On Sat, Apr 23, 2011 at 8:59 PM, Dennis Kioko <dmbuvi@gmail.com>
>>>> > wrote:
>>>> >>
>>>> >> On a lighter note, Windows and RIM have come out protesting that no
>>>> >> one is
>>>> >> bothering to find out if they are secretly tracking users. Both firms
>>>> >> have
>>>> >> promised to pay anyone who proves that they are secretly tracking
>>>> >> users
>>>> >> too.
>>>> >> link not available
>>>> >> _______________________________________________
>>>> >> Skunkworks mailing list
>>>> >> Skunkworks@lists.my.co.ke
>>>> >> http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks
>>>> >> ------------
>>>> >> Skunkworks Rules
>>>> >> http://my.co.ke/phpbb/viewtopic.php?f=24&t=94
>>>> >> ------------
>>>> >> Other services @ http://my.co.ke
>>>> >
>>>> >
>>>> > _______________________________________________
>>>> > Skunkworks mailing list
>>>> > Skunkworks@lists.my.co.ke
>>>> > http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks
>>>> > ------------
>>>> > Skunkworks Rules
>>>> > http://my.co.ke/phpbb/viewtopic.php?f=24&t=94
>>>> > ------------
>>>> > Other services @ http://my.co.ke
>>>> >
>>>>
>>>>
>>>>
>>>> --
>>>> **Gitau
>>>> _______________________________________________
>>>> Skunkworks mailing list
>>>> Skunkworks@lists.my.co.ke
>>>> http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks
>>>> ------------
>>>> Skunkworks Rules
>>>> http://my.co.ke/phpbb/viewtopic.php?f=24&t=94
>>>> ------------
>>>> Other services @ http://my.co.ke
>>>
>>>
>>>
>>> --
>>> --Cursed be the day I was born if I do not learn a new thing
>>> today--Chinese Saying
>>>
>>> Regards,
>>> Adams John Opiyo.
>>>
>>>
>>> _______________________________________________
>>> Skunkworks mailing list
>>> Skunkworks@lists.my.co.ke
>>> http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks
>>> ------------
>>> Skunkworks Rules
>>> http://my.co.ke/phpbb/viewtopic.php?f=24&t=94
>>> ------------
>>> Other services @ http://my.co.ke
>>
>
>
> _______________________________________________
> Skunkworks mailing list
> Skunkworks@lists.my.co.ke
> http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks
> ------------
> Skunkworks Rules
> http://my.co.ke/phpbb/viewtopic.php?f=24&t=94
> ------------
> Other services @ http://my.co.ke
>



--
**Gitau
_______________________________________________
Skunkworks mailing list
Skunkworks@lists.my.co.ke
http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks
------------
Skunkworks Rules
http://my.co.ke/phpbb/viewtopic.php?f=24&t=94
------------
Other services @ http://my.co.ke