SlideShare uma empresa Scribd logo

Cyber Warfare - Milan 2015

Transferir como ODP, PDF
Marco Pozzato
Marco Pozzato

This document discusses cyberespionage and cryptography in the modern IT era. It notes that communications are now digital and pervasive, making mass wiretapping cheap. It recommends choosing a secure voice and text communication solution that uses open internet standards and protocols to protect information, as mobile networks are insecure and government espionage and mass surveillance are threats. The solution should balance usability, security, and allowing users their preferred devices.

Tecnologia
1 de 13
Cyberespionage and cryptography: protecting information in the Information Technology era June 2015 Marco Pozzato CTO PrivateWave Italia S.p.A.
Once upon a time... In old ages ● Paper and envelops ● Horses or vehicles Espionage was: ● expensive and time consuming → no mass scale ● invasive and visible
3rd Millennium Nowadays ● Voice: landline and mobile ● Asynchronous messaging: SMS, email ● Instant Messaging: whatsapp, facebook Communications are: ● digital → espionage is transparent and undetectable ● pervasive → mass wiretapping is cheap
Mobile Networks Are Insecure ● GSM is broken! ● Cracked in 2011 with 20$ hardware ● UMTS is theoretically flawed, practically secure ● Phones are dual mode → a jammer forces them to GSM protocol
Threats Privacy, Business and national security threats: ● Government espionage ● Mass surveillance ● Industrial espionage Secure Voice & Text Communications
Choose Secure Communication Solution ● Define Risk Context ● Who are my attackers? Which factors affects decision?
Technologies & Networks ● Data Over Voice (DoV) codec → impractical ● Circuit Switched Data (CSD) → phased out ● TETRA → expensive devices and poor network coverage Solution is Secure Voice over Internet Protocol
Usability and Devices ● Secure Phone: hard security ● Blackberry OS 5/6/7: push email ● Iphone: cool device ● Android: power users and geeks ● Blackberry 10: security & EMM Users want their beloved smartphone and apps
Software VS Hardware ● HW with Crypto SD card – Expensive – No SD card trend in new devices – Not replaceable ● SW only – Cheap – Flexible – Easily replaceable
Architecture
Architecture - Wiretapping ● Software as a Service in cloud ● Provider is responsible ● On premise ● Customer owns communication infrastructure
Communications Protocols ● Proprietary ● Geopolitical Standards ● SCIP ● SNS ● Internet Open Standards ● SIP/TLS ● SRTP ● SDES ● ZRTP
Vulnerability assessment ● Made by third party company ● Different methodologies

Recomendados

Tehnologija ni nevtralna
Tehnologija ni nevtralnaTehnologija ni nevtralna
Tehnologija ni nevtralna
Domen Savič
 
Privacy is an Illusion and you’re all losers! - Cryptocow - Infosecurity 2013
Privacy is an Illusion and you’re all losers! - Cryptocow - Infosecurity 2013Privacy is an Illusion and you’re all losers! - Cryptocow - Infosecurity 2013
Privacy is an Illusion and you’re all losers! - Cryptocow - Infosecurity 2013
Cain Ransbottyn
 
Darknet (roxas, juan raveeno s) powerpoint file
Darknet (roxas, juan raveeno s) powerpoint fileDarknet (roxas, juan raveeno s) powerpoint file
Darknet (roxas, juan raveeno s) powerpoint file
raevenroxas
 
Global challenges in the new information age
Global challenges in the new information ageGlobal challenges in the new information age
Global challenges in the new information age
Nitish Rai
 
Bluetooth Attacks.docx
Bluetooth Attacks.docxBluetooth Attacks.docx
Bluetooth Attacks.docx
Shravani Patil
 
Paul nicholas presentation
Paul nicholas presentationPaul nicholas presentation
Paul nicholas presentation
svito
 
Forensics Expo, London 2015
Forensics Expo, London 2015Forensics Expo, London 2015
Forensics Expo, London 2015
Prof John Walker FRSA Purveyor Dark Intelligence
 
Cryptoparty like it's 1999
Cryptoparty like it's 1999Cryptoparty like it's 1999
Cryptoparty like it's 1999
mgohr
 

Recomendados

Tehnologija ni nevtralna
Tehnologija ni nevtralnaTehnologija ni nevtralna
Tehnologija ni nevtralna
Domen Savič
 
Privacy is an Illusion and you’re all losers! - Cryptocow - Infosecurity 2013
Privacy is an Illusion and you’re all losers! - Cryptocow - Infosecurity 2013Privacy is an Illusion and you’re all losers! - Cryptocow - Infosecurity 2013
Privacy is an Illusion and you’re all losers! - Cryptocow - Infosecurity 2013
Cain Ransbottyn
 
Darknet (roxas, juan raveeno s) powerpoint file
Darknet (roxas, juan raveeno s) powerpoint fileDarknet (roxas, juan raveeno s) powerpoint file
Darknet (roxas, juan raveeno s) powerpoint file
raevenroxas
 
Global challenges in the new information age
Global challenges in the new information ageGlobal challenges in the new information age
Global challenges in the new information age
Nitish Rai
 
Bluetooth Attacks.docx
Bluetooth Attacks.docxBluetooth Attacks.docx
Bluetooth Attacks.docx
Shravani Patil
 
Paul nicholas presentation
Paul nicholas presentationPaul nicholas presentation
Paul nicholas presentation
svito
 
Forensics Expo, London 2015
Forensics Expo, London 2015Forensics Expo, London 2015
Forensics Expo, London 2015
Prof John Walker FRSA Purveyor Dark Intelligence
 
Cryptoparty like it's 1999
Cryptoparty like it's 1999Cryptoparty like it's 1999
Cryptoparty like it's 1999
mgohr
 
Information security in the starbucks generation
Information security in the starbucks generationInformation security in the starbucks generation
Information security in the starbucks generation
Tony Lauro
 
Raoul chiesa - Auditing the hacker mind - da wargames a underground economy
Raoul chiesa - Auditing the hacker mind - da wargames a underground economyRaoul chiesa - Auditing the hacker mind - da wargames a underground economy
Raoul chiesa - Auditing the hacker mind - da wargames a underground economy
CRS4 Research Center in Sardinia
 
ISOC and GSMA: Shared Futures, Global Opportunities
ISOC and GSMA: Shared Futures, Global OpportunitiesISOC and GSMA: Shared Futures, Global Opportunities
ISOC and GSMA: Shared Futures, Global Opportunities
Internet Society
 
ICTY Codebits 2014
ICTY Codebits 2014ICTY Codebits 2014
ICTY Codebits 2014
mmveiga
 
Door lock and camera system solutions
Door lock and camera system solutionsDoor lock and camera system solutions
Door lock and camera system solutions
Mobiloitte
 
Stop in the name of norton
Stop in the name of nortonStop in the name of norton
Stop in the name of norton
spkiely
 
עומר נגד עומאר תגרת ההאקטיביזם והרשת החברתית של זירת ההאקרים הדיגיטלית מצגת
עומר נגד עומאר תגרת ההאקטיביזם והרשת החברתית של זירת ההאקרים הדיגיטלית מצגתעומר נגד עומאר תגרת ההאקטיביזם והרשת החברתית של זירת ההאקרים הדיגיטלית מצגת
עומר נגד עומאר תגרת ההאקטיביזם והרשת החברתית של זירת ההאקרים הדיגיטלית מצגת
Dr. Anat Klumel
 
PrivateWave - sales presentation_en
PrivateWave - sales presentation_enPrivateWave - sales presentation_en
PrivateWave - sales presentation_en
Marco Pissarello
 
Introduction to null villupuram community
Introduction to null villupuram communityIntroduction to null villupuram community
Introduction to null villupuram community
Mohammed Adam
 
How European start-ups can make a business out of the US shut-down of privacy...
How European start-ups can make a business out of the US shut-down of privacy...How European start-ups can make a business out of the US shut-down of privacy...
How European start-ups can make a business out of the US shut-down of privacy...
Moldova ICT Summit
 
Tor
TorTor
Tor
Alok Kumar Padhi
 
mobile technology
mobile technologymobile technology
mobile technology
arisirwan1
 
Z0C (Pitch Deck)
Z0C (Pitch Deck)Z0C (Pitch Deck)
Z0C (Pitch Deck)
PROBOTEK
 
Technology in mobile
Technology in mobileTechnology in mobile
Technology in mobile
ACMT Group of college Saket
 
Tor project and Darknet Report
Tor project and Darknet ReportTor project and Darknet Report
Tor project and Darknet Report
Ahmed Mater
 
Law and Technology - Mobile Phone Crimes
Law and Technology - Mobile Phone CrimesLaw and Technology - Mobile Phone Crimes
Law and Technology - Mobile Phone Crimes
MrityunjaySaraswat
 
Telefónica security io_t_final
Telefónica security io_t_finalTelefónica security io_t_final
Telefónica security io_t_final
Christopher Wang
 
Summary of Network Security Conference (#NetworkSecurity)
Summary of Network Security Conference (#NetworkSecurity)Summary of Network Security Conference (#NetworkSecurity)
Summary of Network Security Conference (#NetworkSecurity)
3G4G
 
Where next for encryption regulation?
Where next for encryption regulation?Where next for encryption regulation?
Where next for encryption regulation?
blogzilla
 
SF 9 FCS UNIT 2.pptx
SF 9 FCS UNIT 2.pptxSF 9 FCS UNIT 2.pptx
SF 9 FCS UNIT 2.pptx
Siva Krishna Prasad
 
Gemalto corporate presentation & m health introduction
Gemalto corporate presentation & m health introductionGemalto corporate presentation & m health introduction
Gemalto corporate presentation & m health introduction
3GDR
 
Z0C - Presentation (EN)
Z0C - Presentation (EN)Z0C - Presentation (EN)
Z0C - Presentation (EN)
PROBOTEK
 

Mais conteúdo relacionado

Mais procurados

ICTY Codebits 2014
ICTY Codebits 2014ICTY Codebits 2014
ICTY Codebits 2014
mmveiga
 
Stop in the name of norton
Stop in the name of nortonStop in the name of norton
Stop in the name of norton
spkiely
 
PrivateWave - sales presentation_en
PrivateWave - sales presentation_enPrivateWave - sales presentation_en
PrivateWave - sales presentation_en
Marco Pissarello
 

Mais procurados (11)

Information security in the starbucks generation
Information security in the starbucks generationInformation security in the starbucks generation
Information security in the starbucks generation
 
Raoul chiesa - Auditing the hacker mind - da wargames a underground economy
Raoul chiesa - Auditing the hacker mind - da wargames a underground economyRaoul chiesa - Auditing the hacker mind - da wargames a underground economy
Raoul chiesa - Auditing the hacker mind - da wargames a underground economy
 
ISOC and GSMA: Shared Futures, Global Opportunities
ISOC and GSMA: Shared Futures, Global OpportunitiesISOC and GSMA: Shared Futures, Global Opportunities
ISOC and GSMA: Shared Futures, Global Opportunities
 
ICTY Codebits 2014
ICTY Codebits 2014ICTY Codebits 2014
ICTY Codebits 2014
 
Door lock and camera system solutions
Door lock and camera system solutionsDoor lock and camera system solutions
Door lock and camera system solutions
 
Stop in the name of norton
Stop in the name of nortonStop in the name of norton
Stop in the name of norton
 
עומר נגד עומאר תגרת ההאקטיביזם והרשת החברתית של זירת ההאקרים הדיגיטלית מצגת
עומר נגד עומאר תגרת ההאקטיביזם והרשת החברתית של זירת ההאקרים הדיגיטלית מצגתעומר נגד עומאר תגרת ההאקטיביזם והרשת החברתית של זירת ההאקרים הדיגיטלית מצגת
עומר נגד עומאר תגרת ההאקטיביזם והרשת החברתית של זירת ההאקרים הדיגיטלית מצגת
 
PrivateWave - sales presentation_en
PrivateWave - sales presentation_enPrivateWave - sales presentation_en
PrivateWave - sales presentation_en
 
Introduction to null villupuram community
Introduction to null villupuram communityIntroduction to null villupuram community
Introduction to null villupuram community
 
How European start-ups can make a business out of the US shut-down of privacy...
How European start-ups can make a business out of the US shut-down of privacy...How European start-ups can make a business out of the US shut-down of privacy...
How European start-ups can make a business out of the US shut-down of privacy...
 
Tor
TorTor
Tor
 

Semelhante a Cyber Warfare - Milan 2015

Gemalto corporate presentation & m health introduction
Gemalto corporate presentation & m health introductionGemalto corporate presentation & m health introduction
Gemalto corporate presentation & m health introduction
3GDR
 
Trust and the web veria 11 12- 09
Trust and the web veria 11 12- 09Trust and the web veria 11 12- 09
Trust and the web veria 11 12- 09
vafopoulos
 
20100602 porticor at igt short
20100602 porticor at igt short20100602 porticor at igt short
20100602 porticor at igt short
giladpn
 
Revision Terrorist And Rebel Use Of It (David & Jorge)
Revision Terrorist And Rebel Use Of It (David & Jorge)Revision Terrorist And Rebel Use Of It (David & Jorge)
Revision Terrorist And Rebel Use Of It (David & Jorge)
itgsabc
 
The Mobile Consumer
The Mobile ConsumerThe Mobile Consumer
The Mobile Consumer
guest88f52f4
 

Semelhante a Cyber Warfare - Milan 2015 (20)

mobile technology
mobile technologymobile technology
mobile technology
 
Z0C (Pitch Deck)
Z0C (Pitch Deck)Z0C (Pitch Deck)
Z0C (Pitch Deck)
 
Technology in mobile
Technology in mobileTechnology in mobile
Technology in mobile
 
Tor project and Darknet Report
Tor project and Darknet ReportTor project and Darknet Report
Tor project and Darknet Report
 
Law and Technology - Mobile Phone Crimes
Law and Technology - Mobile Phone CrimesLaw and Technology - Mobile Phone Crimes
Law and Technology - Mobile Phone Crimes
 
Telefónica security io_t_final
Telefónica security io_t_finalTelefónica security io_t_final
Telefónica security io_t_final
 
Summary of Network Security Conference (#NetworkSecurity)
Summary of Network Security Conference (#NetworkSecurity)Summary of Network Security Conference (#NetworkSecurity)
Summary of Network Security Conference (#NetworkSecurity)
 
Where next for encryption regulation?
Where next for encryption regulation?Where next for encryption regulation?
Where next for encryption regulation?
 
SF 9 FCS UNIT 2.pptx
SF 9 FCS UNIT 2.pptxSF 9 FCS UNIT 2.pptx
SF 9 FCS UNIT 2.pptx
 
Gemalto corporate presentation & m health introduction
Gemalto corporate presentation & m health introductionGemalto corporate presentation & m health introduction
Gemalto corporate presentation & m health introduction
 
Z0C - Presentation (EN)
Z0C - Presentation (EN)Z0C - Presentation (EN)
Z0C - Presentation (EN)
 
DWS16 - Connected Things Forum - IoT Frédéric De Mont-Serrat, Matooma
DWS16 - Connected Things Forum - IoT Frédéric De Mont-Serrat, MatoomaDWS16 - Connected Things Forum - IoT Frédéric De Mont-Serrat, Matooma
DWS16 - Connected Things Forum - IoT Frédéric De Mont-Serrat, Matooma
 
Trust and the web veria 11 12- 09
Trust and the web veria 11 12- 09Trust and the web veria 11 12- 09
Trust and the web veria 11 12- 09
 
20100602 porticor at igt short
20100602 porticor at igt short20100602 porticor at igt short
20100602 porticor at igt short
 
IDC Cloud Security and Managed Services Conference Riyadh KSA
IDC Cloud Security and Managed Services Conference Riyadh KSAIDC Cloud Security and Managed Services Conference Riyadh KSA
IDC Cloud Security and Managed Services Conference Riyadh KSA
 
Revision Terrorist And Rebel Use Of It (David & Jorge)
Revision Terrorist And Rebel Use Of It (David & Jorge)Revision Terrorist And Rebel Use Of It (David & Jorge)
Revision Terrorist And Rebel Use Of It (David & Jorge)
 
From_1_G_to_5_G_What_Next.pdf
From_1_G_to_5_G_What_Next.pdfFrom_1_G_to_5_G_What_Next.pdf
From_1_G_to_5_G_What_Next.pdf
 
Regulations and consumer protection in a converged environment
Regulations and consumer protection in a converged environmentRegulations and consumer protection in a converged environment
Regulations and consumer protection in a converged environment
 
Bilel Jamoussi - Driving Internet of Ihings (IoT) standardization - IoT Tunis...
Bilel Jamoussi - Driving Internet of Ihings (IoT) standardization - IoT Tunis...Bilel Jamoussi - Driving Internet of Ihings (IoT) standardization - IoT Tunis...
Bilel Jamoussi - Driving Internet of Ihings (IoT) standardization - IoT Tunis...
 
The Mobile Consumer
The Mobile ConsumerThe Mobile Consumer
The Mobile Consumer
 

Último

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
giselly40
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 

Último (20)

Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Evaluating the top large language models.pdf
Evaluating the top large language models.pdfEvaluating the top large language models.pdf
Evaluating the top large language models.pdf
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 

Cyber Warfare - Milan 2015

  • 1. Cyberespionage and cryptography: protecting information in the Information Technology era June 2015 Marco Pozzato CTO PrivateWave Italia S.p.A.
  • 2. Once upon a time... In old ages ● Paper and envelops ● Horses or vehicles Espionage was: ● expensive and time consuming → no mass scale ● invasive and visible
  • 3. 3rd Millennium Nowadays ● Voice: landline and mobile ● Asynchronous messaging: SMS, email ● Instant Messaging: whatsapp, facebook Communications are: ● digital → espionage is transparent and undetectable ● pervasive → mass wiretapping is cheap
  • 4. Mobile Networks Are Insecure ● GSM is broken! ● Cracked in 2011 with 20$ hardware ● UMTS is theoretically flawed, practically secure ● Phones are dual mode → a jammer forces them to GSM protocol
  • 5. Threats Privacy, Business and national security threats: ● Government espionage ● Mass surveillance ● Industrial espionage Secure Voice & Text Communications
  • 6. Choose Secure Communication Solution ● Define Risk Context ● Who are my attackers? Which factors affects decision?
  • 7. Technologies & Networks ● Data Over Voice (DoV) codec → impractical ● Circuit Switched Data (CSD) → phased out ● TETRA → expensive devices and poor network coverage Solution is Secure Voice over Internet Protocol
  • 8. Usability and Devices ● Secure Phone: hard security ● Blackberry OS 5/6/7: push email ● Iphone: cool device ● Android: power users and geeks ● Blackberry 10: security & EMM Users want their beloved smartphone and apps
  • 9. Software VS Hardware ● HW with Crypto SD card – Expensive – No SD card trend in new devices – Not replaceable ● SW only – Cheap – Flexible – Easily replaceable
  • 11. Architecture - Wiretapping ● Software as a Service in cloud ● Provider is responsible ● On premise ● Customer owns communication infrastructure
  • 12. Communications Protocols ● Proprietary ● Geopolitical Standards ● SCIP ● SNS ● Internet Open Standards ● SIP/TLS ● SRTP ● SDES ● ZRTP
  • 13. Vulnerability assessment ● Made by third party company ● Different methodologies