Re: Security on CDMA for Banking Applications

• Previous message: David Gillett: "RE: IP 127.0.0.1"
• In reply to: Nick Owen: "Re: Security on CDMA for Banking Applications"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: Nick Owen <nickowen@mindspring.com>
Date: Wed, 30 Mar 2005 09:43:18 +0200

On Tuesday 29 March 2005 22:17, Nick Owen wrote:
> I would add to this that each carrier has different network
> configurations that can affect security.
>
Yes, you're quite right. I assumed (unnecessarily) we were talking about a
radio link directly managed by the bank with no carriers involved. This is
not necessarily the case. If a carrier is supplying the link, they must be
involved in the security setup. The best way is to ask for a transparent
radio link, pure and simple linking. Whatever gets in on one side, gets out
on the other (be it voice, data, IP, ATM, or a proprietary protocol).

>
> Just to complicate things, one carrier wouldn't take our encrypted
> messages unless we said it was a bitmap image ;).
>
;-)

I wonder why they would do so. A carrier shoud be a ... carrier. If they stick
their nose in what they carry from point A to point B, they might loose their
status of "common carrier" (the same status airlines, post offices and the
like enjoy all other the (free) world). Just like the post office doesn't
ask you what's inside the envelope you mail through them, as long it is of
standard size, I don't see a reason for a carrier (or even an ISP) to get
into what is a (say) an IP packet as long it is correctly formatted.

In some EU member states they also try to resist the idea of encrypted traffic
being fed into networks (the idea being that it would make it more difficult
for police agencies to monitor (legally) such traffic). Yet, it's not really
enforced.

-- 
Alessandro Bottonelli
Axis-Net (Privacy & InfoSec Consulting)
Tel. +39 02 93595859
Fax. +39 02 93590544
Web. http://www.axis-net.it

• Previous message: David Gillett: "RE: IP 127.0.0.1"
• In reply to: Nick Owen: "Re: Security on CDMA for Banking Applications"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: Todays Long Distance Circuits? ... > By whom I mean does my designated long distance carrier actually ... Whomever owns the network involved. ... > someone other than the designated carrier. ... (comp.dcom.telecom) Re: Adios, Cingular! ... What Cingular is actually doing is just what ATTWS was doing, ... old network for an ever-shrinking minority of customers. ... Then you must have had a phone problem -- that's not a network issue. ... price that my new carrier is charging me, and all I can say to Cingular is ... (alt.cellular.cingular) Re: AT&T 8525 - cant send with IMAP account ... Sounds like it is time for a call to AT&T to see if there are any "gothchas" that I need to be aware of with their network. ... Check that you have network coverage and that your account ... Two things can cause that error- the carrier blocking the connection ... or the e-mail server blocking it. ... (microsoft.public.pocketpc.activesync) [PATCH] add sysfs attribute carrier for net devices ... Here's a patch that adds a new sysfs attribute for net devices. ... a network device has carrier the attribute value is 1 and when there is no ... Very rellevant attribute for network devices in my oppinion, ... send the line "unsubscribe linux-kernel" in ... (Linux-Kernel) Re: Will AT&T sue the shit out of apple? ... Two things - if you have the plan with AT&T you can either keep it for the 2 years or buy it out for a couple of hundred dollars (I saw a $150 price at one point but don't know it that is correct. ... To the best of my knowledge, you would be limited to whatever network your carrier provided. ... As such, if you sign up with T-Mobile, you would get the network they provide for their clients. ... (comp.sys.mac.advocacy)