[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Cryptography] Second Swiss firm allegedly sold encrypted spying devices
On 11/26/20 9:48 PM, iang wrote:
Swiss public television, SRF, has found a second company besides Crypto
AG was involved in manufacturing manipulated devices allegedly used for
spying by foreign intelligence.
I can confirm that this is mainline news in Switzerland (even though it
is shadowed by news about its terrible handling of the Corona crisis).
The Tagesanzeiger had a long article about this, and from what I
remember about that article, they were somewhat confused about Ueli
Maurer's role in vetting Onmisec's crypto algorithms.
From memory (which may or may not be faulty):
It seems that Omnisec gave the impression that their productss had been
vetted by Maurer, an ETH professor and renowned cryptographer. Maurer
denies this, saying that because of scientific prudence he would never
vet products that he didn't own. He says that his role was more that of
a "second opinion". But then the Tagesanzeiger writes that "Omnisec
disputes this, claiming that Maurer had "attacked" their algorithm".
(Quote from memory, translation mine.)
I honestly don't see a contradiction here. You can, as part of a second
opinion, try a few attacks on the crypto, and report that these failed.
But that is far from a successful vetting of the algorithm or product.
The cryptography mailing list
cryptography AT metzdowd.com