Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: iPhone data protection flaw
From: Christian Sciberras <uuf6429 () gmail com>
Date: Tue, 18 May 2010 14:38:47 +0200

That is because it is a hardware protocol. But that doesn't mean
applications can't have their own protocol, or use a standard one such as
TLS.

As a comparison, it is like https/ssl vs tcp/ip protocol.

Cheers.




On Tue, May 18, 2010 at 2:02 PM, Gregor Schneider <rc46fi () googlemail com>wrote:

On Tue, May 18, 2010 at 11:39 AM,  <Valdis.Kletnieks () vt edu> wrote:

The fact that most devices do it doesn't mean it's not a security flaw.


-1

AFAIK the USB-protocol does not contain any authorization /
authentication-mechanism:

http://www.beyondlogic.org/usbnutshell/usb3.htm

Please correct me if I'm wrong...

Cheers

Gregor
--
just because you're paranoid, don't mean they're not after you...
gpgp-fp: 79A84FA526807026795E4209D3B3FE028B3170B2
gpgp-key available
@ http://pgpkeys.pca.dfn.de:11371
@ http://pgp.mit.edu:11371/
skype:rc46fi

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]