Reply to post: Secure channels inside secure channels

GPRS-era mobile data encryption algorithm GEA/1 was 'weak by design', still lingers in today's phones

b0llchit Silver badge
Boffin

Secure channels inside secure channels

Public infrastructure is never going to be secure. There are too many interests to intercept. Therefore never trust the default "encryption" and use an encrypted tunnel you control. You would not use a telnet session inside an ipsec tunnel. You'd still use ssh. Also, you send pgp email, even though the general smtp links are tls links nowadays.

The examples are all a secure channel inside a supposedly secure channel. The security starts when you are in control.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon