[Cryptography] Secure software update protocol?
Allen
allenpmd at gmail.com
Mon Feb 22 21:14:54 EST 2016
>
> How can software updates be secured so the distributor knows
> which customers have which updates, not permitting cloned
> devices, and not permitting the distributors to choose a
> particular customer to get a special "joejob" update?
>
Exploit: Distributor's updated messaging client loads and runs following
code: If user id == "joe", activate hook that stenographically embeds
encryption key in all outgoing encrypted messages.
Basically, every user would get the "joejob", but it would only be
activated for selected users.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20160222/a3c96ba7/attachment.html>
More information about the cryptography
mailing list