Comment Re:Cell phones are insecure. (Score 1) 46
no reason that an end-to-end secure cellphone network cannot exist.
The problem is, you will never, EVER control every single bit & atom along the signal path between your vocal cords and the recipient's ear. Without PKI, you're vulnerable to MITM. With PKI, you're vulnerable to compromise of the PKI infrastructure itself. Or compromise to the layer that enforces PKI's use. The best you can ever really hope for is to eliminate enough failure points to at least NOTICE the possibility that your communication might be getting intercepted or compromised.
Is absolute security between two people possible? Maybe... IF
* they know in advance that they're going to communicate with each other
* they have a way to securely exchange devices in a way that's not vulnerable to tampering during shipment or after receipt.
* they can implicitly trust everyone who had a role in the software running on the device
* they'd rather be left unable to communicate than communicate with the slightest risk of unauthorized disclosure.
The last one is the biggie. 99.999% of all security exploits exist because someone figured out how to use the emergency backdoor left in the code to deal with unforeseen future emergencies that might otherwise brick millions of dollars worth of hardware. Think of a building... you can armor-plate the windows, and weld all the doors shut except for one that's protected by an army of soldiers... then have 95% of the building's occupants die in a fire because they couldn't get out due to all the escape routes being closed off. OR... you can design escape routes to maximize survivability, then have someone gain access to the building by triggering a false alarm & sneaking in through the escape routes while everyone else is trying to get out. The more you harden something to eliminate vulnerabilities, the more vulnerable you leave yourself to future device and data loss.