Some crypto junkies talk about distress keys. Where a user can enter two different keys depending on the situation. The real key loads the real OS. The distress key loads the "fake" OS. There are many ways to detect this in modern experiments. None will work without manipulating low level HD blocking.

http://images2.wikia.nocookie.net/familyguy/images/4/4a/Seamus1.JPG Family guy was up to something...

And a 2 year old is pretty damn smart!!

I use Wireshark or custom monitoring tools and not TCPDump. http://video.google.com/videoplay?docid=4204600308807371535&hl=en "Automated Web-based Malware Behavioral Analysis" from the OWASP AppSec conference circa 2008.

I disagree. Unit tests are only as good as the author of the code. I like fuzzing. So if I were to unit test my own code I would try millions of possibilities. "Too bad" I just break and not make software.

I hope your not a developer... http://en.wikipedia.org/wiki/Unit_testing

I've written both ASCII and Binary fuzzers. Binary is harder. My ASCII fuzzer found over 10 million possible mutations while the Binary fuzzer found less then a million. If I had to argue with myself maybe I should have said "harder to write a successful fuzzer".

Seems to me that ASCII delimited protocols always have these types of issues. Its quite easy to write fuzzers for human readable protocols compared to binary encoded protocols. Too bad these developers don't know how to write good unit tests... This could have been avoided..

You make an interesting point. The idea of a secure P2P private networks still doesn't sit well with me. The insider threat can still act as the attacker and remove data from their assigned facility. None the less, business requirements "are" business requirements. "Its not the technology that's the problem", its how easy it is to abuse.

So, the idea was to load "sleeper" software by default on all these machines? Is the URL associated with this "service" always at the same memory location? It shouldn't be that hard for a Malware author to check for this BIOS and try to change the address. Who feels like being monitored by criminals? 10% off sale price?

Maybe, maybe not. When was the last time you hear a telecommunications company update their software within a reasonable time frame? It would just be easier and cheaper for the phones to get updated. So the phone manufactures will blame the telcoms while the telcoms will blame the manufactures. I can see where this is going...

You forgot nokia, symbian and all the other SMS stacks out there.

http://www.blackhat.com/presentations/bh-europe-09/Gassira_Piccirillo/BlackHat-Europe-2009-Gassira-Piccirillo-Hijacking-Mobile-Data-Connections-whitepaper.pdf The weakest link is always exploited first. Trust nothing.

I saw this one coming. Some cell phones cannot distinguish between a moble provider sending binary encoded XML enabled SMS messages or an attacker through an SMS gateway. Amateur security model/practices.

I do not consider wire transfer services such as SWIFT a P2P technology. I wouldn't call a network of Morse code operators using telegraph lines P2P either. Getting into a semantic discussion won't solve anything though. If one were to distinguish PUBLIC P2P v. PRIVATE P2P I would say neither are secure. An internal P2P network could be easily exploited by a rouge insider. Simply stated, the government and military contractors should proactively block all P2P traffic or risk heavy fines and potential termination of employment or funding.