6 comments

[ 2.7 ms ] story [ 22.8 ms ] thread
This is a political article (so it will probably get flagged, removed and downvoted) but, it relates to security and encryption, so I submitted it anyway

from the article:

> WebEx, a communications program from U.S.-based Cisco Systems, provides end-to-end encryption which allows for secure communications. However, if a participant dials in via a landline rather than using the app — as apparently happened in the case of the officer in Singapore — then the encryption is not guaranteed.

What's the nature of WebEx's encryption which renders it impotent to channel-based attacks here? The article is parlously light on technical details.

Some light DDG'ing doesn't turn up any more substantive cryptographic discussion.

I think they allow people to join by just calling by phone.

The phone was tapped.

Ah, I was thinking that the WiFi or dialup connection (data, not voice) had been compromised.

Dialing in from an unsecured phone would be quite poor opsec. And tapping that phone quite a coup for the Russians.