-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
The illustrious John Strand has an update for us regarding Verizon's demo EVDO system security. This summer John is launching his new SANS class, Security Architecture for Systems Administrators.
Shortly after we posted the article about the openness of the Verizon EVDO demonstration terminals, we were contacted by Verizon. After discussing the issue at length they requested that we post the following comment:
“The demo laptops in question are located in an independently owned/operated reseller location, and are not configured or maintained by Verizon Wireless. Verizon Wireless is committed to the security of its customers and is working with the reseller to resolve this issue."
Usually when working with vendors, the company's lawyers immediately respond to any potential problems with security systems. Verizon did not respond this way. Instead, they began by asking a bunch of questions about the store locations and what security breaches were compromised. Further, they said that they could understand the confusion because the third party resellers have huge Verizon signs on their store. In short, they acknowledge that it can be very difficult to distinguish between the real Verizon stores and the resellers.
I was also very happy to see that they were interested in solving the issue. You see, even though the stores are not theirs, there is still damage that can be done if something hideous was to happen on one of the terminals.
I will keep you all posted on how the fix goes. I am planning on hitting a few of the stores later today just to see.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Use GnuPG with Firefox : http://getfiregpg.org (Version: 0.7.5)
iEYEARECAAYFAkpJFpoACgkQSAUOoW73R4wT7QCfZVZ/4zklHMWA8/Go+05XVd4F
pLwAn0dRJ92AL5FJ+prgL9RWCZeoapir
=NCPv
-----END PGP SIGNATURE-----