[liberationtech] NYT report on Obama admin's wiretap plans
Jacob Appelbaum
jacob at appelbaum.net
Mon Sep 27 14:45:01 PDT 2010
On 09/27/2010 02:31 PM, Thomas Smyth wrote:
>> Skype cannot easily patch their network. They do not own every computer
>> in the network - they even have hardware devices that cannot be (easily
>> or ever) upgraded such as telephone units, firmware for motherboards, etc.
>>
>>
> Hmm, you mean the motherboards on client computers? For example, person X
> has a motherboard with an exploitable on-board network card that lets an
> attacker, say, snoop packets before they're encrypted or something? (Just
> thinking aloud here.) So then the security of Skype relies on not just
> Skype client software, but all these other bits as well?
I answered this in my other email. I'm talking about clients and the
ability to upgrade them...
> That makes sense but again then we're back to this reducing to cracking any
> point-to-point encrypted communication.
Why do you assume that there's any cracking involved?
> So the argument becomes that no
> digital communication is truly secure, no? But then Skype is not a special
> case...
>
There are different design tactics at play and some of them are doomed
to failure for some modes of operation. There are fantastic security
solutions for many different kinds of adversaries. Implementations
aren't always perfect against active attackers, often they're fine
against passive attackers.
One example that stands up well against both is OTR. In fact, OTR is
about as good as you can ask for - it's end to end encrypted,
authenticated, it provides forwards secrecy and more. You can even use
OTR over Skype with Pidgin:
http://www.cypherpunks.ca/otr/
All the best,
Jake
More information about the liberationtech
mailing list