[liberationtech] What I've learned from Cryptocat

[Maxim Kammerer]

On Tue, Aug 7, 2012 at 4:21 AM, Moxie Marlinspike
<moxie at thoughtcrime.org> wrote:
> However, my position is that Google Chat is currently more secure than
> CryptoCat.  To be more specific, if I were recommending a chat tool for
> activists to use, *particularly* outside of the United States, I would
> absolutely recommend that they use Google Chat instead of CryptoCat.
> Just as I would recommend that they use GMail instead HushMail.
>
> The security of CryptoCat v1 is reducible to the security of SSL, as
> well as to the security of the server infrastructure serving the page.
> Any attacker who can intercept SSL traffic can intercept a CryptoCat
> chat session, just as any attacker who can compromise the server (or the
> server operator themselves) can intercept a CryptoCat chat session.

Are you equating passive attacks with active attacks? If I understand
how CryptoCat works correctly, it is resistant against passive
interception attacks, whereas Google Chat stores cleartext on Google
servers, which are easily accessible to law enforcement. Active
attacks against SSL can be mitigated by pinning CryptoCat
certificates, so you are left with what, compromise of server
infrastructure? That requires LE jurisdiction where the servers are
located, domain expertise, and dealing with the risk that the
compromise is detected. All that vs. Google servers, which, if I
remember right, provide a friendly interface to user accounts once
served with a simple wiretapping order (and as has been already
mentioned, Google is a multinational corporation, subject to a
multitude of jurisdictions, and is known to bend over for whoever is
in charge).

-- 
Maxim Kammerer
Liberté Linux: http://dee.su/liberte