[liberationtech] Comments on Internews new "information security guide"

Collin Anderson collin at averysmallbird.com
Tue Nov 13 16:39:17 PST 2012 

Well sure, but once your computer is compromised, the tool that you are using to communicate does not really matter anymore. This is nothing on Skype; I think we can say that the IP-revealing exploit from this Spring/Summer was more than enough to not trust the security of the Skype client for any time to come.

--  
Collin Anderson
Sent with Sparrow (http://www.sparrowmailapp.com/?sig)


On Tuesday, November 13, 2012 at 7:30 PM, Jillian C. York wrote:

> I can't speak to the point about interception, but it should've absolutely been noted that Skype is susceptible to malware attacks: https://www.eff.org/deeplinks/2012/06/darkshades-rat-and-syrian-malware
>  
> -Jillian
>  
> On Tue, Nov 13, 2012 at 4:02 PM, Eric S Johnson <crates at oneotaslopes.org (mailto:crates at oneotaslopes.org)> wrote:
> > Alternatively, since (like OTR) no Skype communication is known to have ever been successfully in-line-intercepted, the question might be one of priorities: what cybersec weakness has most often resulted in compromise of an activist?  
> >      --hard drive isn’t encrypted, computer’s confiscated
> >      --software’s not patched, user’s hacked
> >      --user clicks on attachment, is infected by malware
> > … if our goal is mitigating dangers activists face, those are probably worthwhile targets for our assistance.
> >   
> > I can’t speak for Skype (or any other company), but if I were a software/service provider, I too would be very circumspect about claims about the level of security provided, else if/when a vulnerability’s discovered, issues of liability arise.
> >   
> > PGP (http://keyserver.pgp.com/vkd/DownloadKey.event?keyid=0xE0F58E0F1AF7E6F2)
> >   
> > From: liberationtech-bounces at lists.stanford.edu (mailto:liberationtech-bounces at lists.stanford.edu) [mailto:liberationtech-bounces at lists.stanford.edu] On Behalf Of Peter Fein
> > Sent: 13 November 2012 23.51
> > To: liberationtech
> > Subject: Re: [liberationtech] Comments on Internews new "information security guide"
> >   
> > The question about Skype's encryption has always seemed somewhat secondary (though still important). The primary concern is who has the keys and who do they share them with.
> >  
> >  
> >  
> >  
> >  
> > --
> > Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
>  
>  
>  
> --  
> US: +1-857-891-4244 | NL: +31-657086088
> site:  jilliancyork.com (http://jilliancyork.com/) | twitter: @jilliancyork  
>  
> "We must not be afraid of dreaming the seemingly impossible if we want the seemingly impossible to become a reality" - Vaclav Havel
> --
> Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
>  
>  


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.stanford.edu/pipermail/liberationtech/attachments/20121113/1f7de966/attachment.html>

More information about the liberationtech mailing list