[liberationtech] Google Hangout the new, better skype? Was Re: Skype redux

Brian Conley brianc at smallworldnews.tv
Sat Jan 5 12:07:09 PST 2013 

Thanks Andrew,

On Dec 22, 2012 6:53 AM, <liberationtech at lewman.us> wrote:
>
> On Fri, Dec 21, 2012 at 09:03:02AM -0800, brianc at smallworldnews.tv wrote
5.5K bytes in 0 lines about:
> : So I guess I'd say, who is going to fund a competitor to skype built on
> : jitsi? Without a. Convenient easy to use GUI b. Sexy advocates and
adopters
> : and c. A marketing plan you aren't going to compete with Skype, Google
> : Hangout, etc.
>
> My guess would be the people behind jitsi, http://bluejimp.com/ and their
partners,
> https://jitsi.org/index.php/Main/Partners

Hope so, but until then I may find myself recommending Google in many
cases... (ugh)

>
> ippi.fr worked pretty well, until they demanded a copy of my passport
> to continue service.
>
> : If security and privacy experts and developers are serious about broad
> : adoption of their tools and not just building a closed club of
> : cryptoexperts shouting "fire!" We have to work this out. I'm pretty busy
>
> Conversely, as I continue to work with global law enforcement, a shocking
> amount of crime still happens over the public telephone network. Even
> with its lack of encryption, centralized data collection, and lawful
> intercept, criminal organizations are still successfully coordinating,
> planning, and growing over this 100+ year old technology and networks. And
> for all of the fancy tools, analysis, and skills, law enforcement is
> still one step behind the criminals simply using the public phone
> networks.

Well that's partly due to the methods available. You have to be able to
sift huge amounts of data, no? Unless your enemies know where to start
looking its often easiest to hide in plain sight. This becomes less true
with digital tech, especially as it is increasingly tied directly to unique
identities.

>
> It's the 1% of criminals which use things like skype, tor, cryptocat,
> i2p, google hangouts, etc. And even then, they screw up and get caught
> because their ego grows larger than their skills.
>
> And to take a super-unpopular stance, empirical evidence says use of
> skype isn't the problem. Take Syria as an example, the problem is
> OSX and Windows on the laptops because that's what the Syrian state
> malware attacks. From a resource perspective, the Assad regime is being
> economically smart. Rather than trying to attack some cryptosystem and
> glean data from traffic analysis, just attack the end user and get all
> the data before it enters the cryptosystem. This is likely the same
> analysis the German's used. Rather than trying to crack skype, they got
> state-sponsored malware to crack the operating system and get the data
> before it enters skype. Vietnam approached the skype-problem by using
> parabolic microphones outside the houses of suspected activists.
>
> Solving the analog problem (voice, keystroke sound analysis, electrical
> grid background noise, etc) and user security weaknesses ("Oh look, an
> attachment! Let's load it up!") is probably a better place for solutions
> than yet another crypto-system.

Yes, that's my opinion more or less, also. However I do feel that we can
look at tools and by exploring vectors of attack suggest that some more or
less similar tools may be better or far worse for users in different threat
environments.

This is the crux of my question re Google hangout vs Skype. Clearly user
education and digital hygiene are the keys to long-term success. However,
we need a short term answer as well as a longterm solution. In India one of
the greatest things done to stop waterborne/fecal illness was the
distribution of long handled ladles, so that individuals would stop dipping
cups into buckets of water with there often unclean hands. The longterm
primary solution is handwashing and greater awareness access to proper
facilities, etc. But a short-term technology-based solution has so far
proven quite effective at stemming the impact of the larger problem.

>
> --
> Andrew
> http://tpo.is/contact
> pgp 0x6B4D6475
> --
> Unsubscribe, change to digest, or change password at:
https://mailman.stanford.edu/mailman/listinfo/liberationtech
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.stanford.edu/pipermail/liberationtech/attachments/20130105/8f2cf8eb/attachment.html>

More information about the liberationtech mailing list