[liberationtech] About Telegram
Natanael
natanael.l at gmail.com
Thu Feb 20 14:25:36 PST 2014
They also aren't crypto experts, which is the only thing that counts. Moxie
made a very clear argument for why it isn't it enough to show that a
passive attack is hard when you only have the plaintext. Because that is
simply not how most attacks are pulled off. WEP is a rare case, you are
more likely to have key leaks via bad crypto or timing attacks, or having
broken authentication, or oracle attacks like the compression attacks
against SSL/TLS (such as BEAST), etc.
You don't get to claim something is safe based on nothing else than a lack
of known attacks, you have to show it is strong in advance.
Would you drive over a bridge built by a random mathematician, that was
built in a very strange and unusual way that the proper engineers says
isn't done properly, just because nobody has shown it WILL collapse, rather
than based on evidence that it WILL hold up to ALL loads that are likely to
occur?
Trusting bad crypto can put your life in equal danger.
- Sent from my phone
Den 20 feb 2014 22:58 skrev "Maxim Kammerer" <mk at dee.su>:
> On Thu, Feb 20, 2014 at 8:38 PM, Tony Arcieri <bascule at gmail.com> wrote:
> > Their "contest" is a farce:
> > It's total snake oil. They created a bespoke encryption scheme rather
> than
> > using off-the-shelf components like MACs or (EC)IES. Avoid avoid.
>
> Go ahead and describe an attack, then, I'm sure Pavel Durov (creator
> of VK, who originated this project on ideological principles) will
> take care of the issues, if any. The protocol is open, and the
> security trade-offs are outlined in the FAQ [1]. Not using
> off-the-shelf components is not an argument, since the project is
> apparently not developed by some hobbyists learning about crypto.
>
> [1] https://core.telegram.org/techfaq
>
> --
> Maxim Kammerer
> Liberté Linux: http://dee.su/liberte
> --
> Liberationtech is public & archives are searchable on Google. Violations
> of list guidelines will get you moderated:
> https://mailman.stanford.edu/mailman/listinfo/liberationtech.
> Unsubscribe, change to digest, or change password by emailing moderator at
> companys at stanford.edu.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.stanford.edu/pipermail/liberationtech/attachments/20140220/6d2647db/attachment.html>
More information about the liberationtech
mailing list