[Enigmail] Drama!
Robert J. Hansen
rjh at sixdemonbag.org
Sun Feb 17 09:00:53 PST 2008
Lachezar Dobrev wrote:
> A recent event in Bulgaria revealed, that communication between
> Skype users is NOT ENCRYPTED, but rather OBFUSCATED.
No, it's AES128 and RSA, sorry.
> The Bulgarian Police (and possibly other countries involved) were
> able to monitor the activity of a user and revel that he was
> distributing Child P*rn (this is illegal).
What, the monitoring, or the distribution of child pornography?
> A third party (in this case the Bulgarian Police) was snooping on
> communication between Skype users, leading to disclosure of traffic
> between the users.
Unless you know how it was done--unless you've seen court reports
explaining it, or unless you've sat down and recreated the attack--then
you don't really know how it was done.
> I have seen an administrators' review of the Skype protocol
> (somewhere on the Internet based on reverse-engineering snooped
> traffic), that presented a set of sufficiently authoritative points
> describing the Skype protocol as a MESS leaving a False Sense of
> Security in the user.
References, please? I'd love to bring this to my Peer-to-Peer Graduate
Seminar and see what they think of it: in two weeks a student is
delivering an hourlong presentation on the Skype protocol.
> I the world of security sensible information Skype is a dirty word!
Please don't presume to speak for "the world of security-sensible
information". You don't get to determine other people's security
models. None of us do.
More information about the Enigmail
mailing list