[Enigmail] Drama!

Steven R. Lee steven at daemonlee.com
Sun Feb 17 21:00:49 PST 2008 

Robert J. Hansen wrote:
> Lachezar Dobrev wrote:
>   
>>   A recent event in Bulgaria revealed, that communication between
>> Skype users is NOT ENCRYPTED, but rather OBFUSCATED.
>>     
>
> No, it's AES128 and RSA, sorry.
>   
He's correct. The traffic that is watched over the "air" or over wire, 
shows this.
>   
>>   The Bulgarian Police (and possibly other countries involved) were
>> able to monitor the activity of a user and revel that he was
>> distributing Child P*rn (this is illegal).
>>     
>
> What, the monitoring, or the distribution of child pornography?
>
>   
In the author's delusional world, I'm assuming he's talking about 
distribution.
>>   A third party (in this case the Bulgarian Police) was snooping on
>> communication between Skype users, leading to disclosure of traffic
>> between the users.
>>     
>
> Unless you know how it was done--unless you've seen court reports 
> explaining it, or unless you've sat down and recreated the attack--then 
> you don't really know how it was done.
>
>   
>>   I have seen an administrators' review of the Skype protocol
>> (somewhere on the Internet based on reverse-engineering snooped
>> traffic), that presented a set of sufficiently authoritative points
>> describing the Skype protocol as a MESS leaving a False Sense of
>> Security in the user.
>>     
>
> References, please?  I'd love to bring this to my Peer-to-Peer Graduate 
> Seminar and see what they think of it: in two weeks a student is 
> delivering an hourlong presentation on the Skype protocol.
>
>   
I, too, would love to see these citations and court transcripts 
(provided they are in English, or a simple text).
>>   I the world of security sensible information Skype is a dirty word!
>>     
>
> Please don't presume to speak for "the world of security-sensible 
> information".  You don't get to determine other people's security 
> models.  None of us do.
>
>
>   
This is very true. Some may consider just a firewall, a security 
procedure alone, that is good. And, I actually love Skype. I don't do my 
"dirty" calls on it, though. You know, the ones that the FBI might want 
to know about. Heh.


> _______________________________________________
> Enigmail mailing list
> Enigmail at mozdev.org
> https://www.mozdev.org/mailman/listinfo/enigmail
>   


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 258 bytes
Desc: OpenPGP digital signature
Url : http://www.mozdev.org/pipermail/enigmail/attachments/20080217/116a9568/attachment.bin

More information about the Enigmail mailing list