Search Mailing List Archives


Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] Debate brewing on @Liberationtech Twitter

Simon Phipps webmink at gmail.com
Fri Mar 4 14:46:02 PST 2011


On 4 Mar 2011, at 21:56, katmagic wrote:

> On Fri, 4 Mar 2011 11:59:32 -0800
> Yosem Companys <companys at stanford.edu> wrote:
> 
>> Is Skype not safe for activists?  Perhaps folks can chime in here, and we
>> can post 140 character summaries over there.  Seems an important topic to
>> discuss further, especially since some of the people asking on Twitter are
>> activists.
>> 
>> YC
> 
> The short answer is no. The long answer is that it depends on who you want to
> be safe from. If you trust Skype Limited, Skype seems relatively secure against
> casual adversaries. Obviously, if your adversary has jurisdiction over Skype
> Limited, or can persuade someone who has such jurisdiction, then Skype is
> insecure. In addition, there is a speculation that Skype has a backdoor, which
> could allow Skype Limited to not only listen to your conversations,
> impersonate any user, and see your location at all times, things it would be
> able to do even if a backdoor did not exist, but to completely control your
> computer.
> 
> Even if you do trust Skype Limited, and all entities with which it cooperates
> (which includes the People's Republic of China), the protocol itself may not be
> secure. This is difficult to ascertain, as it is proprietary. It should be
> noted that most encryption implementations are subtly wrong, and that Skype has
> had security problems in the past.
> 
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> Friends don't let friends use Skype!
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

I agree with all of that, but there's one more thing that puts me off Skype; the lack of a client that can be modified to include capabilities (such as in-stream encryption) that Skype do not like. I use services like AIM and GTalk for chat and am free to attempt to mitigate one of the risks of using them - which are probably no less than Skype's - by using OTR in Pidgin or Adium. The fact I can't do that means I only start Skype when I am forced to.

S.





More information about the liberationtech mailing list