Search Mailing List Archives

Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] What I've learned from Cryptocat

Ali-Reza Anghaie ali at
Mon Aug 6 18:02:33 PDT 2012

On Mon, Aug 6, 2012 at 8:51 PM, Jacob Appelbaum <jacob at> wrote:
> The problem is that the little bit is effectively zero.
> What's the difference between Facebook chat over SSL and Cryptocat over SSL?
> Without a browser extension/plugin - there is little to no difference.
> You have to trust the server and the server operator to not be a bad
> actor in both cases.

Except you're trying to solve a resource and environmental OPSEC
problem while effectively reducing the available exfiltration surface
(as it were) to a point where the adversary Nation-State (one use
case) can shut it down even easier. And you're still not addressing
the whole of the problem set an end-user in these hostile environments
will face.

I think a "step back" needs to be taken and look at the sum of
problems the various tiers of activists encounter - and which ones we
can truly solve remotely. Unfortunately almost none of them start w/
technical solutions. -Ali

More information about the liberationtech mailing list