Search Mailing List Archives


Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] Fwd: Fwd: Request to EFF - support for chat and communication

Eva Galperin eva at eff.org
Tue Jul 10 10:10:00 PDT 2012


Since Randolph has chosen to forward my reply to his request to this
entire mailing list, here is the full text of my reply. Please note that
a thorough security audit is necessary, but not sufficient for EFF to
recommend a security or privacy tool and I express some doubts about
whether or not his tool would actually be useful to Syrians at this time:


Randolph,

Thank you for writing to EFF. I'm glad that there are people who are
working on secure communications tools--in fact, I am at a security tool
hackathon in New York right now. However, EFF cannot recommend any tool
that has not had a thorough security audit and we do not have the
resources to perform such an audit ourselves. If you are working on an
open source security communications tool that you would like EFF to
recommend, I suggest that you subject it to an extensive audit by
security professionals. Perhaps some of the people on the Liberation
Tech mailing list might be interested.

Furthermore, lack of encrypted communications over Facebook is not
really the problem that Syrians are facing right now. Facebook has an
option that allows you to use HTTPS by default. You can also enable
HTTPS by default by using HTTPS Everywhere on your browser. HTTPS usage
on Facebook in Syria is reportedly very high, an observation which is
supported by the fact that the Syrian government attempted to
man-in-the-middle Facebook's SSL cert in Syria last year. If the Syrian
government had been able to see most Facebook traffic over the network
in plaintext, no MITM would have been necessary.

Malware is being sent via Facebook chat and in comments in popular
Facebook groups, but that is not a problem that an encrypted or
decentralized version of Facebook would solve. These Facebook accounts
are usually compromised using malware that installs a remote access tool
which takes screenshots and logs keystrokes.


************************************************
Eva Galperin
International Freedom of Expression Coordinator
Electronic Frontier Foundation
eva at eff.org
(415) 436-9333 ex. 111
************************************************

-- 

************************************************
Eva Galperin
International Freedom of Expression Coordinator
Electronic Frontier Foundation
eva at eff.org
(415) 436-9333 ex. 111
************************************************



More information about the liberationtech mailing list