Search Mailing List Archives


Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] Comments on Internews new "information security guide"

Jillian C. York jilliancyork at gmail.com
Tue Nov 13 17:18:24 PST 2012


Indeed - I just don't think guides like this do anyone any favors by
leaving out relevant info of recent exploits.

I'm also concerned that the guide references the truly awful Freedom House
report on circumvention tools, but that's another story...

On Tue, Nov 13, 2012 at 4:39 PM, Collin Anderson
<collin at averysmallbird.com>wrote:

> Well sure, but once your computer is compromised, the tool that you are
> using to communicate does not really matter anymore. This is nothing on
> Skype; I think we can say that the IP-revealing exploit from this
> Spring/Summer was more than enough to not trust the security of the Skype
> client for any time to come.
>
> --
> Collin Anderson
> Sent with Sparrow <http://www.sparrowmailapp.com/?sig>
>
> On Tuesday, November 13, 2012 at 7:30 PM, Jillian C. York wrote:
>
> I can't speak to the point about interception, but it should've absolutely
> been noted that Skype is susceptible to malware attacks:
> https://www.eff.org/deeplinks/2012/06/darkshades-rat-and-syrian-malware
>
> -Jillian
>
> On Tue, Nov 13, 2012 at 4:02 PM, Eric S Johnson <crates at oneotaslopes.org>wrote:
>
> Alternatively, since (like OTR) no Skype communication is known to have
> ever been successfully in-line-intercepted, the question might be one of
> priorities: what cybersec weakness has most often resulted in compromise of
> an activist?****
>
>      --hard drive isn’t encrypted, computer’s confiscated****
>
>      --software’s not patched, user’s hacked****
>
>      --user clicks on attachment, is infected by malware****
>
> … if our goal is mitigating dangers activists face, those are probably
> worthwhile targets for our assistance.****
>
> ** **
>
> I can’t speak for Skype (or any other company), but if I were a
> software/service provider, I too would be very circumspect about claims
> about the level of security provided, else if/when a vulnerability’s
> discovered, issues of liability arise.****
>
> ** **
>
> PGP<http://keyserver.pgp.com/vkd/DownloadKey.event?keyid=0xE0F58E0F1AF7E6F2>
> ****
>
> ** **
>
> *From:* liberationtech-bounces at lists.stanford.edu [mailto:
> liberationtech-bounces at lists.stanford.edu] *On Behalf Of *Peter Fein
> *Sent:* 13 November 2012 23.51
> *To:* liberationtech
> *Subject:* Re: [liberationtech] Comments on Internews new "information
> security guide"****
>
> ** **
>
> The question about Skype's encryption has always seemed somewhat secondary
> (though still important). The primary concern is who has the keys and who
> do they share them with.****
>
> --
> Unsubscribe, change to digest, or change password at:
> https://mailman.stanford.edu/mailman/listinfo/liberationtech
>
>
>
>
> --
> US: +1-857-891-4244 | NL: +31-657086088
> site:  jilliancyork.com <http://jilliancyork.com/>* | *
> twitter: @jilliancyork* *
>
> "We must not be afraid of dreaming the seemingly impossible if we want the
> seemingly impossible to become a reality" - *Vaclav Havel*
>
>  --
> Unsubscribe, change to digest, or change password at:
> https://mailman.stanford.edu/mailman/listinfo/liberationtech
>
>
>
> --
> Unsubscribe, change to digest, or change password at:
> https://mailman.stanford.edu/mailman/listinfo/liberationtech
>



-- 
US: +1-857-891-4244 | NL: +31-657086088
site:  jilliancyork.com <http://jilliancyork.com/>* | *
twitter: @jilliancyork* *

"We must not be afraid of dreaming the seemingly impossible if we want the
seemingly impossible to become a reality" - *Vaclav Havel*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.stanford.edu/pipermail/liberationtech/attachments/20121113/860aac85/attachment.html>


More information about the liberationtech mailing list