Simson Garfinkel analyses Skype - Open Society Institute
Mark Allen Earnest
mxe20 at psu.edu
Fri Jan 28 14:38:49 EST 2005
Adam Shostack wrote:
> I hate arguing by analogy, but: VOIP is a perfectly smooth system.
> It's lack of security features mean there isn't even a ridge to trip
> you up as you wiretap. Skype has some ridge. It may turn out that
> it's very very low, but its there. Even if that's just the addition
> of an openssl decrypt line to a reconstruct shell script.
>
> In that case, the value of 'better' is vanishingly small, but it will
> still take an attacker at least 5 minutes to figure that out.
I would contend that a false sense of security is worse than no security
at all. Someone's behavior may be different if they are wrongfully
assuming that their communications are encrypted by what they believe is
strong encryption when if fact it may be "very very low".
--
Mark Allen Earnest
Lead Systems Programmer
Emerging Technologies
The Pennsylvania State University
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3200 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20050128/877a1345/attachment.bin>
More information about the cryptography
mailing list