Re: Anyone using Skype on FC11 ?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, 2009-08-31 at 02:04 -0400, Gene Heskett wrote:
> On Monday 31 August 2009, Patrick O'Callaghan wrote:
> >On Sun, 2009-08-30 at 21:33 -0400, Gene Heskett wrote:
> >> Sorry Patrick, but our govco snoops have been bragging they have skype
> >> decoded now for about 2 years.
> >
> >If by "decoded" you mean "payload encryption broken routinely without
> >the use of keyloggers or Trojans", do you have a reference?
> >
> >> And I assume skype has been changing things too, but whatever one
> >> group can do, another group can undo.  Its just the
> >> nature of the internet for that to happen.
> >
> >That's a seductive generalization, but it *is* a generalization. It's
> >meaningless without more specificity. For example, crypto is entirely
> >based on one group doing something which another group cannot undo with
> >any realistic set of resources. Yes, crypto can be poorly implemented
> >(which is a big argument in favour of open source) but it can also be
> >extremely secure if done right. Is it done right in Skype? I don't know,
> >but to date I know of no evidence to suggest it has problems. I'd be
> >interested to hear if you have any.
> >
> >poc
> 
> Search on /. for skype & spooks.  Or if you are really confident, use it to 
> plan blowing something up on the 9/11/01 anniversary but plan to have your 
> plans interrupted.

So that would be "no, I don't have a reference to our govco snoops
bragging they have skype decoded". I did search on /. and found a number
of articles referring to rumours, both that Skype has a back-door, and
that the NSA is offering large sums to anyone who can break Skype. It
seems unlikely that both are true.

> Also, there is another attack that was discussed just in the last 36 hours or 
> so, where a compromised machine makes an mp3 out of your conversation, and 
> then mails it someplace.  Presumably a winderz box I imagine.  Hopefully us 
> linux folks have enough sense to not let that happen.

As I said, compromising the end-user's machine doesn't count. Also,
Skype-to-phone doesn't count either as you can just bug the phone
system.

> I used skype a few times when I was in upstate MI for a while, mainly cuz the 
> telco's up there think  long distance is worth 41 cents a damned minute, just 
> to call a business 7 miles down the road.
[...]

I use Skype every week to keep in touch with my family, now spread over
three continents. Could I get them all to install some other VOIP app?
Maybe, but none of them are technically minded and I just don't want the
hassle. Besides, we use other means to discuss our plans for World
Domination.

poc

-- 
fedora-list mailing list
[email protected]
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines

[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux