Hi Libtech, Moxie Marlinspike <[email protected]> wrote:
>> However, my position is that Google Chat is currently more secure >> than CryptoCat. To be more specific, if I were recommending a chat >> tool for activists to use, *particularly* outside of the United >> States, I would absolutely recommend that they use Google Chat >> instead of CryptoCat. Just as I would recommend that they use GMail >> instead HushMail. >> >> The security of CryptoCat v1 is reducible to the security of SSL, as >> well as to the security of the server infrastructure serving the >> page. Any attacker who can intercept SSL traffic can intercept a >> CryptoCat chat session, just as any attacker who can compromise the >> server (or the server operator themselves) can intercept a CryptoCat >> chat session. Maxim Kammerer replied: > Are you equating passive attacks with active attacks? If I understand > how CryptoCat works correctly, it is resistant against passive > interception attacks, whereas Google Chat stores cleartext on Google > servers, which are easily accessible to law enforcement. Active > attacks against SSL can be mitigated by pinning CryptoCat > certificates, so you are left with what, compromise of server > infrastructure? That requires LE jurisdiction where the servers are > located, domain expertise, and dealing with the risk that the > compromise is detected. All that vs. Google servers, which, if I > remember right, provide a friendly interface to user accounts once > served with a simple wiretapping order (and as has been already > mentioned, Google is a multinational corporation, subject to a > multitude of jurisdictions, and is known to bend over for whoever is > in charge). Maxim's comments match my thoughts with regards to both current Cryptocat over SSL and my analogy to Riseup webmail over SSL. If Riseup does what they say they do[1], emails sitting on their servers are not mined for advertising or LE (unlike Facebook chat, or as Maxim suggests, gmail); their servers do not log IPs; IPs are not embedded in emails; and outgoing emails to other secure email providers are encrypted (StartTLS). Furthermore, it appears Riseup plans[2] encryption for stored emails on their servers in the future. Such a scheme would make the emails difficult for LE, or more broadly, attackers, to get, even with a warrant -- not only would they have to obtain forced decryption power, which I don't think they have as of yet in the US, but also Riseup might not be able to provide the relevant keys in any case. (That the NSA has copies is a vulnerability, but perhaps not a relevant one, as to my knowledge LE can't introduce NSA copies as evidence.) Similarly with current Cryptocat over SSL: if the server and server operator do what they say they do, there aren't data-mining operations going on for the benefit of LE or advertisers. Both Riseup and current Cryptocat over SSL rely on good SSL connections and also trust that the server and server operator aren't compromised (including incorrect implementations). Those 3 dependencies are far from ideal, but at least the risk calculations are ones some activists without access to OTR or PGP or their own .mx can make. Better than known bad actors, known bad servers. Maybe my technical understanding is lacking something here, but I believe the above to be correct. :-Douglas 1. https://help.riseup.net/en/email#what-is-special-about-riseup-net-email 2. https://we.riseup.net/riseuplabs+fsoc/personally-encrypted-imap-storage _______________________________________________ liberationtech mailing list [email protected] Should you need to change your subscription options, please go to: https://mailman.stanford.edu/mailman/listinfo/liberationtech If you would like to receive a daily digest, click "yes" (once you click above) next to "would you like to receive list mail batched in a daily digest?" You will need the user name and password you receive from the list moderator in monthly reminders. You may ask for a reminder here: https://mailman.stanford.edu/mailman/listinfo/liberationtech Should you need immediate assistance, please contact the list moderator. Please don't forget to follow us on http://twitter.com/#!/Liberationtech
