Indeed - I just don't think guides like this do anyone any favors by leaving out relevant info of recent exploits.
I'm also concerned that the guide references the truly awful Freedom House report on circumvention tools, but that's another story... On Tue, Nov 13, 2012 at 4:39 PM, Collin Anderson <col...@averysmallbird.com>wrote: > Well sure, but once your computer is compromised, the tool that you are > using to communicate does not really matter anymore. This is nothing on > Skype; I think we can say that the IP-revealing exploit from this > Spring/Summer was more than enough to not trust the security of the Skype > client for any time to come. > > -- > Collin Anderson > Sent with Sparrow <http://www.sparrowmailapp.com/?sig> > > On Tuesday, November 13, 2012 at 7:30 PM, Jillian C. York wrote: > > I can't speak to the point about interception, but it should've absolutely > been noted that Skype is susceptible to malware attacks: > https://www.eff.org/deeplinks/2012/06/darkshades-rat-and-syrian-malware > > -Jillian > > On Tue, Nov 13, 2012 at 4:02 PM, Eric S Johnson > <cra...@oneotaslopes.org>wrote: > > Alternatively, since (like OTR) no Skype communication is known to have > ever been successfully in-line-intercepted, the question might be one of > priorities: what cybersec weakness has most often resulted in compromise of > an activist?**** > > --hard drive isn’t encrypted, computer’s confiscated**** > > --software’s not patched, user’s hacked**** > > --user clicks on attachment, is infected by malware**** > > … if our goal is mitigating dangers activists face, those are probably > worthwhile targets for our assistance.**** > > ** ** > > I can’t speak for Skype (or any other company), but if I were a > software/service provider, I too would be very circumspect about claims > about the level of security provided, else if/when a vulnerability’s > discovered, issues of liability arise.**** > > ** ** > > PGP<http://keyserver.pgp.com/vkd/DownloadKey.event?keyid=0xE0F58E0F1AF7E6F2> > **** > > ** ** > > *From:* liberationtech-boun...@lists.stanford.edu [mailto: > liberationtech-boun...@lists.stanford.edu] *On Behalf Of *Peter Fein > *Sent:* 13 November 2012 23.51 > *To:* liberationtech > *Subject:* Re: [liberationtech] Comments on Internews new "information > security guide"**** > > ** ** > > The question about Skype's encryption has always seemed somewhat secondary > (though still important). The primary concern is who has the keys and who > do they share them with.**** > > -- > Unsubscribe, change to digest, or change password at: > https://mailman.stanford.edu/mailman/listinfo/liberationtech > > > > > -- > US: +1-857-891-4244 | NL: +31-657086088 > site: jilliancyork.com <http://jilliancyork.com/>* | * > twitter: @jilliancyork* * > > "We must not be afraid of dreaming the seemingly impossible if we want the > seemingly impossible to become a reality" - *Vaclav Havel* > > -- > Unsubscribe, change to digest, or change password at: > https://mailman.stanford.edu/mailman/listinfo/liberationtech > > > > -- > Unsubscribe, change to digest, or change password at: > https://mailman.stanford.edu/mailman/listinfo/liberationtech > -- US: +1-857-891-4244 | NL: +31-657086088 site: jilliancyork.com <http://jilliancyork.com/>* | * twitter: @jilliancyork* * "We must not be afraid of dreaming the seemingly impossible if we want the seemingly impossible to become a reality" - *Vaclav Havel*
-- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
