Hi Linus, thanks for the comments.
I have indeed skipped that topic. I will have to read into the Mumble project to see what security and privacy guarantees it provides.
My current conclusion from using VoIP/IM systems without using Tor is that you cannot really protect against collecting this transaction data (i.e., you have to at least trust the two VSPs, our own and then the VSP of your communication partner). While you can influence routing of the data traffic to a certain extend it does not work too well when your VSP is working against you.
With IM you could at least set up your own server (e.g., by using an XMPP server) but with VoIP that's more complicated because nobody else will accepted your connection attempts (as explained in the interconnection part of my write-up).
I will come back to you on that issue. Ciao Hannes On 09.09.2013 14:31, Linus Nordberg wrote:
Hannes Tschofenig<[email protected]> wrote Mon, 09 Sep 2013 11:26:39 +0300: | http://www.tschofenig.priv.at/wp/?p=997 | | It contains a number of recommendations, which are addressed to VoIP | providers and vendors but have to be enforced by data protection | authorities. | | The recommendations unfortunately highlight some challenges... Indeed. And still, I miss any mention on protection against collecting data about who's talking to who. Without claiming any expertise at all in this area, the closest thing to something implementing this that I've heard of is Mumble over Tor. Mumble [0] is not standardised AFAICT. The Guardian Project wrote [1] about this earlier this year. Some people seem to use it [2]. [0] https://en.wikipedia.org/wiki/Mumble_%28software%29 [1] https://trac.torproject.org/projects/tor/wiki/doc/TorifyHOWTO/Mumble [2] https://guardianproject.info/2013/01/31/anonymous-cb-radio-with-mumble-and-tor/ _______________________________________________ perpass mailing list [email protected] https://www.ietf.org/mailman/listinfo/perpass
_______________________________________________ perpass mailing list [email protected] https://www.ietf.org/mailman/listinfo/perpass
