On 10/12/12 1:55 AM, Christopher Soghoian wrote:
If conversations are taking place over ZRTP, and, assuming that the
crypto works, and that there isn't a backdoor, then the only data that
silent circle should have access to is conversation metadata and data
about the subscribers (IP addresses,
Hi Nadim,
I largely agree with your assessment of Silent Circle and I offer these
thoughts in an effort to increase my understanding of the issue. The
product is a packaged solution clearly targeted towards business
customers focused on corporate privacy. And while the company offeres
regular
On 10/11/2012 12:04 PM, James Losey wrote:
Hi Nadim,
I largely agree with your assessment of Silent Circle and I offer these
thoughts in an effort to increase my understanding of the issue. The
product is a packaged solution clearly targeted towards business
customers focused on corporate
*TL:DR *I don't think Silent Circle is dangerous for the development of
cryptography software but demonstrates potential demand and can spark a
discussion of best and worst practices of crypto software development.
How did you jump to this? Even the softest cryptography software still
On 10/11/2012 09:15 AM, Nadim Kobeissi wrote:
James, you can charge for a service and leave it as open source
software. This has been done countless times over the years and has
functioned successfully. I am not against Silent Circle costing money -
I'm against it being closed source
On 10/11/2012 1:54 PM, Moxie Marlinspike wrote:
In general, I'm not actually convinced that OSS is a necessity for
secure communication tools. Protocols can generally be verified on the
wire, and unfortunately, the number of people who are going to be able
to look at software-based
Having sat for the better part of the day with Phil Zimmerman with activists
and journalists in a room, here is what I learned:
On Oct 11, 2012, at 12:15 PM, Nadim Kobeissi wrote:
On 10/11/2012 12:04 PM, James Losey wrote:
Hi Nadim,
I largely agree with your assessment of Silent Circle
On 10/11/2012 2:14 PM, Katrin Verclas wrote:
Having sat for the better part of the day with Phil Zimmerman with activists
and journalists in a room, here is what I learned:
On Oct 11, 2012, at 12:15 PM, Nadim Kobeissi wrote:
On 10/11/2012 12:04 PM, James Losey wrote:
Hi Nadim,
I
I like to see them deliver on the code audits before jumping to judgment since
the product is not even released. Zimmerman gets those reservations, for sure,
so let's see whether they can do a lot better than some companies before them.
For now, the fact that Zimmerman and another staffer
Eric King btw is the name of the person who is the head of research at Privacy
International.
https://www.privacyinternational.org/people/eric-king
Eric is head of research at Privacy International, where he runs the Big
Brother Incorporated project, an investigation of the international
That's great -- I'm going to hold up until there is some actual source code.
NK
On 10/11/2012 2:41 PM, Robert Guerra wrote:
Eric King btw is the name of the person who is the head of research at
Privacy International.
https://www.privacyinternational.org/people/eric-king
Eric is head
On 10/11/2012 11:24 AM, Nadim Kobeissi wrote:
Zimmerman stated that servers are located in Canada to avoid US
subpoenas (not a lawyer, not sure what's that worth in the end).
His entire IP block is connected to servers in the United States. I
am very skeptical of that claim. Furthermore,
I just wanted to note that
hosting things in Canada isn't inherently, or necessarily, safer than
hosting in other countries. Canadian courts are as able as American
courts to apply pressure towards 'privacy sensitive' companies, with
Hushmail being a good example.
I would also note that
Hi all,
When considering the threat of legally compelled assistance, I think it is
useful to spell out the specific threats. The two big ones, IMHO, are
1. Compelled disclosure of data retained about users.
2. Compelled insertion of backdoors into the product.
Now, folks on this list are
14 matches
Mail list logo
