[16749] in cryptography@c2.net mail archive
Re: Simson Garfinkel analyses Skype - Open Society Institute
daemon@ATHENA.MIT.EDU (Florian Weimer)
Fri Jan 28 19:17:16 2005
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
From: Florian Weimer <fw@deneb.enyo.de>
To: David Wagner <daw@cs.berkeley.edu>
Cc: cryptography@metzdowd.com
Date: Fri, 28 Jan 2005 21:01:11 +0100
In-Reply-To: <200501272322.j0RNM9Ru008878@taverner.CS.Berkeley.EDU> (David
Wagner's message of "Thu, 27 Jan 2005 15:22:09 -0800 (PST)")
* David Wagner:
> I don't buy it. How do you know that Skype is "more secure", let alone
> "vastly more private"? Maybe Skype is just as insecure as those other
> systems. For all we know, maybe Skype is doing the moral equivalent
> of encrypting with the all-zeros key, or using a repeating xor with a
> many-time pad, or somesuch. Without more information, we just don't know.
Skype is unregulated. PSTN operators (and other VoIP services by
large telcos) are subject to at least some scrutiny.
There's another not readily observable property of Skype's network:
reliability. Would anyone claim that Skype's network is more reliable
than PSTN? I don't think so, even though we know as little about its
reliability as about its security.
And please don't forget that privacy of call records is much more
important than encryption of the actual voice traffic. Doing
interesting things with call record data is much, much cheaper than
voice recognition, entire call archival and so on.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
