Dnia środa, 4 lutego 2015 03:04:56 stef pisze:
On Wed, Feb 04, 2015 at 12:59:06AM +0100, rysiek wrote:
Answer B: Can you please direct me towards any software that in your opinion does not have a problem with the "host security" part? A single example of any program, say any communication program, like IM, VoIP, e-mail client, etc, installable on a chosen operating system.
i can: pond stores the key material in tpm, whether to trust tpm or not is open for debate. gpg is able to work with smartcards, and qubes has this split-pgp mode. these are all quite cool approaches to the host security problem.
Nice, didn't know about pond. Still, Tox got a no-no from me on host security (for as simple thing as not having a password on private keys), so... ;) Maybe it's a good moment to add a point to your list of snakeoil tell-tales: - "does not have decent documentation of protocols/mode of operation available" As Tox shows (as if it needed to be shown...), source code is not enough, by far. Had the protocol been documented, we would already have a Python implementation, probably, which would solve the "oh crap, C" problem.
i think in general it is about compartmentalization of sensitive material, if possible in external fully controlled hw with very simple observable interfaces.
Absolutely.
Problem is, people DIE, NOW, because they use Skype. Not because they
they will they as well if they use the right tools but wrongly. :/
That's true.
How about we let stef talk about that himself.
you troll. :)
Always at your service. :) -- Pozdrawiam, Michał "rysiek" Woźniak Zmieniam klucz GPG :: http://rys.io/pl/147 GPG Key Transition :: http://rys.io/en/147