[p2p-hackers] The next gen P2P secure email solution

Cathal Garvey cathalgarvey at cathalgarvey.me
Sat Jan 11 02:57:41 PST 2014


>>> So sad.  I have a clue and don't trust Skype.  But I can't for the
life of
>>> me migrate my friends off of it.  It's as addictive as crack.  It's just
>>> better than the alternatives.
>>
>>
>> Anything that is as good as skype is going to allow contact tracing, that
>> this person talks to that person.

Red herring-ish, but if you want to get your friends off Skype, don't
wait for the golden solution. Pick something good-enough and use that.
I've had moderate success migrating people to Jitsi. Similar ease of use
once set up, and they now allow jit.si account creation within the
application (under the XMPP option).

Obviously not genuinely P2P. The only semi-viable alternative I can
think of that *is* P2P, but have not yet tried, is VoiP in Retroshare.
However, as I suggested in another thread, I'm not convinced Retroshare
is up to the hard-crypto standard some people here might demand. That
is, it'll block virtually everyone, but not the real fascists.

Back on topic, I'm not sure that it's possible to achieve low-latency
and endpoint obfuscation for something that requires streaming like
VoiP. Tor is already pushing the boundaries of low-latency mixing with
an asynchronous protocol that doesn't *require* perfect synchrony, such
as would be required of VoiP. So you might have to sacrifice obfuscation
of *who* you're talking to in order to achieve security across the wire,
or trust third parties such as VPNs or friend-to-friend connections
(Retroshare model) to provide lots of bandwidth.

On 11/01/14 08:29, grarpamp wrote:
> On Fri, Jan 10, 2014 at 12:58 AM, James A. Donald <jamesd at echeque.com> wrote:
>> On Mon, Dec 30, 2013 at 12:34 AM, ianG <iang at iang.org> wrote:
>>>
>>> So sad.  I have a clue and don't trust Skype.  But I can't for the life of
>>> me migrate my friends off of it.  It's as addictive as crack.  It's just
>>> better than the alternatives.
>>
>>
>> Anything that is as good as skype is going to allow contact tracing, that
>> this person talks to that person.
> 
> No... we are specifically talking about developing decentralized solutions
> here, so that that centralized lookup authority context and risk goes away.
> 
> Yes... a low latency non-fixed-length non-chaffed network will
> still have some characteristic risks... timing, etc. Yet likely nowhere
> near the order of the above centralized issues.
> 
>> But it does not have to allow mass interception (the original skype did not
>> allow mass interception), and it does not have to allow undetectable
>> interception, which the original skype did allow.
> 
> That is just designing good applied crypto in the former, which nullifies
> the latter.
> 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0x988B9099.asc
Type: application/pgp-keys
Size: 6176 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks/attachments/20140111/cb4782cc/attachment-0002.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 901 bytes
Desc: OpenPGP digital signature
URL: <https://lists.cpunks.org/pipermail/cypherpunks/attachments/20140111/cb4782cc/attachment-0002.sig>


More information about the cypherpunks mailing list