Tox.im
rysiek
rysiek at hackerspace.pl
Tue Feb 3 19:23:12 PST 2015
Dnia środa, 4 lutego 2015 03:04:56 stef pisze:
> On Wed, Feb 04, 2015 at 12:59:06AM +0100, rysiek wrote:
> > Answer B:
> > Can you please direct me towards any software that in your opinion does
> > not
> > have a problem with the "host security" part?
> > A single example of any program,
> > say any communication program, like IM, VoIP, e-mail client, etc,
> > installable on a chosen operating system.
>
> i can: pond stores the key material in tpm, whether to trust tpm or not is
> open for debate. gpg is able to work with smartcards, and qubes has this
> split-pgp mode. these are all quite cool approaches to the host security
> problem.
Nice, didn't know about pond. Still, Tox got a no-no from me on host security
(for as simple thing as not having a password on private keys), so... ;)
Maybe it's a good moment to add a point to your list of snakeoil tell-tales:
- "does not have decent documentation of protocols/mode of operation
available"
As Tox shows (as if it needed to be shown...), source code is not enough, by
far. Had the protocol been documented, we would already have a Python
implementation, probably, which would solve the "oh crap, C" problem.
> i think in general it is about compartmentalization of sensitive
> material, if possible in external fully controlled hw with very simple
> observable interfaces.
Absolutely.
> > Problem is, people DIE, NOW, because they use Skype. Not because they
>
> they will they as well if they use the right tools but wrongly. :/
That's true.
> > How about we let stef talk about that himself.
>
> you troll. :)
Always at your service. :)
--
Pozdrawiam,
Michał "rysiek" Woźniak
Zmieniam klucz GPG :: http://rys.io/pl/147
GPG Key Transition :: http://rys.io/en/147
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 931 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.cpunks.org/pipermail/cypherpunks/attachments/20150204/3991f11c/attachment-0002.sig>
More information about the cypherpunks
mailing list