[opensuse] something like skype, but secure?
Hello, is there something like skype but open source and without the security risks of skype? Daniel -- Daniel Bauer photographer Basel Switzerland professional photography: http://www.daniel-bauer.com erotic art photos: http://www.bauer-nudes.com/en/linux.html Madagascar special: http://www.fotograf-basel.ch/madagascar/ -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Sat, May 3, 2008 at 8:57 AM, Daniel Bauer
Hello,
is there something like skype but open source and without the security risks of skype?
Daniel --
There are a lot of IM clients if all you want is text. There are a hand full of voip clients but none are as robust and secure as skype, and not all have linux clients. Skype does not have major security risks. Yes the protocol has been cracked, but there there are no exploits available. Those cracking it wanted to block it, not hijack it. Still, Using it on linux is safer than on Windows. http://www.skype.com/security/security/ -- ----------JSA--------- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
John,
On Sat, May 3, 2008 at 7:07 PM, John Andersen
Skype does not have major security risks. Yes the protocol has been cracked, but there there are no exploits available. Those cracking it wanted to block it, not hijack it.
Do you have any reference on Skype protocol cracking? I remember reading quite serious investigations and it looked they only scratched the surface. They all agreed that Skype is quite well protected. -- Mark Goldstein -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Saturday 03 May 2008 18.27:53, Mark Goldstein wrote:
John,
On Sat, May 3, 2008 at 7:07 PM, John Andersen
wrote: Skype does not have major security risks. Yes the protocol has been cracked, but there there are no exploits available. Those cracking it wanted to block it, not hijack it.
Do you have any reference on Skype protocol cracking? I remember reading quite serious investigations and it looked they only scratched the surface. They all agreed that Skype is quite well protected.
It's not that I fear somebody could crack Skype protocoll, it's that Skype is owned by ebay and installing software from ebay on my computer is like installing software from M$. There are many stories around in the web about what Skype searches for in your computer, how it obscures it's traffic and what it does, how it bypasses the firewall not only for the communications intended by the user... etc. While some might just be "stories" - with closed source programs there is no chance (for me) to approve whether they are true or not. As I know about the absolutely disastrous way paypal behaves, I wouldn't open my computer for this company. It is also a "question of principle" or maybe kind of a "political statement" that I'd like to have only open source software on my computer.... Daniel -- Daniel Bauer photographer Basel Switzerland professional photography: http://www.daniel-bauer.com erotic art photos: http://www.bauer-nudes.com/en/linux.html Madagascar special: http://www.fotograf-basel.ch/madagascar/ -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Sat, May 3, 2008 at 7:52 PM, Daniel Bauer
It's not that I fear somebody could crack Skype protocoll, it's that Skype is owned by ebay and installing software from ebay on my computer is like installing software from M$.
I can understand this. In my case I started using Skype before e-bay bought them and got used to it. I can only add that it worked quite well for me, so I am not going to get rid of it just because it's closed source. But if one day I'll see e-bay ads there, I'll start searching for replacement. -- Mark Goldstein -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Sat, May 3, 2008 at 10:13 AM, Mark Goldstein
On Sat, May 3, 2008 at 7:52 PM, Daniel Bauer
wrote: It's not that I fear somebody could crack Skype protocoll, it's that Skype is owned by ebay and installing software from ebay on my computer is like installing software from M$.
I can understand this. In my case I started using Skype before e-bay bought them and got used to it. I can only add that it worked quite well for me, so I am not going to get rid of it just because it's closed source. But if one day I'll see e-bay ads there, I'll start searching for replacement.
More likely you will see ebay sell skype. Google is rumored to be interested. -- ----------JSA--------- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
John Andersen wrote:
On Sat, May 3, 2008 at 10:13 AM, Mark Goldstein
wrote: On Sat, May 3, 2008 at 7:52 PM, Daniel Bauer
wrote: It's not that I fear somebody could crack Skype protocoll, it's that Skype is owned by ebay and installing software from ebay on my computer is like installing software from M$.
I can understand this. In my case I started using Skype before e-bay bought them and got used to it. I can only add that it worked quite well for me, so I am not going to get rid of it just because it's closed source. But if one day I'll see e-bay ads there, I'll start searching for replacement.
More likely you will see ebay sell skype. Google is rumored to be interested.
Better click on the "Buy it now" button. ;-) -- Use OpenOffice.org http://www.openoffice.org -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Sat, May 3, 2008 at 9:52 AM, Daniel Bauer
On Saturday 03 May 2008 18.27:53, Mark Goldstein wrote:
John,
On Sat, May 3, 2008 at 7:07 PM, John Andersen
wrote: Skype does not have major security risks. Yes the protocol has been cracked, but there there are no exploits available. Those cracking it wanted to block it, not hijack it.
Do you have any reference on Skype protocol cracking? I remember reading quite serious investigations and it looked they only scratched the surface. They all agreed that Skype is quite well protected.
It's not that I fear somebody could crack Skype protocoll, it's that Skype is owned by ebay and installing software from ebay on my computer is like installing software from M$.
Say what?
There are many stories around in the web about what Skype searches for in your computer, how it obscures it's traffic and what it does, how it bypasses the firewall not only for the communications intended by the user... etc.
Skype "searches for in your computer"? ??? Bypassing the firewall is the beauty of skype, a documented feature. Firewall traversal is not difficult. Skype is a community supported protocol, not dissimilar from BitTorrent in concept. If you have skype running and you are not behind a firewall (or a port is forwarded inward) you provide routing for encrypted traffic for other community users. Your machine is not at risk due to this traffic because it is all encrypted. As is your traffic.
While some might just be "stories" - with closed source programs there is no chance (for me) to approve whether they are true or not. As I know about the absolutely disastrous way paypal behaves, I wouldn't open my computer for this company.
Paypal is disastrous how? Since you never have to install anything to use paypal, I can't imagine what disasters you are going on about.
It is also a "question of principle" or maybe kind of a "political statement" that I'd like to have only open source software on my computer....
Fair enough. -- ----------JSA--------- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Saturday 2008-05-03 at 12:19 -0700, John Andersen wrote:
Skype "searches for in your computer"? ???
Bypassing the firewall is the beauty of skype, a documented feature.
Firewall traversal is not difficult. Skype is a community supported protocol,
Say what? Community supported!? It is closed source, man. The method is known, more or less, because it has been reverse engineered, but it is certainly not "community suported".
not dissimilar from BitTorrent in concept. If you have skype running and you are not behind a firewall (or a port is forwarded inward) you provide routing for encrypted traffic for other community users. Your machine is not at risk due to this traffic because it is all encrypted. As is your traffic.
After you have a look af the discussion on the wikipedia page, for instance, you will start to know what are the security issues of having skype in use in an organization. - -- Cheers, Carlos E. R. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4-svn0 (GNU/Linux) iD8DBQFIHQ5RtTMYHG2NR9URAh8+AJwKLO6DTVntqrf/Z1tXb2wnZlYAGgCeJfy8 C5g35d9KAJW7TPSCQFgTriI= =V12X -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Sat, May 3, 2008 at 6:15 PM, Carlos E. R.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
The Saturday 2008-05-03 at 12:19 -0700, John Andersen wrote:
Skype "searches for in your computer"? ???
Bypassing the firewall is the beauty of skype, a documented feature.
Firewall traversal is not difficult. Skype is a community supported protocol,
Say what?
Community supported!? It is closed source, man. The method is known, more or less, because it has been reverse engineered, but it is certainly not "community suported".
not dissimilar from BitTorrent in concept.
Try to read to the end of the sentence before you reply. I didn't say skype was open source, I said the protocol was a community. Every additional user on skype ADDS to the available network, rather than stretching it thinner. If you are behind a firewall, the firewall traversal methods in skype will connect to any skype client that is NOT behind a firewall. So the un-firewalled machine routes traffic for the two firewalled machines. This is fully explained in the Skype docs. This takes a little bandwidth. (its really pretty small). If you don't want to provide this service as a skype user, you stay behind a firewall. Its that simple. I've been using skype since Alpha days, I was one of the early linux testers, (before there was a windows client). -- ----------JSA--------- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Saturday 2008-05-03 at 19:30 -0700, John Andersen wrote:
Community supported!? It is closed source, man. The method is known, more or less, because it has been reverse engineered, but it is certainly not "community suported".
not dissimilar from BitTorrent in concept.
Try to read to the end of the sentence before you reply.
I didn't say skype was open source, I said the protocol was a community.
The wording "community supported" in this list has a very different meaning. - -- Cheers, Carlos E. R. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4-svn0 (GNU/Linux) iD8DBQFIHY5FtTMYHG2NR9URAo5aAJ9AqseM6llupHnHYQDurfW0IxdRpQCfW+9q R2XZhKylgTzniNSimGokM7o= =tKzB -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Sat, May 3, 2008 at 6:15 PM, Carlos E. R.
After you have a look af the discussion on the wikipedia page, for instance, you will start to know what are the security issues of having skype in use in an organization.
These "serious issues" are due to the difficulty of filtering skype, and a disgruntled person cans end secret files out thru skype file transfer. The same is true for any IM client with file transfer capability. Skype per se, poses no risk, it is quite secure. It is capable of being abused, just like anything else. -- ----------JSA--------- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Sat, May 3, 2008 at 9:33 PM, John Andersen
On Sat, May 3, 2008 at 6:15 PM, Carlos E. R.
wrote: After you have a look af the discussion on the wikipedia page, for instance, you will start to know what are the security issues of having skype in use in an organization.
These "serious issues" are due to the difficulty of filtering skype, and a disgruntled person cans end secret files out thru skype file transfer.
The same is true for any IM client with file transfer capability. Skype per se, poses no risk, it is quite secure. It is capable of being abused, just like anything else.
And ... being closed source, encrypting all the traffic, connecting to unknown nodes w/o even asking you (as well as over most of the restrictions you set with firewall), even not knowing for sure which the central server is - how do you know what and to whom it transfers? How can you trust it? Only because skype people say they do not copy your files? C'mon ... So, I use skype, it work ok for me ... but I run it from a virtual machine, which is set only for this purpose, w/o access to any of my files. Cheers -- Svetoslav Milenov (Sunny) Even the most advanced equipment in the hands of the ignorant is just a pile of scrap. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Sat, May 3, 2008 at 7:43 PM, Sunny
how do you know what and to whom it transfers? How can you trust it? Only because skype people say they do not copy your files? C'mon ...
Because I know what atime is, and I know what lsof does, and I know what netstat is for. Take the tinfoil off you head Sunny, and use it as book marks in your linux texts. -- ----------JSA--------- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Sun, May 4, 2008 at 8:59 AM, John Andersen
On Sat, May 3, 2008 at 7:43 PM, Sunny
wrote: how do you know what and to whom it transfers? How can you trust it? Only because skype people say they do not copy your files? C'mon ...
Because I know what atime is, and I know what lsof does, and I know what netstat is for.
Most of you probably know this page: http://www1.cs.columbia.edu/~salman/skype/index.html "Community" is watching the developments with Skype quite closely and I hope in a moment somebody will see something suspicious, we'll hear about it. This is one of the references from this page: http://www.skype.com/security/files/2005-031%20security%20evaluation.pdf This is professional evaluation of Skype security. A bit outdated (2005), but at least you can see that Skype provided access to their source code and the impression of the researcher was positive. Regards, -- Mark Goldstein -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Sunny wrote:
On Sat, May 3, 2008 at 9:33 PM, John Andersen
wrote: On Sat, May 3, 2008 at 6:15 PM, Carlos E. R.
wrote: After you have a look af the discussion on the wikipedia page, for instance, you will start to know what are the security issues of having skype in use in an organization.
These "serious issues" are due to the difficulty of filtering skype, and a disgruntled person cans end secret files out thru skype file transfer.
The same is true for any IM client with file transfer capability. Skype per se, poses no risk, it is quite secure. It is capable of being abused, just like anything else.
And ... being closed source, encrypting all the traffic, connecting to unknown nodes w/o even asking you (as well as over most of the restrictions you set with firewall), even not knowing for sure which the central server is - how do you know what and to whom it transfers? How can you trust it? Only because skype people say they do not copy your files? C'mon ...
By monitoring Skype you could at least more or less say what data it transfers (speaking about files). Rest assured that some Skype users monitor that. (I do that by confining Skype in AppArmor for example.) So people out there would have noticed if it would really be that bad.
So, I use skype, it work ok for me ... but I run it from a virtual machine, which is set only for this purpose, w/o access to any of my files.
So all is fine, isn't it? ;-) Wolfgang -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Wolfgang Rosenauer schrieb:
So, I use skype, it work ok for me ... but I run it from a virtual machine, which is set only for this purpose, w/o access to any of my files.
So all is fine, isn't it? ;-)
Not really. As Benji stated there is SIP, which combined with a proper router and a DECT phone is way more comfortable for me at lower costs and better voice quality than skype. There is also gpl'ed wengophone if a IP2IP connection or webcam is needed. http://en.wikipedia.org/wiki/WengoPhone http://www.openwengo.org/ For SIP on a computer I use twinkle. I don't see any particular reason for using skype. -- All the best, Peter J. P-N. aedon DESIGNS >> http://www.aedon.selfip.com/ openSUSE 10.3 x86_64, fully updated + KDE:KDE3 buildservice, customized for picture manipulation and multimedia on desktop. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Peter J. P-N wrote:
Wolfgang Rosenauer schrieb:
So, I use skype, it work ok for me ... but I run it from a virtual machine, which is set only for this purpose, w/o access to any of my files.
So all is fine, isn't it? ;-)
Not really. As Benji stated there is SIP, which combined with a proper router and a DECT phone is way more comfortable for me at lower costs and better voice quality than skype. There is also gpl'ed wengophone if a IP2IP connection or webcam is needed.
http://en.wikipedia.org/wiki/WengoPhone http://www.openwengo.org/
For SIP on a computer I use twinkle.
I don't see any particular reason for using skype.
So even better for you ;-) Although I do. It's even used as corporate communication tool where I work. At some point I read a nice post comparing SIP and Skype (while you can't compare both really because they are too different) but I can't find it anymore unfortunately. While SIP is an open protocol it's quite weak. For example no encryption which is one of the biggest issues for me. SIP just looks like a workaround to map telephony features to the Internet. Please note that I don't like the fact that the Skype protocol and software is closed but still it works and it seems to be not evil to me (besides it's a vendor lock in). Everyone should just choose himself. I'm using SIP (with my PBX), Skype and ekiga as softphone and just choose what fits best for the certain purpose. Wolfgang -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Sunday 2008-05-04 at 18:21 +0200, Wolfgang Rosenauer wrote:
While SIP is an open protocol it's quite weak. For example no encryption which is one of the biggest issues for me. SIP just looks like a workaround to map telephony features to the Internet.
POT is not encrypted, either. - -- Cheers, Carlos E. R. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4-svn0 (GNU/Linux) iD8DBQFIHerTtTMYHG2NR9URAhsqAJ99MwjI3J/8fw2lmPjAzG854dtjxgCglbUA Ex6mrlFFgYxZgwycnTh0Fq4= =UMyb -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Carlos E. R. wrote:
The Sunday 2008-05-04 at 18:21 +0200, Wolfgang Rosenauer wrote:
While SIP is an open protocol it's quite weak. For example no encryption which is one of the biggest issues for me. SIP just looks like a workaround to map telephony features to the Internet.
POT is not encrypted, either.
True. But that doesn't mean it should stay that way and it's much harder to get onto the wire of telephone networks for attackers than it is to just to control a router between SIP end points. Wolfgang -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Sunday 2008-05-04 at 19:44 +0200, Wolfgang Rosenauer wrote:
Carlos E. R. wrote:
POT is not encrypted, either.
True. But that doesn't mean it should stay that way and it's much harder to get onto the wire of telephone networks for attackers than it is to just to control a router between SIP end points.
Just a little bit more difficult. For my ISP it would be about as easy to tap my POTs line or the router... they own both. Actually, POTs is easier, there are centralized wiretapping facilities. I know, I worked there. And my neighbor wouldn't have much difficulty to tap the wires if he wanted. If we are worried about security, we need encryption end to end with something like pgp, not with keys owned by a company. Surely that should not be that difficult to add to open source programs. Another codec. - -- Cheers, Carlos E. R. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4-svn0 (GNU/Linux) iD8DBQFIHjGKtTMYHG2NR9URAnqYAJwN/xh5r+1DgiEIwbYf9u4VhIjlLwCeMZpX 9BR7CImnWk6eioSvUCXat3Y= =qGT2 -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Sunday 2008-05-04 18:21, Wolfgang Rosenauer wrote:
While SIP is an open protocol it's quite weak. For example no encryption which is one of the biggest issues for me.
But there is SRTP (and somehow it's related obviously).
SIP just looks like a workaround to map telephony features to the Internet.
And a pretty bad one at that, it's a total mess for firewalls to handle (namely: connections from arbitrary hosts). -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On 03/05/2008, Daniel Bauer
Hello,
is there something like skype but open source and without the security risks of skype?
There is lots of SIP[0] based phone software. Such as wengophone[1], ekiga[2]. Also hardware[3] phones. These use open standardised protocols, you are not tied into any particular service provider. __ [0] http://en.wikipedia.org/wiki/Session_Initiation_Protocol [1] http://packman.links2linux.de/package/wengophone [2] http://software.opensuse.org/search?baseproject=openSUSE%3A10.3&p=1&q=ekiga [3] http://amazon.co.uk/s/ref=nb_ss_w_h_/202-2866912-0599815?url=search-alias%3Daps&field-keywords=sip+phone&x=0&y=0 -- Benjamin Weber -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Thank you Benjamin for the useful links! Daniel On Saturday 03 May 2008 18.14:02, Benji Weber wrote:
On 03/05/2008, Daniel Bauer
wrote: Hello,
is there something like skype but open source and without the security risks of skype?
There is lots of SIP[0] based phone software. Such as wengophone[1], ekiga[2]. Also hardware[3] phones. These use open standardised protocols, you are not tied into any particular service provider.
__ [0] http://en.wikipedia.org/wiki/Session_Initiation_Protocol [1] http://packman.links2linux.de/package/wengophone [2] http://software.opensuse.org/search?baseproject=openSUSE%3A10.3&p=1&q=ekiga [3] http://amazon.co.uk/s/ref=nb_ss_w_h_/202-2866912-0599815?url=search-alias%3 Daps&field-keywords=sip+phone&x=0&y=0
-- Benjamin Weber
-- Daniel Bauer photographer Basel Switzerland professional photography: http://www.daniel-bauer.com erotic art photos: http://www.bauer-nudes.com/en/linux.html Madagascar special: http://www.fotograf-basel.ch/madagascar/ -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
There is lots of SIP[0] based phone software. Such as wengophone[1], ekiga[2]. Also hardware[3] phones. These use open standardised protocols, you are not tied into any particular service provider.
__ [0] http://en.wikipedia.org/wiki/Session_Initiation_Protocol [1] http://packman.links2linux.de/package/wengophone [2] http://software.opensuse.org/search?baseproject=openSUSE%3A10.3&p=1&q=ekiga [3] http://amazon.co.uk/s/ref=nb_ss_w_h_/202-2866912-0599815?url=search-alias%3 Daps&field-keywords=sip+phone&x=0&y=0
Just to add a vote... I use Ekiga all the time. It will connect to any VoIP provider that uses standard SIP protocols (example, I have been using Freecall.com - based in Köln, DE if that makes any difference, and I have no connections with them other than as a customer). I have found that in openSUSE 10.3, Ekiga and Skype battle for access to my USB headset... not an issue if you don't use Skype :-) C. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Saturday 03 May 2008, Daniel Bauer wrote:
Thank you Benjamin for the useful links!
Daniel
On Saturday 03 May 2008 18.14:02, Benji Weber wrote:
On 03/05/2008, Daniel Bauer
wrote: Hello,
is there something like skype but open source and without the security risks of skype?
There is lots of SIP[0] based phone software. Such as wengophone[1], ekiga[2]. Also hardware[3] phones. These use open standardised protocols, you are not tied into any particular service provider.
__ [0] http://en.wikipedia.org/wiki/Session_Initiation_Protocol [1] http://packman.links2linux.de/package/wengophone [2] http://software.opensuse.org/search?baseproject=openSUSE%3A10.3&p=1&q=eki ga [3] http://amazon.co.uk/s/ref=nb_ss_w_h_/202-2866912-0599815?url=search-alias %3 Daps&field-keywords=sip+phone&x=0&y=0
-- Benjamin Weber
-- Daniel Bauer photographer Basel Switzerland professional photography: http://www.daniel-bauer.com erotic art photos: http://www.bauer-nudes.com/en/linux.html Madagascar special: http://www.fotograf-basel.ch/madagascar/
but the thing is no one ever uses them it's all skype , I cant for the life of me see why you are soi PARANOID about security you hiding national government secrets or similar either that or you got some serious stuff to hide from people .. -- SuSE Linux 10.3-Alpha3. (Linux is like a wigwam - no Gates, no Windows, and an Apache inside.) -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Sat, May 3, 2008 at 5:17 PM, peter nikolic
-- Daniel Bauer photographer Basel Switzerland professional photography: http://www.daniel-bauer.com erotic art photos: http://www.bauer-nudes.com/en/linux.html Madagascar special: http://www.fotograf-basel.ch/madagascar/
but the thing is no one ever uses them it's all skype , I cant for the life of me see why you are soi PARANOID about security you hiding national government secrets or similar either that or you got some serious stuff to hide from people ..
Perhaps the clue is in his sig..... -- ----------JSA--------- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Sat, May 3, 2008 at 7:17 PM, peter nikolic
but the thing is no one ever uses them it's all skype , I cant for the life of me see why you are soi PARANOID about security you hiding national government secrets or similar either that or you got some serious stuff to hide from people ..
I'm so tired hearing again and again this stupid argument - if you are not doing something wrong, why should you care to hide it ... It's perfectly ok to have sex with your wife/girlfriend, it's not wrong at all, but I doubt you'd like this to be viewed by somebody else. More examples can be provided, though. So, keeping your thoughts/life private is not wrong, and there's nothing wrong to want it that way. -- Svetoslav Milenov (Sunny) Even the most advanced equipment in the hands of the ignorant is just a pile of scrap. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Sunday 2008-05-04 04:32, Sunny wrote:
On Sat, May 3, 2008 at 7:17 PM, peter nikolic
wrote: I'm so tired hearing again and again this stupid argument - if you are not doing something wrong, why should you care to hide it ...
aka: "I have nothing to hide, but I do not have anything to tell you either." -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Sun, May 4, 2008 at 12:23 PM, Jan Engelhardt
On Sunday 2008-05-04 04:32, Sunny wrote:
On Sat, May 3, 2008 at 7:17 PM, peter nikolic
wrote: I'm so tired hearing again and again this stupid argument - if you are not doing something wrong, why should you care to hide it ...
aka: "I have nothing to hide, but I do not have anything to tell you either."
I agree with this analogy, it states exactly why we have regulations preventing anyone from opening your mail or bugging your phone without court approval in MOST jurisdictions. Society has made assertions of an expectation, if not a total right, to privacy in legal interactions with others, be it verbal, or written, or transactions. Those things that cause people difficulty are due to expectations of privacy in places that such was never asserted or offered. Public places, are by definition public, (oddly enough) and video/audio monitoring are not forbidden. You may hold a conversation in Times Square, but you would never have the expectation that it was private, even if you spoke Klingon. The largest source of confusion and false expectation is the internet. There is not now, nor has there ever been an expectation of privacy on this medium. Right or wrong, this is the situation today, and if you use an encrypted protocol you _may_ usurp some privacy, but its still unclear that you have a "right" to it. I think people become too easily confused with the attempt to claim privacy in a public network (by what ever means) and the actual transmission of illegal information. -- ----------JSA--------- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Sun, May 4, 2008 at 2:47 PM, John Andersen
I agree with this analogy, it states exactly why we have regulations preventing anyone from opening your mail or bugging your phone without court approval in MOST jurisdictions. Society has made assertions of an expectation, if not a total right, to privacy in legal interactions with others, be it verbal, or written, or transactions.
Those things that cause people difficulty are due to expectations of privacy in places that such was never asserted or offered.
Public places, are by definition public, (oddly enough) and video/audio monitoring are not forbidden. You may hold a conversation in Times Square, but you would never have the expectation that it was private, even if you spoke Klingon.
The largest source of confusion and false expectation is the internet. There is not now, nor has there ever been an expectation of privacy on this medium.
Right or wrong, this is the situation today, and if you use an encrypted protocol you _may_ usurp some privacy, but its still unclear that you have a "right" to it.
I think people become too easily confused with the attempt to claim privacy in a public network (by what ever means) and the actual transmission of illegal information.
Yes, they are. And actually, people too easily forget what privacy is lately. People forget, that the actual problem is: it is wrong that I try to hide (encrypt) my conversations, when using internet (by default no expectation of privacy)? It is about right and wrong, and if I have the right to protect my privacy. And if protecting my privacy is an evidence that I'm doing something wrong. I can get back to the analogy I put before - ones' private life with his/her spouse. Is it wrong to encrypt such a conversations/pictures/talks? Especially as there is no expectations that your communications over internet are protected? You know how easy is for some sysadmin somewhere on route to intercept it. And to post it on youtube, just because it looks interesting. What I was saying is, that the blanket statement - if you do not have something to hide, why should you care to encrypt it - is totally flawed, and when the medium (or environment) does not offer (suggest) some expectations of privacy, it is perfectly OK to perform some actions to protect(hide) the conversation. One can even whisper in her party's ear on Times Square for that purpose alone, and noone should tell that this is wrong. Btw, this is very good reading on the topic (the pdf at the bottom of the page): http://papers.ssrn.com/sol3/papers.cfm?abstract_id=998565 -- Svetoslav Milenov (Sunny) Even the most advanced equipment in the hands of the ignorant is just a pile of scrap. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Sun, May 4, 2008 at 11:31 PM, Sunny
One can even whisper in her party's ear on Times Square for that purpose alone, and noone should tell that this is wrong.
Or encrypt messages (voice or text) over the internet. To refocus on the subject at hand: Now Skype is encrypted end to end. Most sip services are not. So I find it really odd, that the title of this thread is "something like skype, but secure" Skype is more secure than most of the alternatives as far as the actual user is concerned. Admittedly, the end user neither knows nor gets to assign the encryption key. Its automatically generated for them. Since most skype calls don't go thru Skype infrastructure (connections are arranged there, but once you connect you are no longer going thru their boxes). But unless or until skype offers the ability to generate and use one's own key the suspicion will always be that while you wisper in the other's ear in Times Square, someone with a shotgun microphone is listening. -- ----------JSA--------- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Sunday 2008-05-04 at 23:42 -0700, John Andersen wrote:
To refocus on the subject at hand:
Now Skype is encrypted end to end. Most sip services are not. So I find it really odd, that the title of this thread is "something like skype, but secure"
Because the privacy of the conversation is only one of the security aspects. If your concerns are the network of an organization, for instance, then you worry about those other aspects. - -- Cheers, Carlos E. R. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4-svn0 (GNU/Linux) iD8DBQFIHuM7tTMYHG2NR9URArr0AJ4/7tQ5p+q0qPw4XPJYJfINlcOo2QCdF+AT Hvf86CJhz7niqBgPnCq8xRc= =zkKx -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On 04/05/2008, peter nikolic
but the thing is no one ever uses them it's all skype , I cant for the life of me see why you are soi PARANOID about security you hiding national government secrets or similar either that or you got some serious stuff to hide from people ..
Not true. SIP telephony is widely used in businesses, even for handling hundreds or thousands of internal and external phone calls. Skype is mainly only used by home users. You can run your own telephony system with asterix, connect it to one or several telephony providers which will link it to the PoTS, using the cheapest provider for each call. The advantage of open protocols is what made the world wide web take off, everyone can interoperate. One of the reasons of moving to VoIP is to get away from vendor lockin of the PoTS. Skype on the other hand is a proprietary protocol that creates far more vendor lockin than the PoTS does in many countries. To communicate with another skype user you must be using a skype product and skype's network. If skype start charging everyone for doing skype-skype calls then there's nothing you can do about it. If skype were to triple their prices you could move to another provider... oh wait you can't. Furthermore, by using skype you are donating your computer's bandwidth, and CPU time to extending a proprietary network that can only be used for increasing skype's profit, have you read the EULA? Additionally, you are locked into using proprietary non-free client software which could be doing anything to your computer, there is already suspicion that it sends more information than is required or agreed upon back to skype, and skype could add any additional functionality that you would not know about to the client in future releases. So the choices are use SIP telephony which is widely used, there are hundreds of providers you can chose between and mix and match, and a huge choice of both softare and hardware phones. Or you could be anti-social and use skype, telling everyone they must lock themselves into using a proprietary protocol and proprietary software in order to talk to you. -- Benjamin Weber -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Sat, May 3, 2008 at 8:57 AM, Daniel Bauer
Hello,
is there something like skype but open source and without the security risks of skype?
Daniel --
Odd how this timing works out... Slashdot story about a Google service in Beta: http://mobile.slashdot.org/article.pl?sid=08/05/03/2057247 http://grandcentral.com/support/howitworks/ -- ----------JSA--------- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
participants (12)
-
Benji Weber
-
Carlos E. R.
-
Clayton
-
Daniel Bauer
-
James Knott
-
Jan Engelhardt
-
John Andersen
-
Mark Goldstein
-
Peter J. P-N
-
peter nikolic
-
Sunny
-
Wolfgang Rosenauer