Safe Instant Messaging

[der.hans]

Am 22. Mar, 2013 schwätzte Kevin Brown so:

> Being open source doesn't prevent an application from doing what Skype does. 
> Especially if you are talking to someone else's server. I use Apache for my

This is why I and a couple of others specifically mentioned end-to-end
encryption :). If the IM clients aren't encrypting specifically to each
other, then the conversation is open to server-side surveillance.

> stuff, no user coming to a site I build has any idea what Apache is doing 
> with the request they are making. I could very easily make the server report 
> to the FBI for any connection to "questionable" material and no one would be 
> the wiser. Same thing with any software that needs an intermediary to work 
> (IM, web browsing, email, etc...).

Yup. Also, just because it's Free Software doesn't mean the binary
distribution hasn't been compromised. They might claim they've released
the complete and corresponding source code, but did they? A nice
thing about Red Hat Enterprise Linux (RHEL) is that CentOS is a complete
bare bones rebuild, so we can audit to see if there are any binary
differences.

Fedora, debian, Ubuntu and others have derivatives that also rebuild a
great portion of the distro, so they're also gettting audited just as a
matter of the normal business cycle.

I see this as a huge benefit of the Free Enterprise features of Free
Software.

ciao,

der.hans
-- 
#  http://www.LuftHans.com/        http://www.LuftHans.com/Classes/
#  Nobody grows old merely by living a number of years.
#  We grow old by deserting our ideals.
#  Years may wrinkle the skin, but to give up enthusiasm
#  wrinkles the soul.  -- Samuel Ullman