[cryptography] msft skype IM snooping stats & PGP/X509 in IM?? (Re: why did OTR succeed in IM?)

Adam Back adam at cypherspace.org
Sun Mar 24 12:06:08 EDT 2013

Ian wrote:
>Are we saying then that the threat on the servers has proven so small 
>that in practice nobody's bothered to push a persistent key 
>mechanism? Or have I got this wrong, and the clients are doing p2p 
>exchange of their ephemeral keys, thus dispersing the risk?

Its been a while since I used pidgin OTR via the plugin, but I suspect it
would warn you if keys change unexpectedly (ssh key-caching style).  There
might also be a ADH fingerprint or something.  Maybe someone who is actively
using it or knows how it works could comment.  But otherwise you would be
very right that the chat server would actually be definitionally placed to
conduct MITMs.  An option to PGP sign the ADH would be nice.

>IMHO, it's not Microsoft that has ever been special in this respect.  
>It is all large companies that have a large invasive government. 
>Unfortunately, once a company has made its bed in a country, the side 
>deals are inevitable.

shades of hushmail backdooring.  It seems a very ethically dubious concept
to me that a service with specific privacy policy could be required to
modify its code to install a backdoor, and/or not talk about it.  Personally
I do not consider this type of arm-twisting to be consistent with an open
democratic society.

Anyway the obvious defense is to design protocols that are end 2 end secure,
not vulnerable to server based back doors, including CA malfeasance, and
open source so that client backdoors can be more easily detected also.

My prediction for the list is that detectable CA based and other MITMing
will become more prelavant and brazen.  Ie the climate will get so they feel
they dont have to worry too much about it being detectable.  Think eg China,
Iran but US following their lead.

>>And clearly there are plenty of people with very legitimate reasons to
>>hide; given the levels justice has stooped to do these days in their legal
>>treatment of activists (even green activists, anti-financial crimes,
>>corporate ethics activists, whistleblowers) - western countries are
>>slipping backwards in terms of transparency and justice.
>And people like us.

I'd kind of forgotten about that, maybe dimly remember reading it though it
sounds a bit paranoid, but seems like that guy narrowly avoided becoming
another Andrew Auernheimer (Weev)


41 months for pointing out to a journalist that att had an unprotected API
allowing iphone accounts to be identified.  More CFAA idiocy.

I guess dont live in the US is one partial defense.

Lesson for now until Aaron's law can undo the capricious stupidity is dont
probe servers, or if you are asked to by the owner written permission, or
probe over ToR, and release your findings to journalists via anonymous
remailers.  Dangerous times to be a security researcher for sure.

It could be that you might get similar issues for non-network things even -
eg reverse engineer a protocol and break it?  Probably most click through
licenses also forbid such things.  Obviously there have been various abuses
of DMCA which were not actually DRM related, but maybe there is scope even
beyond that for ignoring anti-security-testing stuff in click through

Encourages the ostrich, and PR denial approach to security flaws. 
Corporates will thing they can achieve "security" via the corporate entity
and US "justice" aggressively abuse CFAA to suppress flaws, to avoid
embarrassment.  (And probably not bother fixing either, leading to the
actual security they ought to care about going unsecured - government
sponsored and organized criminal activities exploiting the flaws for
espionage or illicit profit!)


More information about the cryptography mailing list