[jitsi-dev] Some info regarding ZRTP, OTR et al


#1

I just read an article in the 'Sueddeutsche Zeitung' (a renowed newspaper)
which summarizes a presentation at the 31C3 in Hamburg. The presenters were
Jacob Appelbaum and Laura Poitras. They summarize that NSA, GHCQ and others
have sever problems to listen to communication if you use goo encryption,
for example OTR (via XMPP).

The presentors also showed an internal NSA scale that goes from 'trvial' to
'catastrophic' (based on Snowden documents). 'Trivial' means NSA (and others)
can easily read the communications, 'catastrophic' means that they cannot decrypt
it. Here an original quote from the SZ article:

   Wenn Internetnutzer eine Anonymisierungs-Software einsetzen und über
   ein Programm telefonieren, dass das ZRTP-Protokoll unterstützt (ein
   Beispiel dafür wäre das Blackphone), werde es für die NSA "katastrophal".
   Ebenfalls sicher sei der Versand von E-Mails, die auf dem
   Verschlüsselungsstandard PGP basieren.

Translation (roughly): If you use anonymiser software and use a communication
app (VoIP) that uses ZRTP (for example Blackphone) then this is "catastrophic"
for the NSA. Also your e-mails are secure if you use PGP.

Well, Jitsi supports OTR and ZRTP for its online communication :slight_smile: .

Werner

···

--
Werner Dittmann
email: Werner.Dittmann@t-online.de
cell: +49 173 44 37 659
PGP key: 82EF5E8B