[jitsi-users] jitsi service


#1

do these security flaws effect jitsi security: http://blog.azimuthsecurity.com/2013/06/attacking-crypto-phones-weaknesses-in.html

you give the free XMPP service jit.si for using with Jitsi but there's no privacy policy!! Do you store conversations, in encrypted or other form? What's information is logged about users?

are jitsi conversations fully end-to-end encrypted?

is there a portable windows version of jitsi that's self contained?


#2

do these security flaws effect jitsi security:
http://blog.azimuthsecurity.com/2013/06/attacking-crypto-phones-weaknesse
s- in.html

No, they don't. We use the Java version of the ZRTP library and Java code in
general is not affected by buffer overflows.

you give the free XMPP service jit.si for using with Jitsi but there's no
privacy policy!! Do you store conversations, in encrypted or other form?
What's information is logged about users?

Yup, we should add one. As Emil already told a couple of weeks ago:

P.S. For the list: no we don't log IP addresses and sign-in times.

And no, we don't log conversations either.

are jitsi conversations fully end-to-end encrypted?

Yes, once you see the green padlock during a call, which usually happens
automatically. For chats, you manually need to enable encryption with OTR
(press the padlock in the toolbar).

is there a portable windows version of jitsi that's self contained?

No (at least not yet).

Ingo