I used both WS_FTP and ICQ back in the day and I made the original recording of this sound and sent it to one or both of those companies. > The actual origin of the Uh Oh sound: My ex wife and I used to talk in Squeaky Voice a lot and were quite good at it. Who knows if it's true, but it's more fun to give the benefit of the doubt. That's really, really valuable metadata to governments.ĭeeper down in the comments you get a story about how this sound came to be. You're telling the company "I'm now talking to Bob, and I'm intentionally making the decision to not share that data with YOU". That's exactly what happens when you e.g. I was making the point that you should protect everything so you don't leak metadata about when you're having private conversation. >I'm one of those people that refuses to accept that "privacy is dead Therefore, I should evaluate in real time my conversation, constantly thinking how an outsider might perceive it, and if the other peer starts talking about something private, pack my bags and move abroad". An average Joe doesn't think "Whoa Ok, so this is TLS only, that means I should assume the server has access to content that might have implications depending on policy, level of government collaboration, and that foreign actors might also have access if they hack the server. #WORKING FROM HOME ASKED ME TO DOWNLOAD ICQ HOW TO#I just explained, people don't know how to threat model. The claims you made were more hand waving than I've ever seen before. Majority of them are with smart cryptographic design. >You have to face it: true E2EE is not achievable without significant sacrifices of user experience. Geez, maybe start by learning how cryptographic protocols work before making such claims. > basically stating that all you really need is a nice and cozy feeling of being secure, not true security. #WORKING FROM HOME ASKED ME TO DOWNLOAD ICQ CODE#scanning the QR code of the trusted instance. Yeah that is kind of what happens with proper E2EE, only you have access to your data on devices you've authorized by e.g. >each and every one of which were authorized by you No the idea is only you and your peer have access to the data. >because the idea of e2ee is to communicate only with devices Claiming things without reason is moronic. >actually, cause you'll be breaking the security model for some convenience The reasoning how you came to claim this is beyond moronic. Which is perfectly valid provided the user has to create sufficiently secure password. #WORKING FROM HOME ASKED ME TO DOWNLOAD ICQ ARCHIVE#>and another approach is to do an own encrypted archive to store data and sync between your devices. public key of the other device and then have your device send packets to that >one is to pass over decryption keys to a new device (potentially breaking E2EE security model If you have two devices that can receive the message, that's still only accessible to you. End-to-end encryption does not refer to two devices, it refers to two parties. >Now, by downloading and decrypting it on another device, you are adding a THIRD end where is is accessible You have to face it: true E2EE is not achievable without significant sacrifices of user experience. If you don't follow this rule, you make a travesty out of E2EE, basically stating that all you really need is a nice and cozy feeling of being secure, not true security. It's not E2EE at all, actually, cause you'll be breaking the security model for some convenience, because the idea of e2ee is to communicate only with devices, each and every one of which were authorized by you. #WORKING FROM HOME ASKED ME TO DOWNLOAD ICQ PASSWORD#You basically encrypt data and store it on a server, decrypting it with your password or certificate or something that you share between devices. To achieve that, you have basically two options: one is to pass over decryption keys to a new device (potentially breaking E2EE security model for another guy who does not expect you to use 2 devices without his explicit authorization), and another approach is to do an own encrypted archive to store data and sync between your devices. Now, by downloading and decrypting it on another device, you are adding a THIRD end where is is accessible. End to End Encryption means that the data is encrypted between TWO ends, your device and the device of your chat partner. Just stop and think about it for a second.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |