[VOIPSEC] Anything new on skype security?
Robert Moskowitz
rgm at icsalabs.com
Wed Sep 14 10:22:37 CDT 2005
At 03:04 AM 9/14/2005, Hank Nussbacher wrote:
>At 07:38 PM 13-09-05 -0400, Randell Jesup wrote:
> > Some people at columbia did a protocol analysis on it, though they
> >couldn't evaluate the encryption.
>
><http://www1.cs.columbia.edu/~library/TR-repository/reports/reports-2004/cucs-039-04.pdf>
I think Henning was on this list at some time. Or maybe just the
Board's list. And I know him for many IETF meetings.
I recently provided my boss with a short writeup on another
technology's security problems and I pointed out how Skype is doing
so well, becuase most don't give a ____ about someone tapping their calls.
But hiding security is never a good thing. As far as DOD/NSA crypto,
not since Clipper have we had to deal with anything from them in the
commercial world.
I am tossing around some ideas for scalable security with reasonable
risk (from little to none, depending on user's interest). It is only
a rough outline, and I have sent it to a few for comments; none so
far. I may post it here later today.
Robert Moskowitz
Senior Technical Director
ICSA Labs, a division of Cybertrust, Inc.
W: 248-968-9809
F: 248-968-2824
VoIP: 248-291-0713
E: rgm at icsalabs.com
There's no limit to what can be accomplished if it doesn't matter who
gets the credit
More information about the Voipsec
mailing list