<html>
  <head>
    <meta content="text/html; charset=windows-1252"
      http-equiv="Content-Type">
  </head>
  <body bgcolor="#FFFFFF" text="#000000">
    <br>
    <div class="moz-cite-prefix">On 04/11/14 17:43, Joseph Bonneau
      wrote:<br>
    </div>
    <blockquote
cite="mid:CAOe4UikStsETR12TDTT1UnsxTL19ONYKOHCv6ZPtV_1M22XXAA@mail.gmail.com"
      type="cite">
      <div dir="ltr">First version launched today: <a
          moz-do-not-send="true"
          href="https://www.eff.org/secure-messaging-scorecard"
          target="_blank">https://www.eff.org/secure-messaging-scorecard</a>
        <div><br>
        </div>
        <div>This was a collaboration between tech advisers (primarily
          Peter Eckersley and myself) and a good team of people with
          experience in journalism and activism and there were
          necessarily some compromises made. The primary goals here
          were:</div>
        <div><br>
        </div>
        <div>(a) simplicity for users (and journalists) to draw some
          conclusions about what's out there right now and we had to
          make a lot of compromises to keep things simple for end-users
          to understand.</div>
        <div><br>
        </div>
        <div>(b) reasonable carrots for some of the traditional
          messaging apps to add security features, get audits, and
          publish source code.</div>
        <div><br>
        </div>
        <div>Hopefully we will be launching a more detailed version next
          year with many more evaluation criteria but would be curious
          to hear feedback on this version from other folks working in
          this space.</div>
        <div><br>
        </div>
        <div>Cheers,</div>
        <div><br>
          Joe</div>
      </div>
      <br>
      <fieldset class="mimeAttachmentHeader"></fieldset>
      <br>
      <pre wrap="">_______________________________________________
Messaging mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Messaging@moderncrypto.org">Messaging@moderncrypto.org</a>
<a class="moz-txt-link-freetext" href="https://moderncrypto.org/mailman/listinfo/messaging">https://moderncrypto.org/mailman/listinfo/messaging</a>
</pre>
    </blockquote>
    <br>
    Since when is Skype "Encrypted so the provider can’t read it?" That
    might have been the case a very long time ago but now certainly is
    not true anymore, just considering this:
    <a class="moz-txt-link-freetext" href="http://arstechnica.com/security/2013/05/think-your-skype-messages-get-end-to-end-encryption-think-again/">http://arstechnica.com/security/2013/05/think-your-skype-messages-get-end-to-end-encryption-think-again/</a>
    (i take it by "provider" you mean the server provider, otherwise
    that would just be pretty much the same as "encrypted in transit"?)<br>
    Generally for Applications which are not open source it will be very
    hard to prove that "the provider can't read it".<br>
    Also, i encountered a snag when clicking on the "sort by" column
    headings, apparently they turn black (on black background) once they
    have been visited.<br>
    Regards,<br>
    <br>
    S<br>
  </body>
</html>