[messaging] EFF Secure Messaging Scorecard
Nikos Roussos
comzeradd at fsfe.org
Tue Nov 4 10:02:08 PST 2014
On 11/04/2014 06:43 PM, Joseph Bonneau wrote:
> First version launched today: https://www.eff.org/secure-messaging-scorecard
>
> This was a collaboration between tech advisers (primarily Peter
> Eckersley and myself) and a good team of people with experience in
> journalism and activism.
This is indeed a great tool. Kudos for work. Some comments:
1. How is that iMessage, Facebook Chat or Hangouts are *independently*
audited if there is no code available?
2. How is Skype communications "encrypted so the provider can't read"
verified? (or even more important how is this compatible with Prism? ;))
3. There should be a column "Does is it require to provide your phone
number?", which should be considered a security drawback (especially for
journalists or their sources).
4. Probably a column for extra points if an app can easily route traffic
through Tor (like ChatSecure).
5. Not 100% sure, but I think that pidgin/libpurple have been audited in
the past.
~nikos
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <http://moderncrypto.org/mail-archive/messaging/attachments/20141104/efd697d9/attachment.sig>
More information about the Messaging
mailing list