zooko
zooko
Oh man. I just offered to buy Bitcoin from someone. He appeared not to recognize "XMPP and OTR", but suggested cryptocat. :-/
moxie
Moxie Marlinspike
@zooko And eventually this will become a very real problem. Reminds me of hushmail. =(
@zooko And eventually this will become a very real problem. Reminds me of hushmail. =(
abditum
Griffin Boyce
@moxie @zooko How do you think that being based outside the US will affect the 'hushmail problem' if at all?
@moxie @zooko How do you think that being based outside the US will affect the 'hushmail problem' if at all?
eqe
@eqe (Andy Isaacson)
@abditum @moxie @zooko well hushmail was also based in canada, didn't help them at all.
@abditum @moxie @zooko well hushmail was also based in canada, didn't help them at all.
kaepora
Nadim Kobeissi
@moxie @zooko The Hushmail example does not at all apply. This same example is discussed here: vimeo.com/45830811
@moxie @zooko The Hushmail example does not at all apply. This same example is discussed here: vimeo.com/45830811
zooko
zooko
@kaepora Sorry, I haven't seen the video yet. Cryptocat could be backdoored including against a specific target user. @moxie
@kaepora Sorry, I haven't seen the video yet. Cryptocat could be backdoored including against a specific target user. @moxie
kaepora
Nadim Kobeissi
@zooko @moxie And that, too, sir, is addressed. I gave an hour-long talk with the sole purpose of answering such questions. Watch it first.
@zooko @moxie And that, too, sir, is addressed. I gave an hour-long talk with the sole purpose of answering such questions. Watch it first.
moxie
Moxie Marlinspike
@kaepora Well, pointing someone to an *hour* long video is certainly one way to dodge questions. (@zooko)
@kaepora Well, pointing someone to an *hour* long video is certainly one way to dodge questions. (@zooko)
kaepora
Nadim Kobeissi
@moxie @zooko Not when they directly address the concerns; but you are free to not watch and not advance the discussion further.
@moxie @zooko Not when they directly address the concerns; but you are free to not watch and not advance the discussion further.
moxie
Moxie Marlinspike
@kaepora I did better and looked at the code. All handwaving aside, I'm asking about the current situation, not the potential future @zooko
@kaepora I did better and looked at the code. All handwaving aside, I'm asking about the current situation, not the potential future @zooko
zooko
zooko
@kaepora Yeah, I'd like to watch your video sometime, but no matter what it says, the guy I mentioned is making himself vulnerable. @moxie
@kaepora Yeah, I'd like to watch your video sometime, but no matter what it says, the guy I mentioned is making himself vulnerable. @moxie
RiptideTempora
Riptide Tempora
@kaepora if @moxie didn't have a reputable history of technological competence, I would ask why you even bother with that elitist prick. :\
@kaepora if @moxie didn't have a reputable history of technological competence, I would ask why you even bother with that elitist prick. :\
moxie
Moxie Marlinspike
@kaepora It shouldn't take more than 140 chars to explain how it's not as simple as a) breaking SSL, or b) being the operator. (@zooko)
@kaepora It shouldn't take more than 140 chars to explain how it's not as simple as a) breaking SSL, or b) being the operator. (@zooko)
ioerror
Jacob Appelbaum
@moxie @zooko I think that @kaepora is working on a plugin for the Tor Browser which makes it 0) Tor Hidden Services & 1) local plugin
@moxie @zooko I think that @kaepora is working on a plugin for the Tor Browser which makes it 0) Tor Hidden Services & 1) local plugin
abditum
Griffin Boyce
@moxie Attacker would also need to serve rotten .js to all parties, and it's available as a hidden service @ioerror @zooko @kaepora
@moxie Attacker would also need to serve rotten .js to all parties, and it's available as a hidden service @ioerror @zooko @kaepora
abditum
Griffin Boyce
@moxie If the concern is MITM, virtually all services are vulnerable in some way, key = minimization vs elimination @ioerror @zooko @kaepora
@moxie If the concern is MITM, virtually all services are vulnerable in some way, key = minimization vs elimination @ioerror @zooko @kaepora
ioerror
Jacob Appelbaum
@abditum @moxie @zooko @kaepora The issue is that a MITM can load and run code on your machine. It's not just about cryptographic MITM.
@abditum @moxie @zooko @kaepora The issue is that a MITM can load and run code on your machine. It's not just about cryptographic MITM.
abditum
Griffin Boyce
@ioerror This is true (recent Uyghur malware comes to mind), but all parties would need to be targeted to be efective @moxie @zooko @kaepora
@ioerror This is true (recent Uyghur malware comes to mind), but all parties would need to be targeted to be efective @moxie @zooko @kaepora
ioerror
Jacob Appelbaum
@abditum @moxie @zooko @kaepora Huh? No. It requires exactly one person to be MITM'ed properly to get the entire group's chat.
@abditum @moxie @zooko @kaepora Huh? No. It requires exactly one person to be MITM'ed properly to get the entire group's chat.
kaepora
Nadim Kobeissi
@ioerror @abditum @moxie @zooko Cryptocat has been distributed as a local browser extension for quite some time now.
@ioerror @abditum @moxie @zooko Cryptocat has been distributed as a local browser extension for quite some time now.
ioerror
Jacob Appelbaum
@kaepora @abditum @moxie @zooko When a user is only vulnerable to a cryptographic MITM, cryptocat will be up to speed with normal OTR.
@kaepora @abditum @moxie @zooko When a user is only vulnerable to a cryptographic MITM, cryptocat will be up to speed with normal OTR.
kaepora
Nadim Kobeissi
@ioerror @abditum @moxie @zooko Of course - Cryptocat 2 will provide OTR over XMPP. We're releasing the first public beta this summer =)
@ioerror @abditum @moxie @zooko Of course - Cryptocat 2 will provide OTR over XMPP. We're releasing the first public beta this summer =)
ioerror
Jacob Appelbaum
@kaepora @abditum @moxie @zooko Both of those changes do not address the fact that a server can give you whatever it wants or break it, etc
@kaepora @abditum @moxie @zooko Both of those changes do not address the fact that a server can give you whatever it wants or break it, etc
ioerror
Jacob Appelbaum
@kaepora @abditum @moxie @zooko I know you understand but as I predicted, you're getting static for not loudly disclaiming those facts...
@kaepora @abditum @moxie @zooko I know you understand but as I predicted, you're getting static for not loudly disclaiming those facts...
ioerror
Jacob Appelbaum
@kaepora @abditum @moxie The experience @zooko had is a great example of how the future doesn't matter as much as present realities.
@kaepora @abditum @moxie The experience @zooko had is a great example of how the future doesn't matter as much as present realities.
ioerror
Jacob Appelbaum
@kaepora @abditum @moxie Yes, someday @zooko's bitcoin friend will be safer but not now and perhaps, not ever, if that is their first keyex
@kaepora @abditum @moxie Yes, someday @zooko's bitcoin friend will be safer but not now and perhaps, not ever, if that is their first keyex
zooko
zooko
@kaepora I'm not saying it is easy! Education is hard. But IMO when you offer a security tool you gain a moral obligation. @ioerror @moxie
@kaepora I'm not saying it is easy! Education is hard. But IMO when you offer a security tool you gain a moral obligation. @ioerror @moxie
kaepora
Nadim Kobeissi
@zooko Absolutely. Cryptocat Project details what Cryptocat can and can't do + best usage practices: project.crypto.cat/about/ @ioerror @moxie
@zooko Absolutely. Cryptocat Project details what Cryptocat can and can't do + best usage practices: project.crypto.cat/about/ @ioerror @moxie
kaepora
Nadim Kobeissi
@zooko We are also designing a multilingual Cryptocat field guide with usage info, distributed freely in digital/print @ioerror @moxie
@zooko We are also designing a multilingual Cryptocat field guide with usage info, distributed freely in digital/print @ioerror @moxie
joelknighton
Joel Knighton
@kaepora If the local browser extension is the preferred method, shouldn't it be linked to on the homepage at least? @zooko @ioerror @moxie
@kaepora If the local browser extension is the preferred method, shouldn't it be linked to on the homepage at least? @zooko @ioerror @moxie
moxie
Moxie Marlinspike
@joelknighton Yeah, buried pretty far in there. @kaepora, do you really believe this is only a "theoretical" problem? @zooko @ioerror
@joelknighton Yeah, buried pretty far in there. @kaepora, do you really believe this is only a "theoretical" problem? @zooko @ioerror
ioerror
Jacob Appelbaum
@moxie @joelknighton @kaepora @zooko While not exactly perfect, I feel like every cryptocat user should be prompted for a local install.
@moxie @joelknighton @kaepora @zooko While not exactly perfect, I feel like every cryptocat user should be prompted for a local install.
kaepora
Nadim Kobeissi
@ioerror @moxie @zooko Here is a serious proposition: Would it satisfy you if Cryptocat 2 (OTR over XMPP in browser) was local app only?
@ioerror @moxie @zooko Here is a serious proposition: Would it satisfy you if Cryptocat 2 (OTR over XMPP in browser) was local app only?
ioerror
Jacob Appelbaum
@kaepora @moxie @zooko That question doesn't even make sense. Do you mean a native app like Pidgin (minus the 0day)? Or an app in browser?
@kaepora @moxie @zooko That question doesn't even make sense. Do you mean a native app like Pidgin (minus the 0day)? Or an app in browser?
ioerror
Jacob Appelbaum
@kaepora @moxie @zooko In general, I think the right answer is to make people install a browser extension from a trusted site and use a tag.
@kaepora @moxie @zooko In general, I think the right answer is to make people install a browser extension from a trusted site and use a tag.
Dymaxion
Eleanor Saitta
@ioerror @kaepora @moxie @zooko ...and for people who can't install anything, but *will* talk regardless? Why not offer them *something*?
@ioerror @kaepora @moxie @zooko ...and for people who can't install anything, but *will* talk regardless? Why not offer them *something*?
moxie
Moxie Marlinspike
@Dymaxion CC-web is reducible to the security of SSL alone. My assertion is that this means gchat is more secure. @ioerror @kaepora @zooko
@Dymaxion CC-web is reducible to the security of SSL alone. My assertion is that this means gchat is more secure. @ioerror @kaepora @zooko
Dymaxion
Eleanor Saitta
@moxie @ioerror @kaepora @zooko ...once an adversary has automated the exploitation, yes. This is not zero cost.
@moxie @ioerror @kaepora @zooko ...once an adversary has automated the exploitation, yes. This is not zero cost.
Dymaxion
Eleanor Saitta
@moxie @ioerror @kaepora @zooko Different logging profiles and political orientation of server operators may have some real world effect too
@moxie @ioerror @kaepora @zooko Different logging profiles and political orientation of server operators may have some real world effect too
moxie
Moxie Marlinspike
@Dymaxion Agreed that it'd be nice if we could do better, but this isn't it. @ioerror @kaepora @zooko
@Dymaxion Agreed that it'd be nice if we could do better, but this isn't it. @ioerror @kaepora @zooko
Dymaxion
Eleanor Saitta
@moxie @ioerror @kaepora @zooko What properties would a better solution have, given the hard requirement of zero-install?
@moxie @ioerror @kaepora @zooko What properties would a better solution have, given the hard requirement of zero-install?
quinnnorton
Quinn Norton
@ioerror @kaepora @moxie @zooko what about users who don't have install privileges, i.e. most of them in the world?
@ioerror @kaepora @moxie @zooko what about users who don't have install privileges, i.e. most of them in the world?
kaepora
Nadim Kobeissi
@quinnnorton @ioerror @moxie @zooko You don't need install privileges to add an extension to your browser.
@quinnnorton @ioerror @moxie @zooko You don't need install privileges to add an extension to your browser.
wiretapped
Leif Ryge
@quinnnorton @ioerror @kaepora @moxie @zooko all security tools should inform users in plain terms of some specific attacks they do not stop
@quinnnorton @ioerror @kaepora @moxie @zooko all security tools should inform users in plain terms of some specific attacks they do not stop
kaepora
Nadim Kobeissi
@wiretapped @quinnnorton @ioerror @moxie @zooko Cryptocat includes ample warnings: i.imgur.com/HgVeS.png project.crypto.cat/about/
@wiretapped @quinnnorton @ioerror @moxie @zooko Cryptocat includes ample warnings: i.imgur.com/HgVeS.png project.crypto.cat/about/
wiretapped
Leif Ryge
@kaepora it's verbose yet vague. why not explicitly describe web cc's big 2 perpetual vulnerabilities (server compromise, ssl mitm)?
@kaepora it's verbose yet vague. why not explicitly describe web cc's big 2 perpetual vulnerabilities (server compromise, ssl mitm)?
quinnnorton
Quinn Norton
@wiretapped @ioerror @kaepora @moxie @zooko i srly doubt you could do that in a comprehensible way.
@wiretapped @ioerror @kaepora @moxie @zooko i srly doubt you could do that in a comprehensible way.
ioerror
Jacob Appelbaum
@kaepora @moxie @zooko Remember when I suggested that? The server could advertise itself in html, etc. Local code required to use it.
@kaepora @moxie @zooko Remember when I suggested that? The server could advertise itself in html, etc. Local code required to use it.
ioerror
Jacob Appelbaum
@kaepora @moxie @zooko When the chat feature works without a local plugin, people are happy but also not actually secure at all.
@kaepora @moxie @zooko When the chat feature works without a local plugin, people are happy but also not actually secure at all.
Dymaxion
Eleanor Saitta
@ioerror @kaepora @moxie @zooko This is not completely true. There are adversary profiles where this is at least temporarily useful.
@ioerror @kaepora @moxie @zooko This is not completely true. There are adversary profiles where this is at least temporarily useful.
maradydd
Meredith L Patterson
@ioerror @moxie @joelknighton @kaepora @zooko Yes. Presenting known concerns and mitigation options upfront is an ethical imperative.
@ioerror @moxie @joelknighton @kaepora @zooko Yes. Presenting known concerns and mitigation options upfront is an ethical imperative.
moxie
Moxie Marlinspike
@kaepora I don't understand this logic. It's like saying "because GPG exists, it's OK that hushmail in insecure." @ioerror @abditum @zooko
@kaepora I don't understand this logic. It's like saying "because GPG exists, it's OK that hushmail in insecure." @ioerror @abditum @zooko
moxie
Moxie Marlinspike
@kaepora If your position is that people should be using the alternatives, then take away the insecure option? @ioerror @abditum @zooko
@kaepora If your position is that people should be using the alternatives, then take away the insecure option? @ioerror @abditum @zooko
ioerror
Jacob Appelbaum
@moxie @kaepora @zooko At which point, when Cryptocat is basically {mpOTR,OTR} - it's also vuln to MITM like most things.
@moxie @kaepora @zooko At which point, when Cryptocat is basically {mpOTR,OTR} - it's also vuln to MITM like most things.