[OTR-users] OTR mentioned in Snowden documents?
Mike Minor
mike at firstworldproblems.com
Thu Sep 12 13:31:15 EDT 2013
On Sep 12, 2013, at 10:21 AM, The Doctor <drwho at virtadpt.net> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On 09/10/2013 11:16 PM, Paul Wouters wrote:
>
>> Perhaps the NSA counts Mannings OTRed logged conversastions as
>> "broken into"? :)
>
> What about a vulnerability in the IM client (not the OTR plugin) that
> allows an attacker to grab messages post-decryption or pre-encryption
> (ala Skype surveillanceware)? That would neatly evade the crypto
> while allowing access to the plaintext.
>
What sparked my interest was an info-graphic by the NYT detailing NSA successes per NSA documents that stated:
"Encrypted chat - Available with chat programs like Adium or with software added to programs like AOL Instant Messenger, providing 'end to end' encryption, in which the data cannot be decrypted at any point along the transfer (even by the messaging service)."
Granted, this is a bad game of telephone. I read the above to mean OTR and not a specific client.
More information about the OTR-users
mailing list