There seems to have been a lot of discussion on this in the past threads, yet it would seem that for the sake of providing something "superior" nothing is available so far. While I would agree that false sense of security is worse than no security at all, it would also seem that awaiting for all major IM protocols/services to come up with *some* sort of a unified scheme is waiting in vain. I'd frankly doubt that MSN or AIM/ICQ by themselves would *ever* provide secure comm (Passport, anyone?). Besides, relying on a.m. service providers almost automatically means that expectation is that some form of server-based security would have to be implemented, which I think is a bit flawed. I think it was on gaim-e list that a statement was made that (paraphrase) it does not make sense to use client-based encryption (e.g. GnuPG/PGP), because (a) you can't use it in multi-way chat and (b) some mediums (e.g. IRC) don't support it at all. I think it is not a correct assumption. I may be wrong, but it seems to me that major part of communication is done on a one-to-one basis, hence encryption scheme using GnuPG/PGP would work perfectly. Besides, aside from a case when a single user in a multi-way chat/conference does not have a key (and hence whole conference cannot be conducted securely), there's nothing holding from sending a separate chat message encrypted for a particular party. Lastly, as mentioned elsewhere on this forum, GnuPG/PGP round-tripping would, probably, be the easiest type of secure comm implementation -- and it will be as secure as one can get at this point -- sure if you trust it encrypting your email traffic, it should be sufficient for chat messages?
May 15, 2004
Encryption support request in Adium X. I have just posted the following bit to Adium X support forum:
I've just decided to give Adium X a try -- had no idea about it, till I saw it in Darwin Ports listing in aqua category. It feels very solid -- I'd say more so than Fire, albeit it is obviously very subjective statement. There sure seems to have been more thought put into the UI, etc. Both of them beat Psi tops down as far as UI goes -- but that's to be expected, considering that Psi is a QT application that is taking advantage of QT being available on Mac as well as on most UNIX flavors and Windows. The look is sort of ok -- from a distance it may pass for a Cocoa app, but not once you get close, let alone personal. What is regretful in Adium, is lack of GnuPG support. I'd switch over to it today, had it had GnuPG at core or via a plugin. It also seems like this whole topic is bo-bo with developers... Strange.
(linux & !debian = bad news), Sun, Solaris is a very nice take at Windows/Linux?Solaris and how Sun should play that game. I wholeheartedly agree with his point about RH and derivatives RPM hell -- I remember trying (or facing? or suffering?) it once in the past -- that was one of the reason I dumped RH for the second time. Debian has always been my favorite distro -- even though I have left active Linux life a few year ago. Yet if I were to go back -- it would nearly certainly be Debian (or a Debian based commercial or otherwise distro). There also seemed to be some rumors in the past that HP might back Debian up (probably when Progeny was more alive thna it is now) -- but it never turned true (yet?).
May 14, 2004
Ther e is an article at PopSci's site Is This What War Will Come To?, and a related thread on Slashdot. One thing that bothered me while I was reading this article is that while (theoretically) trying to make me (or an abstract reader) feel more secure (sure, with weapons like these, who'd ever consider a war?) it made me feel much less so. It has been pointed out many times before that thinking of super weapons as means of safeguarding peace is wrong. The world has been on a verge of a few drastic conflicts exactly because of arms race (a competition to come up with a weapon superior to a super weapon of your opponent). Will people ever learn? I guess not...