Quoting Pirate Praveen (2014-08-06 13:27:04) > On Wednesday 06 August 2014 04:50 PM, Jonas Smedegaard wrote: >> Being Free Software (or Open Source as some prefer to label it) is >> good (but percentage is silly: either it is or it isn't Free >> Software!) >> >> What I objected to, however, was not the freedoms defined by "Free >> Software" and "Open Source", but instead the freedom of independence >> and staying in control of own devices and own data - a.k.a. privacy. >> >> Code can be "100% open source" while breaching privacy. > > If we do end-to-end encryption, we can guarantee privacy. You need to ensure both that a) the end-to-end encryption protocols are properly designed, and b) those protocols are implemented securely. I would advice against trusting guarantees issued by debian-dug-in because I am unaware of any good track record of guarantees issued here. I would recommend to instead follow advices from the Guardian project. > But if we depend on a centralized service, we are creating dependence, > for some reason if the service provider is shut down, you are out of > luck. Also I couldn't figure out what protocol they use from their > FAQ. So my recommendations are TextSecure or XMPP/OTR. I use Loqui IM > on my Firefox OS phone (there is no TextSecure yet for Firefox OS) > with OTR support. On desktop, you can use pidgin with otr plugin. Beware that Pidgin has a very bad track record regarding security. Personally I use Pidgin, but I don't rely on the OTR plugin. If you need to trust OTR, you should probably use an alternative implementation - some say Jitsi is better. - Jonas -- * Jonas Smedegaard - idealist & Internet-arkitekt * Tlf.: +45 40843136 Website: http://dr.jones.dk/ [x] quote me freely [ ] ask before reusing [ ] keep private
Attachment:
signature.asc
Description: signature