Re: [liberationtech] Question about otr.js
On 2013-06-07, at 1:09 PM, Anthony Papillion anth...@cajuntechie.org wrote: On 06/06/2013 07:00 PM, Nadim Kobeissi wrote: Speaking as the lead developer for Cryptocat: OTR.js actually has had some vetting. We're keeping it experimental simply due to the experimental nature of web cryptography as a whole. It's a handy library that has had a lot of consideration put into it, but it really depends on your use case and threat model. If you want to use it to keep conversations private in moderate situations, go ahead. If you want to use it to keep conversations private against an authoritarian regime/sprawling surveillance mechanism, think twice. Overall I find it really hard to tell whether it's safe enough without knowing your threat model. For example, if your threat model includes a likelihood of someone backdooring your hardware, pretty much nothing can help you. If you're considering building your own app and using OTR.js as a library, I beseech you to be careful regarding code delivery mechanisms and XSS considerations. Specifically, please use signed browser plugins as a code delivery mechanism and make sure the rest of your app, including outside of OTR.js, is audited against XSS, code injection, and so on. Those kind of threats tend to be far more common than library bugs. NK Thank you for the excellent feedback on OTR.js. It really clears some stuff up and makes me much more confident in the library. I'm considering using OTR.js as a basis for an OTR plugin for Thunderbird chat. I suppose, in theory, people *could* decide to use it in life and death situations under sprawling surveillance regimes, I'd try to make it clear how unwise this is and provide alternatives. For example, I'd point them to Pidgin with its OTR instead. I would never suggest Pidgin — Pidgin has never received an audit and is full of vulnerabilities that the development team is reluctant to fix. Cryptocat has actually received far more audits than Pidgin, although I'm not sure how to compare the two since the platforms are totally different. NK Thanks again! Anthony -- Anthony Papillion Phone: 1.918.533.9699 SIP: sip:cajuntec...@iptel.org iNum:+883510008360912 XMPP:cypherpun...@jit.si www.cajuntechie.org -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Question about otr.js
Pidgin is a terrible client. It has quite a bit of issues. Their SSL handling is terrible and possible to mitm, I audited the Windows build last August and found known vulnerabilities since 2006 in 2012.. only recently in february that the Pidgin team released a security update.. Avoid using Pidgin at all costs. Over at https://useotrproject.org/ we are busy extending Adam langley's xmpp-client in Go. Creating a security, privacy and aonimity client by default. We hope to have a beta before ohm2013. Op 7 jun. 2013 19:19 schreef Nadim Kobeissi na...@nadim.cc het volgende: On 2013-06-07, at 1:09 PM, Anthony Papillion anth...@cajuntechie.org wrote: On 06/06/2013 07:00 PM, Nadim Kobeissi wrote: Speaking as the lead developer for Cryptocat: OTR.js actually has had some vetting. We're keeping it experimental simply due to the experimental nature of web cryptography as a whole. It's a handy library that has had a lot of consideration put into it, but it really depends on your use case and threat model. If you want to use it to keep conversations private in moderate situations, go ahead. If you want to use it to keep conversations private against an authoritarian regime/sprawling surveillance mechanism, think twice. Overall I find it really hard to tell whether it's safe enough without knowing your threat model. For example, if your threat model includes a likelihood of someone backdooring your hardware, pretty much nothing can help you. If you're considering building your own app and using OTR.js as a library, I beseech you to be careful regarding code delivery mechanisms and XSS considerations. Specifically, please use signed browser plugins as a code delivery mechanism and make sure the rest of your app, including outside of OTR.js, is audited against XSS, code injection, and so on. Those kind of threats tend to be far more common than library bugs. NK Thank you for the excellent feedback on OTR.js. It really clears some stuff up and makes me much more confident in the library. I'm considering using OTR.js as a basis for an OTR plugin for Thunderbird chat. I suppose, in theory, people *could* decide to use it in life and death situations under sprawling surveillance regimes, I'd try to make it clear how unwise this is and provide alternatives. For example, I'd point them to Pidgin with its OTR instead. I would never suggest Pidgin — Pidgin has never received an audit and is full of vulnerabilities that the development team is reluctant to fix. Cryptocat has actually received far more audits than Pidgin, although I'm not sure how to compare the two since the platforms are totally different. NK Thanks again! Anthony -- Anthony Papillion Phone: 1.918.533.9699 SIP: sip:cajuntec...@iptel.org iNum:+883510008360912 XMPP:cypherpun...@jit.si www.cajuntechie.org -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Question about otr.js
On 06/07/2013 12:18 PM, Nadim Kobeissi wrote: I would never suggest Pidgin — Pidgin has never received an audit and is full of vulnerabilities that the development team is reluctant to fix. Cryptocat has actually received far more audits than Pidgin, although I'm not sure how to compare the two since the platforms are totally different. Oh, OK. So, aside from CryptoCat, what would you suggest? How well audited is Jitsi? -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Question about otr.js
Nadim's reply is much better just linking to the otr.js author's own warning. I'd like to reiterate the importance of code delivery. I've seen a couple dozen of attempts to do crypto via server-hosted Javascript. All of these reduced to trusting whomever is serving the code. This issues have been covered many times, most prominently by Matasano Security: http://www.matasano.com/articles/javascript-cryptography/ Anthony, it sounds like you're aware of the issues and planning to develop code that will be installed and executed on the client, i.e. a plugin for Thunderbird chat. On Thu, Jun 6, 2013 at 5:00 PM, Nadim Kobeissi na...@nadim.cc wrote: Speaking as the lead developer for Cryptocat: OTR.js actually has had some vetting. We're keeping it experimental simply due to the experimental nature of web cryptography as a whole. It's a handy library that has had a lot of consideration put into it, but it really depends on your use case and threat model. If you want to use it to keep conversations private in moderate situations, go ahead. If you want to use it to keep conversations private against an authoritarian regime/sprawling surveillance mechanism, think twice. Overall I find it really hard to tell whether it's safe enough without knowing your threat model. For example, if your threat model includes a likelihood of someone backdooring your hardware, pretty much nothing can help you. If you're considering building your own app and using OTR.js as a library, I beseech you to be careful regarding code delivery mechanisms and XSS considerations. Specifically, please use signed browser plugins as a code delivery mechanism and make sure the rest of your app, including outside of OTR.js, is audited against XSS, code injection, and so on. Those kind of threats tend to be far more common than library bugs. NK On 2013-06-06, at 7:49 PM, Steve Weis stevew...@gmail.com wrote: The status is: [otr.js] hasn't been properly vetted by security researchers. Do not use in life and death situations! https://github.com/arlolra/otr#warning On Thu, Jun 6, 2013 at 3:14 PM, Anthony Papillion anth...@cajuntechie.org wrote: I'm thinking about working on a web app that would use otr.js to enable OTR chat via the way (probably similar to Cryptocat). Does anyone know what the security status of otr.js is? Has it been vetted? If not, what is the recommended (vetted) Javascript way of doing OTR? -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Question about otr.js
On Fri, Jun 7, 2013 at 7:59 PM, Steve Weis stevew...@gmail.com wrote: I'd like to reiterate the importance of code delivery. I've seen a couple dozen of attempts to do crypto via server-hosted Javascript. All of these reduced to trusting whomever is serving the code. This issues have been covered many times, most prominently by Matasano Security: http://www.matasano.com/articles/javascript-cryptography/ Hello everyone: This is what I call the server in the middle problem. I actually did my final career project about this [1]. Basically, we need the equivalent of SSL in the sense of standarization for end-to-end web security, or this problem will get worse and worse. Regards, -- [1] http://edulix.wordpress.com/2012/01/08/the-server-in-the-middle-problem-and-solution/ -- Eduardo -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Question about otr.js
On Fri, Jun 07, 2013 at 07:44:35PM +0200, Jurre andmore wrote: Pidgin is a terrible client. It has quite a bit of issues. Their SSL handling is terrible and possible to mitm, I audited the Windows build last August and found known vulnerabilities since 2006 in 2012.. only recently in february that the Pidgin team released a security update.. Avoid using Pidgin at all costs. BTW, I use mcabber with OTR/PGP support http://mcabber.com/ Any security opinion? -- ___ [wil...@trip.sk] [http://trip.sk/wilder/] [talker: ttt.sk 5678] -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
[liberationtech] Question about otr.js
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 I'm thinking about working on a web app that would use otr.js to enable OTR chat via the way (probably similar to Cryptocat). Does anyone know what the security status of otr.js is? Has it been vetted? If not, what is the recommended (vetted) Javascript way of doing OTR? Thanks, Anthony - -- Anthony Papillion Phone: 1.918.533.9699 SIP: sip:cajuntec...@iptel.org iNum:+883510008360912 XMPP:cypherpun...@jit.si www.cajuntechie.org -BEGIN PGP SIGNATURE- Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBCgAGBQJRsQnEAAoJEAKK33RTsEsVnRgP/j/P7dHAN6zprpsuvv6AiDJs owUWlfaJVT5Iv6IKjUBnG7OcOLImn0yXKv5yUWLpLSSlM3ToozookZCVwQCEOUlS BQ0/r+mvLPXBx86D6tJrhYlrNJP4xmOxG4Mh5Wposf7NphvSo2maoBUxo1attrVo xVulvcHpKWUbdA2oTqn+rhsjX4FvQSUAWEBUHldClIoK2PPL4nfV2OeQAAqBhFj+ uONLMhiMJwqvQSVYSKTtyjnxWJ9dlPEr1VZ9jpKiBNRakY4n0l9DE6wkBWGD4nWw OJDaJcnUegVEXR99jY8jgY0uhUx2wbdGCSIsJppJswGdvgJO1BNjm2/FzcnfHmFs 9+ZVcNuJ7nbPkrJE53/Yyk8TA6qymmGBYIBJ/ocWG9PfaZU2naELs39iSc3qpP2x 0oHxn7pNaEORgLmOF722ufmuvJqC84GsE8QWCdGmicJbJr16jnrv0a/n8lBSysSs aSJ0I4IurK29jnyAIKYYrFBOOcuKKEdaz5Wl4qdlFQ2c0+vAoZU1kXBFV71ZU55a eKfeARw5agwCXhU1iWVdM+63toymnfoC4I8lQQ493EDMgdji4aRbmr8G0zhxqrOx xcA4HipkXfZK7V1s13iI06K7qWYfrFKQdUNvTvzLTdOUZaWL4gHLPheub6WuUzR6 PYJsR6pz5Us7qAs2J7Rp =dBbm -END PGP SIGNATURE- -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Question about otr.js
The status is: [otr.js] hasn't been properly vetted by security researchers. Do not use in life and death situations! https://github.com/arlolra/otr#warning On Thu, Jun 6, 2013 at 3:14 PM, Anthony Papillion anth...@cajuntechie.org wrote: I'm thinking about working on a web app that would use otr.js to enable OTR chat via the way (probably similar to Cryptocat). Does anyone know what the security status of otr.js is? Has it been vetted? If not, what is the recommended (vetted) Javascript way of doing OTR? -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Question about otr.js
Speaking as the lead developer for Cryptocat: OTR.js actually has had some vetting. We're keeping it experimental simply due to the experimental nature of web cryptography as a whole. It's a handy library that has had a lot of consideration put into it, but it really depends on your use case and threat model. If you want to use it to keep conversations private in moderate situations, go ahead. If you want to use it to keep conversations private against an authoritarian regime/sprawling surveillance mechanism, think twice. Overall I find it really hard to tell whether it's safe enough without knowing your threat model. For example, if your threat model includes a likelihood of someone backdooring your hardware, pretty much nothing can help you. If you're considering building your own app and using OTR.js as a library, I beseech you to be careful regarding code delivery mechanisms and XSS considerations. Specifically, please use signed browser plugins as a code delivery mechanism and make sure the rest of your app, including outside of OTR.js, is audited against XSS, code injection, and so on. Those kind of threats tend to be far more common than library bugs. NK On 2013-06-06, at 7:49 PM, Steve Weis stevew...@gmail.com wrote: The status is: [otr.js] hasn't been properly vetted by security researchers. Do not use in life and death situations! https://github.com/arlolra/otr#warning On Thu, Jun 6, 2013 at 3:14 PM, Anthony Papillion anth...@cajuntechie.org wrote: I'm thinking about working on a web app that would use otr.js to enable OTR chat via the way (probably similar to Cryptocat). Does anyone know what the security status of otr.js is? Has it been vetted? If not, what is the recommended (vetted) Javascript way of doing OTR? -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech