[TriLUG] easy encrypted VoIP?
Michael Tharp
gxti at partiallystapled.com
Tue Jun 5 09:51:26 EDT 2007
Brian Henning wrote:
> Skype *claims* to be end-to-end encrypted. I suspect that it's
> end-to-central-server-unencrypted-tapped-reencrypted-central-server-to-e
> nd. But that could just be the tinfoil hat talking.
>
>
Skype leeches idle users' bandwidth to help route calls between heavily
NATted clients, so I don't think Skype acts as a man-in-the-middle for
any calls whatsoever. That's why the feds are so upset - they don't mind
encryption, they just want to be able to recover the session keys so
that a call tapped via an ISP can be decrypted. I wouldn't be surprised
if Skype does phone home with the session keys, though, in which case
the encryption is useless to avoid wiretapping.
My latest pet project is a generic p2p framework (the first app for
which will be an IRC-like chat). I'd certainly like to implement voice
and video in the future, and you can bet money it'll be end-to-end
encrypted.
More information about the TriLUG
mailing list