Slashdot Mirror
Secure IRC?
priikone writes: "IRC has had a lot of problems related to security and network scalability in the past, and
recently as well. However, there is an alternative -- secure alternative to IRC; the Secure Internet Live Conferencing (SILC), which has all the same features IRC has, with addition of superior security, and hopefully more scalable and powerful network topology. It is for all those who cares who's listening. It works, and is of course all Open Source." We posted an article about another secure IRC system last year.
IRC is open. Nobody can hijack the standard, even though MS tried to extend it without much success.
Shutting down free speech with violence isn't fighting fascism. It IS fascism!
Those two points have already been implemented on IRC in some servers.
1) An authentication system exists in the form of nickserv (although optional, can be made to prevent other users from using your nick), and no other information would be released if the user does not provide it. The only information released would be the hostname/ip, which is solved by point 2...
2) I can't remember which ircd does it now (one of the dalnet/undernet ircd's?), but there is a hostname cloaking feature, which removes the last 2 parts of a persons ip, or the first part of their hostname, while leaving enough information to determine what ISP a person is using (useful for legitimate reasons, such as finding out what country a person is connecting from without needing to ask), it prevents script kiddies from obtaining enough information to DoS a user. However it is still possible (even with any ip address blocking) to determine a users address by using netstat on a shell. (This has been done an servers where public shell access is given on the same machine as the ircd)
The problems not solved by those two methods are firstly, no encrypted communications can be made.. anything sensitive could be sniffed, even over a DCC connection (the paranoid types, like me, who wave hi to echelon and its ilk during most sensitive 'private' irc chats). To solve this, client side scripts could be used to encrypt DCC communications, no new server needed.
The other problem is lag/netsplits. For some purposes (talking to a small group of friends), this could be solved by using a single-server 'network' (no netsplits) and no server to server lag.
Most of these solutions require setting up your own irc server, but this isnt too hard to do and is no less hassle than moving to a completely new, incompatible system.
Nope, the way the DCC protocol works, you send a normal CTCP message to the user you want to connect to yourself. In that message you send the IP address and port you want the user to connect to. So the server still doesn't need to pass out address info, it's just as if you messaged somebody telling them your IP address yourself.
Well, the subject (edited by Slashdot) is a bit misleading. SILC is NOT IRC and is NOT IRC compatible. SILC is independent protocol. I guess the subject was first "A Secure Alternative To IRC?".
I thought UnrealIRCD already had ssl connections, and XChat 1.6.4+ have an option to connect in ssl mode.
You overlook the fact that server operators can join any channel - private or not.
Anytime you have a server-based protocol, you'll have people who will not be willing to change to a protocol they can't snoop on.
Major changes to IRC are going to be a hard sell. A very hard sell. And I just don't see it happening.
Jabber clients offer GPG encryption of chats and presence declarations. Open specs and all provided in extra-crunchy streaming xml!