What if this technology is already available and being used in combination with man-in-the-middle attacks for the modification of communications in real time? A state-sponsored malicious actor can even start wars between unsuspected countries. Governments don't need to wait for Adobe to write software for their cyberwar arsenals.
The only way to (try and) guard against this that I can think of is cryptographically signing and verifying all important communications, whether between country leaders or between corporations. Maybe this is necessary for personal communications too.
TFA correctly mentions cardiovascular diseases, stroke, chronic obstructive pulmonary disease and lung cancer, which often lead to death. It fails to mention the link to dementia, which can be a fate far worse than death.
Serious businesses don't change the active contracts with their clients whenever they feel like it, without first discussing it with the rest of the affected parties in order to reach an agreement. This should be the normal practice for the ToS as well.
Indeed. Including the magic clause "[company] may rewrite the terms of service from time to time, and it's the users responsibility to check the website periodically [...]" solves all future problems.
I always believed that no court in the universe will find this valid. Are you sure it's allowed in the US?
A lady was recently awarded around 10K $ if I'm not mistaken. This was compensation for the windows 10 upgrade disrupting her work. 10K buys you plenty of macs.
Note: Tox is still under heavy development — expect to run into some bugs.
in their download page (https://tox.chat/download.html) and I got confused and blamed the clients. Good thing that you caught it. Both the Android and iOS clients seem to be in really good shape.
Maybe using an application like Jitsi allows you to connect with people using other messenger software. You can register a SIP address and then chat with any other user that has a SIP address, no matter what their comm client is.
Maybe using an application (like Jitsi, as other posters already suggested) can interoperate with other messengers. You can register a SIP address and then chat with any other user that has a SIP address, no matter what their comm client is. At least in this manner you won't have to convince all your friends to switch to just that one client that works best on your platform (but you would still need to convince them to move from Skype, securely configure some new software client that works on their device, have them register a SIP address... so still far from doable).
While on this subject, I'm not aware of how good SIP security is. Also not sure which SIP providers are considered secure and honest to respect their terms of service and privacy policies. I guess it also depends on how competent where the client developers in implementing the security features.
Tox looks promising but it's not quite there yet from looking at their site. Their mobile device clients look buggy / under heavy development. I hope they get their soon though.
You're absolutely right: "how much security" is a fundamental question before considering solutions. My "secure enough" phone could be decryptable by 3-letter governement agencies, but not from a random criminal without state-sponsored resources.
Concerning privacy, conversations and contacts should be invisible to mass marketing siphons and their partners. Again, I don't expect that a state-sponsored organization won't be able to eavesdrop if they decide to, and it doesn't really matter.
Unfortunately that version of the scoreboard is outdated and new one is underway but there is not even a draft published. Nevertheless, I had a look at several of the most promising looking software listed there and trying to figure out if there is even one that is currently secure enough.
Slashdot Mirror
What if this technology is already available and being used in combination with man-in-the-middle attacks for the modification of communications in real time? A state-sponsored malicious actor can even start wars between unsuspected countries. Governments don't need to wait for Adobe to write software for their cyberwar arsenals.
The only way to (try and) guard against this that I can think of is cryptographically signing and verifying all important communications, whether between country leaders or between corporations. Maybe this is necessary for personal communications too.
Only a huge payout will make companies lose their appetite for such "accidental" and "I-didn't-know-about-it" backdoors in the future.
TFA correctly mentions cardiovascular diseases, stroke, chronic obstructive pulmonary disease and lung cancer, which often lead to death. It fails to mention the link to dementia, which can be a fate far worse than death.
Serious businesses don't change the active contracts with their clients whenever they feel like it, without first discussing it with the rest of the affected parties in order to reach an agreement. This should be the normal practice for the ToS as well.
Indeed. Including the magic clause "[company] may rewrite the terms of service from time to time, and it's the users responsibility to check the website periodically [...]" solves all future problems.
I always believed that no court in the universe will find this valid. Are you sure it's allowed in the US?
A lady was recently awarded around 10K $ if I'm not mistaken. This was compensation for the windows 10 upgrade disrupting her work. 10K buys you plenty of macs.
Linphone looks good. How about trustworthy SIP public servers / providers? Do you have some in mind that also offer encryption?
Note: Tox is still under heavy development — expect to run into some bugs.
in their download page (https://tox.chat/download.html) and I got confused and blamed the clients. Good thing that you caught it. Both the Android and iOS clients seem to be in really good shape.
It's not a matter of what I'm using. It's a matter of having no control over the device and the software being used.
I did not build them, therefore I don't know if they are actually doing what they claim to be doing.
Maybe using an application like Jitsi allows you to connect with people using other messenger software. You can register a SIP address and then chat with any other user that has a SIP address, no matter what their comm client is.
Maybe using an application (like Jitsi, as other posters already suggested) can interoperate with other messengers. You can register a SIP address and then chat with any other user that has a SIP address, no matter what their comm client is. At least in this manner you won't have to convince all your friends to switch to just that one client that works best on your platform (but you would still need to convince them to move from Skype, securely configure some new software client that works on their device, have them register a SIP address... so still far from doable).
While on this subject, I'm not aware of how good SIP security is. Also not sure which SIP providers are considered secure and honest to respect their terms of service and privacy policies. I guess it also depends on how competent where the client developers in implementing the security features.
Tox looks promising but it's not quite there yet from looking at their site. Their mobile device clients look buggy / under heavy development. I hope they get their soon though.
You're absolutely right: "how much security" is a fundamental question before considering solutions. My "secure enough" phone could be decryptable by 3-letter governement agencies, but not from a random criminal without state-sponsored resources.
Concerning privacy, conversations and contacts should be invisible to mass marketing siphons and their partners. Again, I don't expect that a state-sponsored organization won't be able to eavesdrop if they decide to, and it doesn't really matter.
Unfortunately that version of the scoreboard is outdated and new one is underway but there is not even a draft published. Nevertheless, I had a look at several of the most promising looking software listed there and trying to figure out if there is even one that is currently secure enough.