[Psi-Devel] QT Messenger Join Venture
Hal Rottenberg
hal at halr9000.com
Tue Oct 23 06:45:07 PDT 2007
On 10/23/07, Andreas Ntaflos <daff at pseudoterminal.org> wrote:
> I think it has more to do with valid "paranoia". Serverless IM probably allows
> more secure communication between two people as there is no server in-between
> them that could have a malicious admin who likes to eavesdrop or do a
> man-in-the-middle-attack. Of course using GnuPG for end-to-end encryption
> would effectively prevent such a scenario but knowing how most people think
> setting up GnuPG is too big of a hassle.
>
> Serverless IM presumably would feature encryption on the transport level
> somehow so it woud be easier and more secure "out of the box", without users
> having to set up end-to-end encryption manually.
I think you've described the argument well. However the lack of a
server does not make something inherently more secure. That was a
fallacy which came about in the early P2P days, but has since been
very stoutly disproven. You can find this out by reading almost any
"YRO" story on Slashdot. Honeypots and fake clients infect all the
P2P systems nowadays, extracting all kinds of useful information.
--
Blog: http://halr9000.com
Webmaster, Psi (http://psi-im.org)
Co-host, PowerScripting Podcast (http://powerscripting.net)
More information about the Psi-Devel
mailing list