Skype's success has caused people to start looking at the security angle. One easy claim is that because it is not open source, then it's not secure. Well, maybe. What one can say is that the open source advantage to security is absent, and there is no countervailing factor to balance that lack. We have trust, anecdotal snippets, and a little analysis, but how much is that worth? And how long will it last?
fm spotted these comments and attributed them to Sean D. Sollé:
Shame Skype's not open source really. Actually, it's pretty worrying that Skype's *not* open source.Posted by iang at February 13, 2005 06:41 PM | TrackBackGiven that you're happily letting a random app send and receive whatever it
likes over an encrypted link to random machines all over the interweb, the
best place for it is on a dedicated machine in a DMZ.Trouble is, you'd then have to VNC into it, or split the UI from the
telephony bits, but then you're back to needing the source again.Say what you like about Plain Old Telephones, but at least you know they're
not going to run through your house emptying the contents of your bookcases
through the letterbox out onto the pavement.Sean.
One way to look at it is this - it sets an example, and can be used to spur the open source community into providing an encrypted VoIP that works.
Note that crypto hooks *are* embedded in the open standard SIP protocol - they just aren't used (XTen provide crypto for their client, but it is propriatory and doesn't use the crypto negotiation hooks in the protocol)
Given the existence of the open source crypto libraries and the open source protocol, there is no reason not to combine the too - but oddly, there is no decent, open source SIP phone for windows (yes, I know - but its still the dominant platform out there) and until there is, I can't see how an open source but secure webphone could get off the ground.
I absolutely agree that this should spur the development of open source product along. One thing I suspect is that it will be somewhat difficult in a standards environment to do this. So SIP starts from a disadvantage, I'd suspect. Crypto protocols don't sit nicely being developed by committee. There are no successful examples of this.
Instead, good crypto protocols are wacked together by 1 or 2 guys in a quick afternoon's hacking, based on some clear and desparate need. Well, ok, so a bit longer than that. But the thing is, the more the product draws from different areas, the more you need a tight cohesive team that is not forever fighting the rabble of the committee.
I and Zooko recently knocked up a datagram protocol, something that there isn't much of out there. But it's not really oriented to VOIP. There is a new one by Eric Rescorla and a mate of his .. based on SSL, but again, I think SSL is a difficult choice to start from. There is a lot of merit in really throwing everything out and starting from scratch.
Posted by: Iang at February 13, 2005 09:20 PM