Secure Instant Messaging

Objekt

Titel
Secure Instant Messaging
Suppression of secure communications by governments
Beschreibung
The talk describes some of the current practices of Instant Messaging providers, and go over what makes some of the design choices better or worse, describing possible and known attacks against messaging protocols and suggest possible solutions to those problems. If possible a live demonstration of exploitation of AOLs Instant Messenger will be shown though a simple attack on DNS.about this event: http://www.ccc.de/congress/2004/fahrplan/event/134.en.html
content
Instant messaging has become one of the most common methods of communication in the Internet age, just about every person who has an Internet connection has one or more instant messaging accounts with one or more of the big providers (AOL, MSN, Yahoo, etc.). The problem with current messaging providers is that each and every instant messaging protocol designed so far has made security and privacy an after-thought. With simple blunders like non-cryptographicly mangled passwords, clear text conversations, the use of format strings in server-client communications. And in some cases, just plain dumb protocol implementations.

Another topic I will attempt to cover is the suppression of securing technologies by the American (and other) governments by law, for example the US's use of the ITAR to suppress the use and distribution of such simple technologies as virus scanners, SSL and how even the act of assisting someone in implementing these can land a person in jail.. my intent is to color the talk with personal stories, news articles, and textual examples from the laws themselves.
Veröffentlichungsdatum
29 Dezember 2004
Beteiligte Person
Phar
Is Referenced By
21C3 Website Screenshot21C3 Website
Umfang
0:46:48
Typ
video/mp4
Tag
21c3
Hacking
Identifikator
ark:/45490/b0D6ep