>Those who really need security and privacy, know not to use Skype.
Everyone needs security, and privacy. If you're a company, you need security and privacy, and most will just assume that Skype provides it. And for the most part Skype provides them with the security they need. Most of the users of Skype just needs protection from snooping competitors and Skype provides that to a sufficient extend.
Honestly no one will care the slightest that Skype has become less secure, because in their eyes it hasn't.
But yes, most users for Skype are pretty naive, about security at least.
>If you're a company, you need security and privacy, and most will just assume that Skype provides it. And for the most part Skype provides them with the security they need. Most of the users of Skype just needs protection from snooping competitors and Skype provides that to a sufficient extend.
Aren't businesses supposed to use skype for business?
Probably, since "Skype for Business" is a renamed Microsoft Lync and has basically no technology in common with Skype per se. (Its user experience is also terrible, but differently so.)
An endless source of confusion. What's even more fun is that the two clients almost, but don't really, interoperate, when the stars are in the correct alignment. Peer-to-peer calls and instant messages tend to be okay, but things go sideways when they get stepped into an n-way. It's buckets of fun trying to figure out why some calls get dropped by a Lync-based chat application, only to figure out that the customer was using the wrong client.
I'm so tired of this, no I don't, at least not as much as so many people think I need. No, I don't care if my Netflix password is easily crackable, and no I don't care if the US government reads my Skype chats!
Why am I not allowed to make that choice, to use Skype and be okay with the convenience tradeoff? I agree that I should have the choice, but if I do choose to use something insecure with full knowledge of it's insecurity, can't I be free to do that?
a) False, privacy is exactly what we're talking about. b) irrelevant.
When you allow yourself to be vulnerable to others with power over you especially the government, eventually they will take advantage. Whether you or someone unluckier, and we should protect the weak. This has been recognized for centuries, try reading some Locke or Jefferson.
In the general, yes, we're talking about privacy, but specifically, no, it's not what we're talking about -- we're specifically talking about Skype's need to be completely private, and how if it's not, we're somehow losing the battle for privacy everywhere, as if Skype's insecurity will make people unable to use PGP or some other good encryption.
Just because I can post a bulletin on a public poster board, doesn't mean I can't also write a private letter. There are no "weak" people here, and plenty of better battlefronts to wage this war. Every single messaging platform doesn't need to be completely secure, that's absurd.
Just to back up a second, what is it you think I'm advocating here? That we not have privacy??
No, but the freedom to have "no privacy" is not a problem anyone has. There is no privacy online and no alternatives to Skype that we can get anyone to use.
> I agree that I should have the choice, but if I do choose to use something insecure with full knowledge of it's insecurity, can't I be free to do that?
But you are free to do that, aren't you? Last time I checked, cyber-police wasn't going around and giving people fines for not using a TOR client.
As a matter of fact, given that you are at least aware of the concepto of "convenience tradeoff", you probably are in the minority that is qualified to exercise such freedom responsibly. You may still make a mistake and land in the "too little" (or, less likely, "too much") camp on any individual decision... but most of the time you should be making the right calls more often than not.
When people in the know say "Everyone needs security and privacy", they are not talking about you. They are talking about the guy who has seen the Swordfish movie, though it was an embelished but otherwise accurate depiction of reality, and believe that a hacker is a younger version of Wolverine with super powered intuition that can type some gibberish @500wpm until they happen to run into your password. This people is not knowledgeable enough to reason about the tradeoffs (even if they know how to reason, the lack of priors and the wrong but otherwise sensible assumptions just kill them).
We are talking about having minimally secure defaults, for the sake of those that cannot (or will not) set their own configurations.
Actually, if everybody knew that a channel is insecure, it would make it a lot less dangerous. The problem is: most of people need it to be safer, and there is no real option.
A) if you and your contact knows that a channel is compromised, you'll be able to adapt if needed. But if one thinks it is safe, the other don't care about its safeness and it happens to be a compromised channel, the first guy might be in trouble. (B) If the default option was something architecturally safer (like encrypted decentralized mail), they would be able to trust it without need to fully trust the other parts envolved (contact and service).
I was hoping you'd prove that most people consider Skype to be secure, for A, because that's what you claimed. As for B, there are many other options, I don't really know what you mean by "they would be able to trust it without need to fully trust the other parts envolved (contact and service)." Are you saying PGP is backdoored? Do you know something we don't?
I feel that if a users assumption of privacy was based on skype being peer-to-peer and are now concerned their calls are being routed via the cloud, are in a bit of a misunderstanding about how intercept/collection can work.
Those who really need security and privacy, know not to use Skype.