It wasn't clear to us whether the NSA intercepts Skype by breaking the crypto, or by compelling injection of false public keys in order to perform a man in the middle attack. In the latter case it's the third checkmark (lack of ability to verify keys) that's their users' undoing. We're talking to Microsoft about that at the moment, and may revise that entry.
There's a weird case around iMessage and any tool that is provided by an OS vendor. I think we need to add a note about this, but in those cases that company could inject malware or a backdoor either in the messaging system or somewhere else in the OS. Since we're trying to tackle one hard problem at a time (secure messaging but not secure operating systems and software distribution) there should be an extra caveat about offerings from OS vendors.
The only tool that gives strong metadata protection right now is Pond, and we aren't listing unusable tools that aren't out of beta yet. We considered but haven't yet included bitmessage for the same reason.
question asked in good faith: does it really matter to a given user exactly how adversaries are successfully attacking Skype? shouldn't some of the things that we've already seen disclosed--e.g. that NSA gained significant, at-scale capabilities against Skype right after it was acquired by Microsoft--be enough to invalidate essentially any crypto-related promises the company may assert, or even those that an audit might support? if not, i think it's at least worth making a distinction between products with known backdoors and products without them. today's TAO attack is tomorrow's phd thesis, etc.
I disagree that the only tool that gives strong metadata protection is pond. i2p-bote, bitmessage, and chatsecure over orbot at least advertise themselves as giving metadata protection by design. Thought I didn't realize bitmessage was in beta still.
The iMessage issue isn't related to iMessage being developed by the same company that handles the OS. It is that Apple holds the decryption keys for your messages; this is security by policy not security by design. http://blog.cryptographyengineering.com/2013/06/can-apple-re...
There's a weird case around iMessage and any tool that is provided by an OS vendor. I think we need to add a note about this, but in those cases that company could inject malware or a backdoor either in the messaging system or somewhere else in the OS. Since we're trying to tackle one hard problem at a time (secure messaging but not secure operating systems and software distribution) there should be an extra caveat about offerings from OS vendors.
The only tool that gives strong metadata protection right now is Pond, and we aren't listing unusable tools that aren't out of beta yet. We considered but haven't yet included bitmessage for the same reason.