Ian Goldberg, leading security researcher, professor at the University of Waterloo, and co-creator of the Off-the-Record Messaging (OTR) protocol recently gave a talk on protecting your IM conversations. He discusses OTR and its importance in today's world of warrant-less wire tapping. OTR users benefit from being able to have truly private conversations over IM by using encryption to obtain authentication, deniability, and perfect forward secrecy, while working within their existing IM infrastructure. With the recent NSA wiretapping activities and increasing Big Brother presence, security and OTR are increasingly important.
Isn't EVERYONE very upset that we need these types of applications these days? Why does it seem reasonable that EVERYONE needs to hide their communications from their own governments? Shouldn't we be more upset that things have gotten so out of hand?
I think encryption in communications should be the default. The best way to discourage people from snooping is to make it incredibly difficult by default. Then, in all likelihood, time will be spent spying on the most useful targets, rather than the easiest en masse in the hopes of blind luck.
I think you are right and that OTR, and other encryption programs like it, could receive a substantial boost in usage if we could get popular distributions like Ubuntu to include and enable them by default. I think the classic quoted example is that of organ downer opt-in (in the us being 20%) and in some other country where it is opt-out it is around 80%.
Do you know what the export restrictions would be like on software that was actually secure? Needless to say, Mr Gates wouldn't have been allowed to sell all his wares to China.
