[jdev] Re: Cspace

[thomasasta at gmx.net]

> -------- Original-Nachricht --------
> Datum: Sat, 5 Aug 2006 
> Von: CvL at mail.symlynX.com 

> -------- Original-Nachricht --------
> Datum: Sat, 5 Aug 2006 
> Von: Michal vorner Vaner <michal.vaner at kdemail.net>


Hi Carlo and Michael,

well, you brought up good reason, I follow!
Michael you replied only to me, but here the same.

Ok, then jabber servers do a job, which is complicated to lay all in the client for jabber. In CSpace it is done and it is not necessary to have jabber protocol and CSpace under one hood, if a python client like GAJIm is interested, maybe.. why not. Thanks for the discussion, good knowledge here. In the follopup i copy a discussion of a blog discussion Cspace and Jabber, so a small jabber conference outside jabber. Maybe you are interested to read. Carlo, if you then coded a client in three evenings,
then maybe you are interest to look into the code of cspace? As you write: not all of a DHT is uninteresting...

Kind regards!


http://digg.com/software/World_s_Most_Secure_Instant_Messenger_is_here_!!

World's Most Secure Instant Messenger is here !!

 submitted by putz 30 days ago (via http://cspace.in/)

CSpace is a Open Source Instant Messenger which Works on Peer - Peer Technology. CSpace Supports Text Chat, File Transfer and Remote Desktop. All users create 2048-bit RSA keys for themselves, A user is uniquely identified by his RSA public key. Believe me, its the best IM i have ever seen



 by putz on 7/05/06
+ 16 diggs  
"CSpace is developed in Python. It uses OpenSSL for crypto, and Qt for the GUI. CSpace is licensed under the GPL."

Have a look at what one of its developer says at:
http://www.xjeethux.blogspot.com 
[reply]
 by neoform on 7/05/06
+ 4 diggs  
where can i download it? the site's dead..
 by abhoody on 7/05/06
[below viewing threshold, show comment] - 63 diggs  
 by auto444988 on 7/05/06
+ 10 diggs  
http://www.xjeethux.blogspot.com
"CSpace aims to be THE platform for secure real time communications, quite akin to what PGP is for email."

The last i heard is that Phil Zimmerman is chief cryptographer at hushmail. Hushmail has Hush messenger.
http://www.hushmail.com/services-messenger?PHPSESSID=a0d2d5fd384a6582f099d042189b6ed9�download

Who do you trust?
 by jbno on 7/05/06
+ 18 diggs  
The last time I looked at the OpenSSL license, it was GPL-incompatible. This means that nobody can make a GPL-covered program that incorporates OpenSSL code. See http://www.gnu.org/licenses/license-list.html#OpenSSL for more on this.

One would have to either pick different encryption software which is compatibly licensed (like GNUTLS), do without encryption (not advisable), write one's own encryption software (not advised without much practice), or make the encryption happen through the exec mechanism where the GPL-licensed program runs the OpenSSL-licensed program like a shell script runs the programs it uses to work.

Also, for users of the program, it's worth keeping in mind that unless you control the machine on which the software is installed, it's not safe to trust it. It's great that CSpace is free software; we all ought to be able to run, inspect, share, and modify our software. But keylogging is not something CSpace's developers can protect against. If someone installs a keylogger on the system you run CSpace on, all of CSpace's software freedom and strong encryption won't keep your messages from being read by third parties. Suffice it to say that running CSpace on a non-free OS is not a secure CSpace installation.
 by jbno on 7/05/06
+ 7 diggs  
Whom do I trust? I trust any distributor of free software (free as in freedom to run, inspect, share, and modify). Hushmail is "currently free to download and use" (as their website claims) but this language suggests that the Hushmail software won't always be "free to download and use" and that I'm not free to inspect the program or share it with others.

If this is so, Hushmail is non-free and thus untrustworthy by default.
 by cremate on 7/05/06
[below viewing threshold, show comment] - 7 diggs  
 by lambda on 7/05/06
+ 2 diggs  
Even with SSL-Jabber, you rely on two or more central servers which when they go down, people notice. This looks like it's decentralized, like an open-source version of Skype.

Also, even with SSL, the Jabber servers still have to decrypt the messages. That means they can still be read by 3rd parties. For example, Google does this with its saved chats (the server stores the messages).
 by isasusinfinite on 7/06/06
+ 1 digg  
cremate: The funny thing is, jbno is simply stating why he doesn't like hushmail and warning n00bs against fully trusting their computers. Both of these descriptions he's given are quite well stated and certainly contribute to the discussion. Attacking him ad hominem makes you look like ...

The funny thing is, when you see an author write a comment that begins 'you, sir, are an idiot.' (and I've literally seen a few, even written one, in my idiot days) it's most eminently likely it's the author that is the idiot.
 by Jaymoon on 7/05/06
+ 9 diggs  
Needs some works in the "looks" department, but good concept (I guess?)... 
[reply]
 by ohdear on 7/05/06
+ 15 diggs  
I actually thinks it looks quite nice. No bloat, no ads no "Winks!" or other B.S.
The only thing that concerns me about this is the "Check Status" item in the menu. Shouldn't it be in complete sync?
 by rushfan on 7/05/06
+ 1 digg  
Yeah, Im used to using Bitlbee in a text based terminal so a graphical environemnt all is a bit much for me.
 by Markie1006 on 7/05/06
+ 1 digg  
screen Bitlbee rules.
 by ohdear on 7/05/06
+ 22 diggs  
Very nice... this is the way forward. There is no reason why all internet traffic shouldn't be secured in this fashion (or is there? somebody fill me in!) 
[reply]
 by pkulak on 7/05/06
+ 22 diggs  
Because encrypting and decrypting 2048-bit blobs is a lot of work when you don't need it.
 by flizzoyd on 7/05/06
+ 7 diggs  
There is a reason, it would take too long to unencrypt all of your data. Encrypting regular communications is fine because that's usally a lot less data than an average data file. I'm not saying data files with sensitive material shouldnt be encrypted but not all data on the internet needs to be encrypted.
 by hackman3vilGuy on 7/05/06
- 1 digg  
The government _can't / finds it harder to_ spy on you if you use this!
 by Seumas on 7/05/06
+ 36 diggs  
Why not just use jabber with encryption. GAIM, for example.
 by spengy on 7/05/06
+ 16 diggs  
@Seumas

Because this is decentralized.
 by lnxaddct on 7/05/06
+ 3 diggs  
If memory serves, IPv6 encrpyts every connection. The problem has been sovled, the solution simply needs to be implemented.
 by pingveno on 7/05/06
+ 2 diggs  
Jabber is decentralized as well. As long as you have a server that is SSL enabled then you can use encrypted messages.
 by elusive on 7/05/06
+ 10 diggs  
"If memory serves, IPv6 encrpyts every connection. The problem has been sovled, the solution simply needs to be implemented."

Yikes. Don't make comments like that unless you know what you are talking about. IPv6 has IPSec (network layer encryption) as part of the base protocol suite. It will not be used all of the time, or even most of the time. In fact, the current implementation relies on static keying, which means that it has no provisions for updating encryption keys when sequence numbers are reused, so it's not even practical for most people.

Not to mention that IPv6 isn't anywhere near widespread use. Are we just supposed to stay offline until it comes around?
 by Arevos on 7/05/06
- 1 digg  
@pingveno
Jabber still uses a client-server architecture, and SSL is used only for encrypting the message streams themselves. Thus, the server is party to all communications. You can see this happening in Google Chat, where Google's central servers can record and index your IM conversations.

This IM system appears to use a fully decentralised, P2P architecture, removing the need to rely unencrypted messages through a potentially untrusted third party.
 by putz on 7/05/06
[below viewing threshold, show comment] - 13 diggs  
 by woadwarrior on 7/05/06
+ 15 diggs  
@jaymoon: We're working on the looks department. any further specific feedback would be greatly appreciated :)
@ohdear: Since CSpace is completely p2p (except for the optional keyserver) and completely synchronous status notification would be very hard to implement without a presence central server. 
[reply]
 by putz on 7/05/06
[below viewing threshold, show comment] - 5 diggs  
 by Blumeroom on 7/05/06
+ 7 diggs  
Putz.. I believe those are smilies. 
[reply]
 by jsd8cc on 7/05/06
+ 3 diggs  
We've been trying to find a F/OSS secure IM client for our department...dugg! 
[reply]
 by schmichael on 7/05/06
+ 17 diggs  
Try Gaim + the Off the Record Plugin. Portable Gaim even preinstalls it for you. It offers completely transparent encryption over your standard IM networks.

http://portableapps.com/apps/internet/chat/portable_gaim
 by bacirriu on 7/05/06
+ 7 diggs  
Would PSI not suffice? A local jabber server?
 by meltingrobot on 7/05/06
+ 1 digg  
We use Jive Software's Wildfire server and Spark client. The server is GPL and the client is free going LGPL in the near future.
 by yost on 7/05/06
+ 1 digg  
another vote for wildfire/spark, very stable, hardly takes up any resources and is great for a company environment where no outside im connections are needed or wanted.
 by raden on 7/05/06
- 3 diggs  
I can't get it to connect (not that I have many options to fiddle with...)
I am behind a pretty restrictive firewall. But Skype and MSN Messenger are able to discover a local SOCKS/HTTP proxy which allows them to connect to their respective service.

Any suggestions? 
[reply]
 by dankoleary on 7/05/06
+ 4 diggs  
Not to start a war here, but why is secure IM necessary? (Other than in a business environment). 
[reply]
 by raden on 7/05/06
+ 9 diggs  
Secure and decentralized IM is already widely available with e.g. Skype, albeit proprietary. And also some IM clients carry an encryption module for use with the centralized ICQ for example.

The Skype network is one rather large one (100 Million+ users?) so it is always nice to have an open alternative.

Personally you could be interested because it is easy enough to eavesdrop on your conventional/insecure IM conversations (as is the case with most direct POP/SMTP-e-mail traffic). That is an important point for many, not just businesses.
 by ZennZero on 7/05/06
+ 15 diggs  
I believe you answered your own question.

But don't forget government use or even regular people in repressive regimes.
 by schmichael on 7/05/06
+ 10 diggs  
Well big telco's might be sharing your Internet traffic with the government, and Google might be using your instant messages for marketing data.

Public key encryption makes sure that only the people you intend to chat with can view your messages.
 by xpaladin on 7/05/06
+ 16 diggs  
You raise a good point -- privacy is a right, not a necessity. It's yours to utilize or throw away as you wish.
 by bontaq on 7/05/06
- 4 diggs  
Good for the paranoid, feels good when you stick it to the man. If everyone is on "the list", then no one is! Have fun breaking that encryption fascists!
 by xbudex on 7/05/06
+ 7 diggs  
One argument for encrypting everything is that currently, encryption makes it look like you have something to hide. If everything is encrypted, then that will not be the case. For example, Skype encrypts voice chat (between two computers) automatically. So a Skype chat doesn't look suspicious. If you have everything encrypted, than you won't look like a criminal just because you want to send something securely. 
 by jbno on 7/05/06
- 2 diggs  
Secure and proprietary communications are at odds with each other. Skype can't be both secure and proprietary. Skype is proprietary, hence it is not secure.
 by deadbaby on 7/05/06
+ 19 diggs  
Why would you want to encrypt IM? Probably for the same reason I don't walk around screaming my private conversations in public. I value privacy. 

Maybe I'm just a tin foil hat wearing liberal but this NSA spying this is very serious to me. I would love to believe America will be free but you know what? I'm just not sure anymore. I don't want the "special police" showing up at my door in 10 years with some IM logs in their hands. Hitler used banking records to persecute the jews. Nixon used wire taps and FBI profiles on Democrats who opposed him. It could happen again. 
 by Arevos on 7/05/06
+ 2 diggs  
"Secure and decentralized IM is already widely available with e.g. Skype, albeit proprietary."

I don't think Skype is quite as decentralised as CSpace appears to be. For instance, Skype remembers my contacts across machines, so there must be at least a centralised server that contains a database of user information. So far as I can see, CSpace does not have this.
 by spengy on 7/05/06
[below viewing threshold, show comment] - 13 diggs  
 by madeingermany on 7/05/06
+ 0 diggs  
I was thinking a lot about writing a new version of Windows.
And I looked out of the window and decided to call it "Vista".
But then I realized somebody was already doing that :(
 by chriscarey on 7/05/06
+ 6 diggs  
I've been using secure chat with 2048 or 4096 bit keys with PSI Jabber client for years...

http://psi-im.org/ 
[reply]
 by schmichael on 7/05/06
+ 6 diggs  
Ditto only with Gaim + OTR (open source & cross platform)

http://portableapps.com/apps/internet/chat/portable_gaim
 by Arevos on 7/05/06
- 2 diggs  
Not quite the same thing. Jabber uses a client-server architecture, and so do all of the other IM protocols. CSpace appears more like WASTE in its implementation.
 by benbalbo on 7/05/06
+ 2 diggs  
@Arevos: According to the PSI WIKI[1], and my general knowledge of public-private key encryption, using the built-in GnuPG facilities of PSI will encrypt your message using the recipient's public key, send via the central server (still encrypted) and deliver the encrypted message to the recipient, who then decrypts it with their public key. Unless PSI covertly encrypts the message with an additional public key so someone else can decrypt it, I don't see how this is any less secure than CSpace's peer-to-peer model. I may be completely wrong, it's not unknown for that to happen, and I'd be happy to be corrected...

[1] http://psi-im.org/wiki/Encryption
 by Arevos on 7/06/06
+ 1 digg  
@benbalbo
Even though the central server has no idea what you sent, it still knows that you have sent something. Traffic analysis can sometimes reveal information that you would want to keep secret. CSpace makes traffic analysis more difficult.

Whether you need such security is, however, another matter entirely.
 by wvdavis on 7/05/06
+ 3 diggs  
There is also BitWiseIM. 
[reply]
 by johnnysokko on 7/05/06
+ 2 diggs  
yeah, bitwise im is a great secure im client.
http://www.bitwiseim.com/
 by Atomic1fire on 7/05/06
[below viewing threshold, show comment] - 8 diggs  
 by Atomic1fire on 7/05/06
+ 7 diggs  
http://www.duggmirror.com/software/World_s_Most_Secure_Instant_Messenger_is_here_!!/
 by karamba_kid on 7/05/06
+ 3 diggs  
I prefer off-the-record. http://www.cypherpunks.ca/otr/ 
[reply]
 by LiquidPenguin on 7/05/06
+ 2 diggs  
Odd, Cspace is blocked from work?! I'll have to wing this comment. 

I like new chat protocols and all, especially secured ones, but I'm more interested in plugins for existing chat programs such as GAIM and Kopete. 
[reply]
 by schmichael on 7/05/06
+ 5 diggs  
See off-the-record (OTR): 
http://www.cypherpunks.ca/otr/

Or just use Portable Gaim (it comes with OTR):
http://portableapps.com/apps/internet/chat/portable_gaim
 by ElectricKetchup on 7/05/06
+ 2 diggs  
I wish Kopete had socks 5 support. (requiring an LD_PRELOAD library to wrap system calls for doing socks5 is lame)

though openssh's built in socks5 support is kinda lame (doesn't do accept or udp)
 by The_Decryptor on 7/06/06
+ 1 digg  
well, Gaim supports new protocols via plugin's, so if somebody has the time, a plugin might be written in future.
 by elephantdog on 7/05/06
+ 1 digg  
Reinvented the wheel a little. What's wrong with gpg+email or ssh+ntalk? Variety is good though, I'll shut my mouth. 
[reply]
 by goat77 on 7/05/06
- 2 diggs  
Can somebody put this on yousendit? the download is down. 
[reply]
 by chilifries on 7/05/06
+ 20 diggs  
"Believe me, its the best IM i have ever seen"

I want to, but I've been hurt so many times before... *sniff*
[reply]
 by Mauricereeves on 7/05/06
+ 4 diggs  
I've been using the Secway SIMP-Lite for MSN Messenger (the preferred IM at work) to communicate off the record with friends and I think it's fine. It insinutates itself as a proxy between Messenger and the actual web and handles the encryption and authentication of methods seamlessly. I couldn't recommend it enough, especially given it's free and the professional edition, which will secure all of your IM clients, including Yahoo, AIM, Yahoo, and Trillian is less than $30.

http://www.secway.fr/us/products/simplite_msn/ 
[reply]
 by YourTechSupport on 7/05/06
+ 3 diggs  
And apparently this is in use by some if not most of Accenture for IMs. 
 by BluKnight on 7/05/06
+ 3 diggs  
I've been using SIMP for a while now. I really like the fact that I can use the MSN client and have it run in the background. Audio and video don't get encrypted, but I don't mind.

I've looked everywhere for similar alternatives. Does anyone else know of any other products that work like SIMP where I can use the MSN Messenger client and have encryption?

I was hoping to compared SIMP against other similar products. If there are no others, I think I'll dish out the $30 for the pro edition once WLM is fully supported and out of Beta.
 by SamL on 7/05/06
+ 3 diggs  
check out www.yaplock.com, its a plugin for the messenger clients that adds an encryption layer. The company seems a bit sketchy though...
 by BluKnight on 7/06/06
+ 1 digg  
Yaplock looks interesting. I was looking over the FAQ and one thing struck me as interesting, it says that some contact may receive strange messages. Has anyone here every tried yaplock? Anyone have any comments about it before I start playing with it?
 by MagnumVP on 7/05/06
[below viewing threshold, show comment] - 6 diggs  
 by RedYoshi on 7/05/06
+ 0 diggs  
Ehh.. the DL link is down. Any help? 
[reply]
 by nilsmo on 7/05/06
- 2 diggs  
Huge HDs + Fast Connection + Creativity = A P2P network of web pages - a new web? Yes a complicated example, but why not?! With P2P, you eliminate a server and open up nearly limitless bandwidth. File sharing need not be the limit. 
[reply]
 by darkwurm on 7/05/06
+ 4 diggs  
Sounds good in theory, but tamperige is always a issue, call me old fashioned, but I like the idea of a secure server that gives you the information strait from the horses mouth and reasonably free from disgruntled teenagers, at least as web stuff goes. Though I do agree that P2P networking has more applications than it is currently being used for.
 by elephantdog on 7/05/06
+ 1 digg  
The main problem is a p2p system usually has terrible latency, so for things like movies and music it works well, but for a small html file it seems slow. Also, it's hard to get going (though the example I give might have more to do with a shitty program and shitty performance): freenet. Hard because you have to have sufficient content before people bother with it. The now decentralized emule is probably the best p2p web network currently available, but everyone uses it for sharing media not small files (browser integration anyone?).
 by NippleNutz on 7/05/06
+ 3 diggs  
www.freenetproject.net

That's exactly what you proposed
 by nilsmo on 7/05/06
+ 1 digg  
The Internet already is already filled with teens. ;-) (myspace, xange, etc.)

Sure people could theoritcally mess with the system - which is why such a P2P internet would have to have a layer of security. Hard to program but not impossible. Not impossible. The person which makes the web page becomes the temporary sole seeder until some of his buddies visit the web site. Possibly, there could be a hybrid model: where there's a central server that's always up which is helped by peers which visit the web site. Et cetera.

And of course there would be tons of legal issues. But we already have that with file sharing ;)
 by nilsmo on 7/05/06
+ 1 digg  
@elephantdog - If peers hosted an entire web site, then one could download the entire web site and after a minute or two have no latency issues with the entire domain. The protocol and the web sites would need to be designed and optimized well, of course. Then maybe your looking at an obsolete web. Good design + good community (digg) -> Sufficient content to build on

@Nipplenutz - bad URL ;)
 by darkwurm on 7/05/06
+ 1 digg  
Site already killed by digg effect... Aside from business trade secret type stuff, I'm unsure of the necessity of this kind of protection, I'm mean if your wife is sniffing out your packets to see what you've been talking about with the Starbucks girls msn account you somehow acquired, you've got bigger problems to be honest. Beyond that if anyone wants to bore themselves with my IM babble they can go ahead.... 
[reply]
 by deadzone on 7/05/06
+ 3 diggs  
Sounds like it does exactly the same stuff WASTE does, which is also open source, p2p, and encrypted.

http://waste.sourceforge.net/

And WASTE works in network conditions other programs don't. Too bad I can't even see the site to check out CSpace. 
[reply]
 by exaviger on 7/05/06
- 1 digg  
ditto!
 by amitheone on 7/05/06
+ 1 digg  
isn't waste supposed to be for small closed groups?
 by amitheone on 7/05/06
+ 1 digg  
or can you generally use it(waste) to communicate with your friends without having to create separate networks and bugging them to be part of them? :)
 by dbr_onix on 7/05/06
+ 3 diggs  
This and WASTE are different, WASTE is more aimed at file transfer, this is more aimed at chatting.. This also seems slightly easier to setup.. I was trying to get a few friends to install WASTE earlier, I managed alright, a friend who is a bit less computer-swavy managed, and another friend who's "better at computers than me" (can't think of a better way of putting it) couldn't get the thing to work.. After he finally got it running and connected, after he restarted it, it refused to take his passphrase..
Getting WASTE setup is a f'king pain, to be honest, once it's running it's fine, but getting enough people to get past that inital setup is.. difficult..

This program looks not bad.. I don't personally have a use for it (FTP/DCC/MSN File Transfer will do for now)
- Ben
 by noof on 7/05/06
+ 2 diggs  
Why not write a jabber compatible client instead? Come on ppl, jabber won't ever be widespread if no one use it. Creating an IM client using an own protocol is like writing a chat client that doesn't use IRC protocol. (I love standards btw :) ) 
[reply]
 by spamalope on 7/05/06
+ 2 diggs  
isnt gtalk jabber?
 by analgesia on 7/05/06
+ 1 digg  
yes, google's gTalk uses the jabber protocol.
 by ahmerhussain on 7/05/06
+ 1 digg  
Jabber does rock.

I prefer Gaim over this though...

Gaim 2.0 looks awsome.
 by elvirs on 7/05/06
- 3 diggs  
what a secret things are you talkin about using your IM to incode it with 2048bit encryption?
`best IM i have ever seen` 
is it your first IM? 
[reply]
 by lowkey on 7/05/06
+ 1 digg  
You could use Silc ( http://silcnet.org/ ) and pipe it over Tor ( http://tor.eff.org ).

Or you could reinvent the wheel. 
[reply]
 by TheIguana on 7/05/06
+ 2 diggs  
It would be more impressive if it used AES.

Iggy :) 
[reply]
 by woadwarrior on 7/05/06
+ 2 diggs  
AES is a symmetric key cypher. CSpace beings a connection with a Diffie Hellman key exchange and then switches to a symmetric key cypher. So, you get the best of both worlds, the security of asymmetric key cryptography and the speeds of symmetric key cryptography. Actually, this is all due to OpenSSL.
 by enzomedici on 7/05/06
+ 0 diggs  

It's secure alright. If I can't get to the site to download and use it, it's 100% secure. 
[reply]
 by karamba_kid on 7/05/06
+ 3 diggs  
This seems that it would only be secure until someone or something (like malware) gets access to your private keys, than all your past conversations would be accessible if they had access to the past encrypted conversations of course. For better security which means perfect forward secrecy use Off-The-Record Messaging. 
[reply]
 by woadwarrior on 7/05/06
+ 3 diggs  
Your private key is encrypted with your password. The private key stays on your machine, encrypted. And as far as forward secracy is concerned, this is exactly the reason why we use Diffie Hellman key exchange. So you get forward secrecy too.
 by Protector on 7/05/06
- 2 diggs  
Wasn't there a prototype encrypted p2p chat client available and pulled off the scene by AOL because the creator of the code did it while employed by AOL? I'll have to find that reference unless someone beats me to it. It required you to move your mouse around to create a completely random [har har] crypto. 
[reply]
 by jpf. on 7/05/06
+ 1 digg  
You are thinking of WASTE: http://waste.sf.net
 by jpf. on 7/05/06
+ 2 diggs  
The mouse movement was used to collect entropy needed to generate a public/private keypair. Modern linux kernels will use a variety of sources to collect entropy, you can get random data by reading from /dev/random. (see http://en.wikipedia.org/wiki//dev/random for more information)
 by Smirnov on 7/05/06
+ 3 diggs  
This is silly. OTR has forward secrecy and backwards deniability. Using just the standard asymmetric encryption will provide you with only forward secrecy. I don't want what I said held against me if my keys are compromised... 
[reply]
 by jpf. on 7/05/06
+ 3 diggs  
I'm glad you brought this up. I think that many people do not understand the deniability aspect of OTR. I know that I didn't. Not until I read the paper describing OTR that is. People who are interested in OTR should read this paper: http://www.cypherpunks.ca/otr/otr-wpes.pdf (It's good stuff, I promise)
 by woadwarrior on 7/05/06
+ 1 digg  
Well, CSpace has perfect forward secracy too :) And your private key is stored encrypted on disk. So I can't say that its absolutely fool proof, but I thinks its pretty good.
 by celebratetoday on 7/05/06
[below viewing threshold, show comment] - 5 diggs  
 by SmeRndmGy on 7/05/06
+ 4 diggs  
Great idea, but it will never catch on. For something like this to be practical it needs to use the AIM network. Most people will not switch to a completely new network just because it is secure. It is probably better than the AIM network in every way, but better doesn't mean anything when it comes to market share. FLAC is better than mp3, but everyone uses mp3. Beta was better than VHS, but everyone used VHS. lots of things are better than AIM, but everyone uses aim. 
[reply]
 by iignotus on 7/05/06
+ 0 diggs  
Gaim + Off the Record + Encryption plugin is all the security you'll ever need, plus it already works with all well-established networks. Not to mention the fact that you can always connect to an SSL proxy with it as well. 
[reply]
 by gamerzworld on 7/05/06
+ 1 digg  
http://duggmirror.com/software/World_s_Most_Secure_Instant_Messenger_is_here_%21%21/88b0a31a6cef032e66de62cf28a9f5fa_shot3.png
Shure it might be fine to send your credit card info over the chat but sending it to a guy named bob.......that's scary........ 
[reply]
 by waynechng on 7/05/06
+ 2 diggs  
Has anyone here tried Hamachi (www.hamachi.cc)? Very similar features. 
[reply]
 by jpf. on 7/05/06
+ 2 diggs  
Similar yes, except for the fact that it is closed source. That is to say, who knows if Hamachi really is a secure as the authors claim it is?
 by Improbus on 7/05/06
+ 2 diggs  
As far as I know Hamachi does not have proxy support yet.
 by MrKite on 7/05/06
- 3 diggs  
This looks to be a good tool for terrorists and people committing adultery, but how in hell will this even be noticed by the millions of people who use AIM and MSN? If it doesn't support AIM or MSN, then only people with something to hide will download it. 
[reply]
 by MarkByers on 7/05/06
+ 3 diggs  
Who cares whether they notice it or not? If you really want to send all your messages unencrypted and in public then be my guest. But please don't complain when you find out that I (or someone else) has been reading them. The choice is yours.
 by MrKite on 7/05/06
+ 1 digg  
I couldn't care less if you read my messages. You'd have to have one helluva dull life, so be my guest. ;)

No matter what you do, encrypt or not, there will always be a way to read electronic information.
 by woadwarrior on 7/05/06
+ 0 diggs  
The site is up again. 
[reply]
 by newzman on 7/05/06
[below viewing threshold, show comment] - 6 diggs  
 by gukid on 7/05/06
- 4 diggs  
I don't see why encryption in instant messaging is such a big deal. Imagine encryption in email. There would still be spam/phishing schemes, and people would still fall for it. IMs really aren't any different, it's just a false sense of security. 
[reply]
 by Robizzle01 on 7/05/06
+ 3 diggs  
I like the idea of all my chat not going through AOL's centralized servers. Also very nice that many other applications may be built off of this. Who knows what we could do with this if more users switched. For starters, any online video game could use this for peer to peer play. Sure, hackers and cheats become a problem but there are many solutions available. 
[reply]
 by Jammerdelray on 7/05/06
- 3 diggs  
don't need it, my zone alarm security suite secures all IM's and scans for viruses and stuff as well as IM spam protection 
[reply]
 by Napalm05 on 7/05/06
+ 4 diggs  
ignorance is bliss
 by n3td3v on 7/05/06
+ 3 diggs  
"don't need it, my zone alarm security suite secures all IM's and scans for viruses"

ha! thats going in my quote book of all time funny and misguided comments.
 by madeingermany on 7/05/06
+ 3 diggs  
you forgot your <irony> tags!
Otherwise people take you dead serious here....
 by Hebrewhammer913 on 7/05/06
+ 2 diggs  
Well at least there wont be names like XX00X0xoxOxo Iloveyou Xo0ox0xox0ox 
[reply]
 by TheSiz on 7/05/06
+ 2 diggs  
Unless you are a bit paranoid or do, in fact, share lots of private information through IM, I don't see why this is useful. I don't think this will catch on with the average user because the average internet user is just not interested in switching to a completely different network and probably does not have the motivation to educate him/herself about why such an IM client would be useful in the first place.

That being said, the technology behind it sounds very interesting. I'll definitly be reading up on it. 
[reply]
 by sybrows on 7/05/06
+ 2 diggs  
2 yogurt pots and a length of string, that should suffice. Paronoia!!! cha 
[reply]
 by amitheone on 7/05/06
+ 1 digg  
Did I miss out something? The cspace site doesn't seem to claim itself as an Instant Messenger but a platform, so i guess the title of this digg is slightly incorrect!
The 'platform' part seems interesting; though the site doesn't seem to have any instructions for one to make use of the platform other than to use the existing set of applications
One can always download the source and check out as to how to add their app but spoonfeeding's always good :) 
[reply]
 by rdwtux on 7/05/06
+ 4 diggs  
Just what most ppl need... an IM they can add along with MSN, Yahoo!, Google Talk, Skype and AIM to their desktop.

I think I'd rather see companies working on compatibility (maybe Jabber) than continually inventing new protocols. 
[reply]
 by madeingermany on 7/05/06
+ 1 digg  
While my first thoughts were along the same line (and you left out ICQ), even good open standards like Jabber shouldn't be a cause to stop innovation.
I really like the secure architecture of the CSpace platform, let's see where it goes.
After all CSpace is also an open protocol.


-- 


"Feel free" – 10 GB Mailbox, 100 FreeSMS/Monat ...
Jetzt GMX TopMail testen: http://www.gmx.net/de/go/topmail