Sowohl das Europaparlament als auch die Bundeswehr verwenden die US-amerikanische Konferenzplattform #Webex. Beim der #Taurus #Abhöraffäre war das aus vielen Gründen besonders fatal:
Ende-zu-Ende-Verschlüsselung #E2EE war nicht aktiviert und wird von Webex kaum unterstützt
Analoge Telefoneinwahl aus dem Ausland ist natürlich leicht abhörbar
Offensichtlich keine Prüfung, wer alles teilnahm; Spoofing ist einfach
US-Anbieter sind für die USA grundsätzlich abhörbar (ohne #E2EE)
Jetzt oder nie: Wir brauchen eine Kommunikations-Souveränitätsoffensive, die offene, selbst betriebene, metadatensparsame und sicher #E2EE verschlüsselte Kommunikation zur Selbstverständlichkeit macht! Herr Bundeskanzler, Frau EP-Präsidentin, übernehmen Sie!
#Piraten
Both the European Parliament and the German Armed Forces Bundeswehr use the US conference platform #Webex. In the #Taurus #wiretapping affair, this was fatal for many reasons:
End-to-end encryption #E2EE was not activated and is barely supported by Webex
Analog telephone dial-in from abroad is of course easy to intercept
Obviously no check of who was dialed in, spoofing easy
US providers can always be intercepted by the US (without #E2EE)
Now or never: We need a communication sovereignty offensive that makes open, self-operated, metadata-saving and securely #E2EE encrypted communication a normality! Mr Bundeskanzler, Ms EP President, take it from here please!
#Pirates
@echo_pbreyer The German government use Matrix - right? They even list the Bundeswehr here. If so, the solution already exists.
@troed @echo_pbreyer Personally I wouldn't consider Matrix a solution for that specific problem.
But YMMV...
@troed have they finally implemented video codecs to their SIP bridge? And beside that: when users are using a not-secure system despite the fact that they could use a secure system, then this is not a technical issue and would be the same with other tools.
@echo_pbreyer
@troed @echo_pbreyer See https://www.spiegel.de/politik/deutschland/boris-pistorius-individueller-anwendungsfehler-als-grund-fuer-abgehoerte-telefonkonferenz-a-e77aed7d-578a-4a88-951a-2d666332486e (German) for details. The reason for that leak was a person in Singapore using an insecure connection to connect to Webex (like GSM or Hotel Wifi).
That failure can happen with any other tool.
I'm sorry but I don't see it. If you run Matrix (E2EE) over a mobile connection or hotel wifi no one can intercept the traffic. The tool does make a difference here.
@echo_pbreyer I thought #bundeswehr is already using #element and #matrix
So there already is a solution deployed that is fully self-operated and support #E2EE
Wouldn't it be the correct move to invest more into this to fully replace WebEx in the future?
@tgwtgs1589 @echo_pbreyer group calls in matirx/element currently use jitsi which isnt e2ee there is very active work on element call which is native group calls in matrix which are e2ee but its not quite ready yet
OK interesting. Actually I understood that it is by now. But apparently you are correct (I think?) https://element.io/blog/element-call-beta-2-encryption-spatial-audio-walkie-talkie-mode-and-more/amp/
However in best case scenario a European solution could contribute to the open standard in order for being usable for every country. Why shouldn't we all profit from such a solution if it's paid from our tax money?