Comment by NelsonMinar
13 years ago
It surprises me that IRC is used. In part because IRC is old and crufty and, I fear, not very secure. Also because IRC isn't some milspec contract that made some insider hundreds of millions of dollars. It's great to adapt an existing chat technology but it surprises me.
I recently read "Predator: The Remote-Control Air War over Iraq and Afghanistan: A Pilot's Story" and it talks a lot about how UAV pilots hang out in chat rooms sharing intel during operations. Asynchronous text is the perfect medium for this kind of thing; low bandwidth, doesn't require a lot of attention. Just crazy to think it'd be IRC.
It is easier to ensure absolute security of the transport layer and the physical facilities the computers are in, as opposed to designing absolute security of every application.
The DoD runs its own worldwide IP network called DISN, on top of which many compartmentalized networks run. Check out http://upload.wikimedia.org/wikipedia/commons/6/6f/Intel_Gre... for a visual example.
I often come across these types of comments about the IRC protocol being 'crufty,' 'old,' etc. I recently (a year ago) implemented a subset of the IRC protocol for a project and I thought it was fairly modern, and not difficult to work with.
Yes, IRC has some problems, it wasn't built with security in mind. I think dsl below offers a solution to some of these concerns.
But this still leads me to ask the question, what does a modern distributed chat protocol look like?
Uh, how does dsl offer a solution?
dsl the user: http://news.ycombinator.com/item?id=5148079
IRC is a fine protocol and there are fairly straightforward methods for providing authenticated and encrypted access to private IRC servers.
Indeed. The client "mIRC" has a few well-known security bugs and hasn't been maintained for ages, but there indeed is nothing wrong with the protocol when using more modern clients. It can be as secure as necessary through various extensions, and ofcourse running it over SSL.
Isiode offers M-Link, its military XMPP solution : http://www.isode.com/solutions/military-xmpp.html - I guess there are others... Does anyone here know them ?
At the very least, IRC let use encrypted SSL connection. Then, they may have their own IRC server implementation with special security requirements. I'm more concerned they use windows and mIRC, actually.
Yeah but it is optional, meaning it only takes one person in your channel with it switched off to make the whole thing pointless.
As someone above said, they deal with it by making the whole network secure and not worrying about the irc application being secure.