On Sun, 2011-10-23 at 00:39 -0500, Nick Daly wrote: > I know it seems slow at times, but there are a lot of reasons we need to > do (certain features) right the first time. The best example is the > Haystack Project [0] which, unfortunately, leaked user information and > actually did more harm to users because they *thought* their information > was protected when it wasn't. The worst thing we can do is to project > an incorrect *image* of security on an insecure project (personal > security theatre).
I agree on the importance on accuracy in our image of security. I don't know if we or anyone can responsibly project an image of *perfect* security. Absent perfect security, an image of "avoiding the risks of a centralized server, but still containing risks" seems responsible to me. I'm not sure what more we /could/ say, since no one can predict all possible problems. If the "worst thing we can do is to project an incorrect *image* of security on an insecure project", I contend we should consider not projecting an image of perfect security, which I consider impossible. I suggest we say we are imperfect but avoid the flaws of a centralized server and the code is Free so you can read and modify it. Besides, many users don't need serious security. For them "right" may have a low threshold. > If we need to do it right the first time, doing it right takes a long > time, and we need to get it out the door now, then leaving those > features out of the first release might be the right approach. Doing it > wrong (misleading people with our image) does a lot more harm than doing > it slowly (because people *do* trust us to do it right the first time, I > know I do). "right" doesn't /have/ to take a long time, especially for some users, as you said. I agree with the image issue. Projecting perfect security when we don't have it could cause irreparable problems. As I wrote above, I believe projecting imperfect security will help many people while being more accurate, in my opinion at least. _______________________________________________ Freedombox-discuss mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss
