Dear Eleanor, On Sep 30, 2014, at 2:48 PM, Eleanor Saitta <e...@dymaxion.org> wrote: > I don't have any field stories that I have permission to share, but > yes, I've heard of specific incidents.
Incidents involving our software? > More generally, it represents > an utter lack of awareness on the part of developers for the security > risk analysis choices faced by individuals actually at risk. What lack of awareness? How about you actually try the software before you go around insulting it and its developers? > There are very good reasons why tools that attempt to provide > deniability may actually significantly harm field outcomes, something > which developers seem to not understand. And there are very good reasons why this statement of yours is bunk when applied to Espionage: http://www.reddit.com/r/security/comments/2b5icu/major_advancements_in_deniable_encryption_arrive/cj24a1n You are welcome to criticize our software based on knowledge and experience that you actually have, but don't go around making up nonsense and applying said nonsense to software that you admit having not tried. On the other hand, criticizing Espionage for not being free is a fine, legitimate criticism, and something that I'd be happy to brainstorm with you if you'd like to find a solution for how to get it to those activists who need it but cannot afford it. You can email me privately either at this email about that or to: cont...@taoeffect.com My GPG key info is stored in Namecoin at id/greg: dns.dnschain.net/id/greg Kind regards, Greg Slepak -- Please do not email me anything that you are not comfortable also sharing with the NSA. On Sep 30, 2014, at 2:48 PM, Eleanor Saitta <e...@dymaxion.org> wrote: > Signed PGP part > On 2014.09.30 18.01, Jonathan Wilkes wrote: > > Hi Eleanor, I understand the logic of the argument, but are there > > news stories about people being harmed in the field due > > specifically (or mainly) to deniability of the software they are > > using? (Or research on the topic, though I'm not sure how it could > > be a falsifiable or reproducible.) > > I don't have any field stories that I have permission to share, but > yes, I've heard of specific incidents. More generally, it represents > an utter lack of awareness on the part of developers for the security > risk analysis choices faced by individuals actually at risk. > > E. > > -- > Ideas are my favorite toys. > > -- > Liberationtech is public & archives are searchable on Google. Violations of > list guidelines will get you moderated: > https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, > change to digest, or change password by emailing moderator at > compa...@stanford.edu. > -- Liberationtech is public & archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
