On Oct 2, 2014, at 6:54 AM, Eleanor Saitta <e...@dymaxion.org> wrote:
> > On 2014.10.01 04.22, Greg wrote: > > On Sep 30, 2014, at 2:48 PM, Eleanor Saitta <e...@dymaxion.org> > > wrote: > >> I don't have any field stories that I have permission to share, > >> but yes, I've heard of specific incidents. > > > > Incidents involving our software? > > No, incidents involving "deniable" encryption systems. There are different types of deniable encryption systems, with very _different_ deniability properties. It is therefore erroneous to make sweeping claims about all of them, *especially* when you haven't looked into the details. > Have you done field research on the real-world outcomes of deniable > encryption systems and how they shape the outcome of hostile field > interrogation? Unlike you, I've done my homework and researched the deniability properties of encryption systems and why some are better than others. In my research, I have not found any information where X deniability system lead to Y outcome for Z reasons. If you have such research, please forward it to me, I will read it. Now, I repeat my previous question/request: > > How about you actually try the software before you go around > > insulting it and its developers? Re this: > So, game theory is all well and good, but you'll have to excuse me if > I note that adversaries in the field that are likely to rip your > fingernails off don't do game theory proofs. I wasn't the one making game theory proofs. Go back and read again. > Again, field data or nothing. If there is no useful field data, I'm afraid you'll just have to be disappointed. I can make a quip like this too though: "RTFM or STFU" :P Kind regards, Greg -- Please do not email me anything that you are not comfortable also sharing with the NSA. On Oct 2, 2014, at 6:54 AM, Eleanor Saitta <e...@dymaxion.org> wrote: > Signed PGP part > On 2014.10.01 04.22, Greg wrote: > > On Sep 30, 2014, at 2:48 PM, Eleanor Saitta <e...@dymaxion.org> > > wrote: > >> I don't have any field stories that I have permission to share, > >> but yes, I've heard of specific incidents. > > > > Incidents involving our software? > > No, incidents involving "deniable" encryption systems. > > >> More generally, it represents an utter lack of awareness on the > >> part of developers for the security risk analysis choices faced > >> by individuals actually at risk. > > > > What lack of awareness? > > > > How about you actually try the software before you go around > > insulting it and its developers? > > Have you done field research on the real-world outcomes of deniable > encryption systems and how they shape the outcome of hostile field > interrogation? If so, I'd love to see the research that you've done > that justifies the feature set you've selected, because this would be > a seriously amazing addition to the field (I'm completely sincere here). > > 95+% of the time when I see people talking about deniability, they > have no direct field experience to back up their assertions of > utility, and the arguments they make look exactly like yours. If > you're going to contest my statement, feel free to provide reliable > field data. Short of that, you're simply wrong here. > > > You are welcome to criticize our software based on knowledge and > > experience that you actually have, but don't go around making up > > nonsense and applying said nonsense to software that you admit > > having not tried. > > So, game theory is all well and good, but you'll have to excuse me if > I note that adversaries in the field that are likely to rip your > fingernails off don't do game theory proofs. Again, field data or > nothing. > > E. > > -- > Ideas are my favorite toys. > > -- > Liberationtech is public & archives are searchable on Google. Violations of > list guidelines will get you moderated: > https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, > change to digest, or change password by emailing moderator at > compa...@stanford.edu. -- Liberationtech is public & archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
