On Fri, Dec 12, 2014 at 4:36 PM, Eleanor Saitta <[email protected]> wrote: > On 2014.12.12 10.05, Natanael wrote: >> I see this as a problem of education, not inherently of the >> technology. There's no reason for anybody to find a text file >> convincing without knowledge about where it comes from. > > If plan A involves "educate the whole world so they just get it", > you're going to a) want a plan B in a hurry, and b) maybe want to hire > a new planner.
(late reply, but its better than nothing) If your plan A is "build a tool that can't be used wrong", you'll never get out of the alpha stage. Chances are you might not even get TO the alpha stage. There's no such thing as education-free security. Look at https://reddit.com/r/talesfromtechsupport - people will routinely circumvent everything that's been put in place to protect them, including falling for a phishing email's instructions to disable your AV and running malware as admin. They enable external sources in Android because of a popup and installs random apk's (app packages). On iOS, you've got all the classic phishing attacks that aim for your account credentials. So you make it impossible to do anything bad? Your tool will be useless, because it won't be possible to do anything good with it either. Even with a dedicated keyring device like a Yubikey or smartcard which is trivial to use with all their hardware, with no possibility to extract key and with simple authentication mechanisms, they'll forward chain mail and sign things they shouldn't and leak their contact lists. With a fully dedicated communication device like a hardened smartphone, all of the above will remain true, and chances are they will ditch it completely for a less secure device (rendering all your work useless) if it lacks features they want. >> For myself, I've never yet been part of a discussion interesting >> enough for deniability to matter. As in I'm still young and haven't >> yet been making any negotiations with a potential employer in a >> field where it matters, or anything else with high stakes. > > Wow, really? It doesn't show at all in your understanding of this > subject. How mature. Once again, just because you haven't personally seen any case where it makes a difference, it doesn't mean there never will be. As said previously, removing deniability is what violates common expectations, not its existance. Nobody expects that everything they've ever said can be provably be held against them decades later. My comparison to things like crumple zones in cars remains, and I'll add another; fire zones in buildings. Just because you've never seen a fire and the most common physical threat is something vastly different, nobody would seriously build anything larger a few hundred m^2 without firewalls and fire resistant doors to divide it into zones that can contain fires to slow it down. Nobody would remove it because you want them to spend that time working on something you prioritize higher. Also, I can't really figure out who your target audience is. Average Joe? They don't honestly need much more than what already exists, TextSecure and others works fine, even WhatsApp would honestly be acceptable if they added the option for public key verification now that they improved the cryptography. Journalists and other people at high risk? Here's the thing, telling these people they should use a tool any different from what Average Joe uses will both be frequently ignored (you've already said above you don't expect people to learn why) AND automatically put the rest of them at higher risk as they'll flag themselves as targets. Look at the NSA leaks, they track encrypted traffic and flag it, don't you think every nation in the world with the technical capabilities is doing that already too? If the tools can be told apart, the anonymity set for those who need higher security will be laughable. If you aren't willing to abandon the people at higher risk and who needs higher security margins and better defence against a wide class of attacks, you WILL want the standard tools to be secure against a wide class of attacks and you WILL want the majority of people use them even if they go far beyond what Average Joe needs. It is called herd immunity! _______________________________________________ Messaging mailing list [email protected] https://moderncrypto.org/mailman/listinfo/messaging
