Re: [liberationtech] 15 years later, why can't Johnny still not encrypt?

[Tempest]

Patrick Schleizer:

> Lurid headlines have a point. 

yes. clicks. sad that a tech discussion needs to go the way of buzzfeed.

> carlo von lynX has a goal. That is,
> getting people using encryption software better than gpg. [We don't
> have to agree how better defines for this argument.]

i disagree. considering the software he hypes the most is pond, and the
developer explicitly states that one should use gpg if they want
security, with a direct link to the software from his page, an op-ed
piece that gives off the initial impression that one shouldn't use gpg
because pond is "better" is rather dishonest. given how many times this
point has been ignored, i consider it trolling for clicks.

> People using lurid headlines aren't necessarily trolling. Controversy
> is a rhetoric device used in hope to get closer to the goal.

controversy can be used without encouraging an otherwise reckless
behavior. "why pgp sucks" would be more controversial without the direct
implication that it shouldn't be used.

> And I must say carlo von lynX did a good job starting that in my
> opinion very much needed discussion.

right. because the subject has never been broaced before, as the title
of this thread shows. ;-)


-- 
Liberationtech is public & archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.

Re: [liberationtech] 15 years later, why can't Johnny still not encrypt?

[Patrick Schleizer]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Tempest:
> carlo von lynX:
>>> no, there are several unnecessary problems that people are
>>> confronted with specifically with pgp. you are talking as if
>>> the 15 reasons weren't there and weren't real. we're just
>>> making things up.

> from the start, i've stated they simply don't support the reckless
> title of your article.

Lurid headlines have a point. carlo von lynX has a goal. That is,
getting people using encryption software better than gpg. [We don't
have to agree how better defines for this argument.]

To my observation, it's not the most accurate, least emotional
articles, slogans, speeches etc. which are capable of attracting most
attention, starting a big discussion which ultimately may lead to
change. It's those with lurid headlines.

People using lurid headlines aren't necessarily trolling. Controversy
is a rhetoric device used in hope to get closer to the goal.

And I must say carlo von lynX did a good job starting that in my
opinion very much needed discussion.

-BEGIN PGP SIGNATURE-

iQJ8BAEBCgBmBQJS2d1nXxSAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ5QjE1NzE1MzkyNUMzMDNBNDIyNTNBRkI5
QzEzMUFEMzcxM0FBRUVGAAoJEJwTGtNxOq7v+K8P/jjKjr0MzbZ078UOAZHtyRs1
T28xuwhOgEC4n3keQ/rR2mondws8uG3Qnaz6z6eK9NrQ/DD+P4+dwNZ1ZbWiTUWS
JrP2vk0Nv01na3y9t6EdQNlUdlH4FV0LE2gQZ/MXSNWExMKxTfhdMxNQslTvuME7
uZoQyNGBGmGy/mDv4nsmR1MkjaPvLU5fiDLzVRhCjzYx29RmVffdVKMz+iOTlG1/
ZDFGeRqw13D7go0gy3w551ES/nklAAG5pEawjPmkamSfH0+xbeMKkb3aq+Kfj5Lk
LKVfsY0w+QdOcA2vhwR25xHF2YxFu8Cf+eq0kBIdO5fBOzcc48yA0UjnpqqVC3Nj
TSoqH2TlLvj7kebpfEPdrMsjDXwW/ptyDiB2P4JDBwnUB+7uhqGmAvBbvraBN8FX
XL/nEfoidgJ2krus7eohfgNfEzsNwXyGUpI6vdXJbsUyi0yqQUu9WSJ3ijFm3RBd
i97NoRgMiAwk/wydg7yhJAkjssX4lRAMiOa0s12arMXm+ZS9V+biuWCskTb0/Icz
XUTGIMEEfFC30UpMYyrJWM5XVafcWDhDgMkksbD3ppovbP4JqG8hiemEX5OhFnMn
jIaoGmdblmZKHrZvMeQ8XV+R6qB6sW+lTAD5Q04Yn3kQ2C0hcMLkUL781dA7QMd1
0uiGp6BRZ+jVzBYhgb8f
=nZhi
-END PGP SIGNATURE-
-- 
Liberationtech is public & archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.

Re: [liberationtech] 15 years later, why can't Johnny still not encrypt?

[Tempest]

carlo von lynX:
> 
> no. the title is correct. there are better tools, so don't start
> with PGP. 

"better" is the wrong term to use for programs that are yet to be
audited, espcially when the one you hype the most, pond, has an explicit
warning from the author to use gpg if you need security. this has been
pointed out to you multiple times before, and you simply ignore it.
thus, it calls your entire op-ed into question.

> the document explicitly states that PGP is better than nothing,

and the headline doesn't, all while the article claims unaudited
software is better, despite clear warnings otherwise. lol.
but, yes, i'm the one trolling you.

-- 
Liberationtech is public & archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.

Re: [liberationtech] 15 years later, why can't Johnny still not encrypt?

[carlo von lynX]

On Thu, Jan 16, 2014 at 06:25:07PM +, Tempest wrote:
> > you are making that claim, not me. i am saying there are better tools.
> 
> then change your reckless headline/title. it's that easy. otherwise,
> you're being dishonest in your trolling for attention.

no. the title is correct. there are better tools, so don't start
with PGP. that is a correct assessment and you are trolling me.

the document is aimed at multipliers as present in this mailing
list who have the competences to make those better tools usable
for the general population.

the document explicitly states that PGP is better than nothing,
but if condoms without latex are better for you (bad example you
brought up, as we should all be allergic to SMTP.. not just a few
of us) then don't start to use those based on latex.

-- 
Liberationtech is public & archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.

Re: [liberationtech] 15 years later, why can't Johnny still not encrypt?

[Tempest]

carlo von lynX:
> no, there are several unnecessary problems that people are confronted
> with specifically with pgp. you are talking as if the 15 reasons
> weren't there and weren't real. we're just making things up.

from the start, i've stated they simply don't support the reckless title
of your article. "condoms are uncomfortable. sometimes they break.
they're easy to use wrong. did you know the holes in latex are bigger
than the hiv virus? you shouldn't use them." same reasoning as your op-ed.



> you are making that claim, not me. i am saying there are better tools.

then change your reckless headline/title. it's that easy. otherwise,
you're being dishonest in your trolling for attention.



-- 
Liberationtech is public & archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.

Re: [liberationtech] 15 years later, why can't Johnny still not encrypt?

[Tempest]

coderman:
> 
> journalists and human rights workers are motivated like never before,
> and likely more sophisticated.  however they still struggle with
> technical tools for strong privacy.

i think you and i are miscommunicating. i'm not referring to the "why
johnny can't encrypt" work. i'm referring to the op-ed piece which
recklessly proclaims in its title that people "sholdn't use" gpg.


-- 
Liberationtech is public & archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.

Re: [liberationtech] 15 years later, why can't Johnny still not encrypt?

[Mrs. Y.]

I actually had to teach reporters to use email encryption. Thunderbird
portable app on Ironkey with enigmail plugin. This was prior to Enigmail
panty-twisting privacy leak.

It was painful. Not because they were stupid, but because it's still so
convoluted.

On 1/16/14 9:51 AM, coderman wrote:
> On Thu, Jan 16, 2014 at 6:20 AM, Mrs. Y.
>  wrote:
>> ...
>> http://www.edge.org/conversation/smart-heuristics-gerd-gigerenzer
> 
> 
> your caloric heuristic optimization,
>  is my bug.
>   (now if only we could patch wetware! ;)
> 
> 
> Tempest: perhaps we should clarify incentives.  Johnny has zero
> incentive in the modern social world to use crypto, and high barriers
> to any interest that does occur.
> 
> journalists and human rights workers are motivated like never before,
> and likely more sophisticated.  however they still struggle with
> technical tools for strong privacy.
> 
> my challenge was to the cypherpunks list for digital monies; favorable
> selection if there ever was!  yet still not 100% and some contexts
> place severe penalties on even a single, innocent failure.
> 
> 
> 
> as for the title and research, it does not imply encryption is useless
> and should be abandoned.  it does imply that casual, less technical
> users (Johnny) need a system which is intuitive, fails safe, and
> unambiguously expressive about failures.
> 
> any improvement to usability is useful.  we certainly need much
> improvement for pervasively employed end-to-end privacy.
> 
> 
> 
> best regards,
> 
-- 
Liberationtech is public & archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.

Re: [liberationtech] 15 years later, why can't Johnny still not encrypt?

[carlo von lynX]

On Thu, Jan 16, 2014 at 12:58:37PM +, Tempest wrote:
> > a direct, demonstration / walk through is a very different learning
> > experience compared to manuals and command lines staring back at you
> > from the abyss.
> 
> we're past that though. there is gui implementation of gpg. the "hard"
> part largely comes down to it being a new concept for novices.

no, there are several unnecessary problems that people are confronted
with specifically with pgp. you are talking as if the 15 reasons
weren't there and weren't real. we're just making things up.

> again, i'm not taking issue with the notion that installing and using
> gpg is dificult. i take issue with the reckless headline that states it
> shouldn't be used, particularly given what is stated in the op-ed. "math
> is tough so you shouldn't learn it." sounds silly, no?

you are making that claim, not me. i am saying there are better tools.
instead of insisting on a broken horse carriage, start building a car:

1. get a peer review because they deserve it
2. get better UI and UX because it *can* be done
3. get your hands dirty improving code
4. produce packages for f-droid and other OS distributions
5. use software that doesn't mess up if you click the wrong thing

you can reach me on both pond and retroshare, to name two of them.

what i am saying is that if they aren't peer reviewed enough that is
not an excuse to stick with horse carriages but a reason to start
working on it. after all it's a feasible path to take, while fixing
pgp over smtp is impossible.

remember when skype got popular? it took johnny five minutes to start
having end-to-end encrypted chat and telephony. too bad it was a
commercial product so they broke it a year or two later - but it
was the proof of concept that it can be achieved. sure, doing it
without trusting a company is more difficult, but i named several
tools that solved that problem.


-- 
Liberationtech is public & archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.

Re: [liberationtech] 15 years later, why can't Johnny still not encrypt?

[coderman]

On Thu, Jan 16, 2014 at 6:20 AM, Mrs. Y.
 wrote:
> ...
> http://www.edge.org/conversation/smart-heuristics-gerd-gigerenzer


your caloric heuristic optimization,
 is my bug.
  (now if only we could patch wetware! ;)


Tempest: perhaps we should clarify incentives.  Johnny has zero
incentive in the modern social world to use crypto, and high barriers
to any interest that does occur.

journalists and human rights workers are motivated like never before,
and likely more sophisticated.  however they still struggle with
technical tools for strong privacy.

my challenge was to the cypherpunks list for digital monies; favorable
selection if there ever was!  yet still not 100% and some contexts
place severe penalties on even a single, innocent failure.



as for the title and research, it does not imply encryption is useless
and should be abandoned.  it does imply that casual, less technical
users (Johnny) need a system which is intuitive, fails safe, and
unambiguously expressive about failures.

any improvement to usability is useful.  we certainly need much
improvement for pervasively employed end-to-end privacy.



best regards,
-- 
Liberationtech is public & archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.

Re: [liberationtech] 15 years later, why can't Johnny still not encrypt?

[Mrs. Y.]

Human's aren't cognitively flawed. The human brain is a cognitive miser,
utilizing smart heuristics to process more efficiently. Check out the
king of Bounded Rationality, Gerd Gigerenzer. The brain optimizes to
conserve calories.

http://www.edge.org/conversation/smart-heuristics-gerd-gigerenzer

On 1/16/14 7:26 AM, coderman wrote:
> On Thu, Jan 16, 2014 at 4:25 AM, coderman  wrote:
>> ...
>> usability with respect to security and privacy technology a great
>> challenge worthy in many facets.
> 
> 
> also required reading,
> 
> Peter's BlueHat talk on congitively flawed humans:
>   http://www.cs.auckland.ac.nz/~pgut001/pubs/psychology.pdf
> 
-- 
Liberationtech is public & archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.

Re: [liberationtech] 15 years later, why can't Johnny still not encrypt?

[Tempest]

coderman:
> 
> a direct, demonstration / walk through is a very different learning
> experience compared to manuals and command lines staring back at you
> from the abyss.

we're past that though. there is gui implementation of gpg. the "hard"
part largely comes down to it being a new concept for novices.

> usability with respect to security and privacy technology a great
> challenge worthy in many facets.  you speak from experience teaching
> others - your input on specifics of successfully teaching others,
> rather than dismissal of anecdotes, is certainly needed!
> (as are others reading this list who otherwise lurk compulsively ;)

the means i've used to walk others through the process involved either
instant messaging or irc. hardly ideal communication mediums for
instructing novice users. but, in the end, it worked and the people use
it now. i also have a section of a tutorial i've drafted that details
how to install enigmail in icedove with images at very step. the release
of the tutorial is on hold until an issue in whonix is fixed though.

again, i'm not taking issue with the notion that installing and using
gpg is dificult. i take issue with the reckless headline that states it
shouldn't be used, particularly given what is stated in the op-ed. "math
is tough so you shouldn't learn it." sounds silly, no?


-- 
Liberationtech is public & archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.

Re: [liberationtech] 15 years later, why can't Johnny still not encrypt?

[coderman]

On Thu, Jan 16, 2014 at 4:36 AM, Mick Fuzz  wrote:
> ... try this out, it's as close as I could replicate the
> experience of talking someone through it.
>
> https://p2pu.org/en/groups/encrypt-and-sign-your-email/
>
> other version as 'work book on http://flossmanuals.net/thunderbird-workbook/

this looks useful and interesting; i'll continue to review as time permits!



> The key is that you get a chance to download and send an email to a real
> human (me) and get a reply saying it worked.

this helped in some but not all (specifically not two) experience i've
had performing same over a voice, screencast, or video conference
system.


as an experiment in the other direction, i attempted to make sending
an encrypted mail as difficult and confusing as possible.

i made a key:
- with a creation date that was clearly invalid
- with an identifier not tied to any email address or stored in any keyserver
- with a cipher suite known to cause compatibility issues (3k DSA)
- with a comment that would do nothing except leave you head scratching...
 , and requested an encrypted email to it for chance at bitcoins.

results:
- 63 successful players
- 3 failed attempts
- 1 anon recipient! (extra credit :)

however, zero successes from few who attempted to reply to a reply.
almost every email client tested will reply to a previously encrypted
message in plain-text without any obvious indicators if the recipient
key does not match one previously stored. see above-^


best regards, and thank you for your efforts improving privacy! you
should create a coin tipjar or donation address :)
-- 
Liberationtech is public & archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.

Re: [liberationtech] 15 years later, why can't Johnny still not encrypt?

[Mick Fuzz]

On 16/01/14 12:25, coderman wrote:
> a direct, demonstration / walk through is a very different learning
> experience compared to manuals and command lines staring back at you
> from the abyss.

I agree but try this out, it's as close as I could replicate the
experience of talking someone through it.

https://p2pu.org/en/groups/encrypt-and-sign-your-email/

other version as 'work book on http://flossmanuals.net/thunderbird-workbook/

The key is that you get a chance to download and send an email to a real
human (me) and get a reply saying it worked.

It could certainly be improved with comments from people on this list
(probably on the comments section rather than on this list)
An automated version ala code academy surely isn't beyond the realms of
possibility.

A agree with the comments that indicate that it is now tactical to
insist on encryption. I think we can encourage partner organisation to
insist that the their employees encrypt certain types of email. When
it's just 'part of the job' then people will do it.

thanks
Mick

-- 
---
@mickfuzz - m...@flossmanuals.net 
FLOSS Manuals - www.flossmanuals.net
FLOSS Manuals Foundation - www.flossmanuals.org

-- 
Liberationtech is public & archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.

Re: [liberationtech] 15 years later, why can't Johnny still not encrypt?

[coderman]

On Thu, Jan 16, 2014 at 4:25 AM, coderman  wrote:
> ...
> usability with respect to security and privacy technology a great
> challenge worthy in many facets.


also required reading,

Peter's BlueHat talk on congitively flawed humans:
  http://www.cs.auckland.ac.nz/~pgut001/pubs/psychology.pdf
-- 
Liberationtech is public & archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.

Re: [liberationtech] 15 years later, why can't Johnny still not encrypt?

[coderman]

On Thu, Jan 16, 2014 at 3:36 AM, Tempest  wrote:
> ... the fact that i have walked novice computer
> users through installing and using gpg shows that the level of
> difficulty is debatable...


a direct, demonstration / walk through is a very different learning
experience compared to manuals and command lines staring back at you
from the abyss.

you'll note that the MIT experiment described the nature of this
knowledge transfer: "as the first reading"

for example, http://opensecuritytraining.info/Why.html explicitly
tailors instruction around an instructor led multi-session/multi-day
explorations of the subject matter.


back to the original point, our instruction right now appears
similarly flawed with respect to technology tools.  Edward Snowden
attempted to guide G.G. through PGP encrypted email via manual, via
on-line video instruction, and other resources.  all of which left
G.G. incapable of securely communicated via email and frustrated with
the tools and their interfaces.


usability with respect to security and privacy technology a great
challenge worthy in many facets.  you speak from experience teaching
others - your input on specifics of successfully teaching others,
rather than dismissal of anecdotes, is certainly needed!
(as are others reading this list who otherwise lurk compulsively ;)


best regards,
-- 
Liberationtech is public & archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.

Re: [liberationtech] 15 years later, why can't Johnny still not encrypt?

[Tempest]

Jonathan Wilkes:
>
> You can disagree with it, but it certainly is not a logical fallacy.

based on the substance of the editorial it describes, it certainly is.
it's "begging the claim." the fact that i have walked novice computer
users through installing and using gpg shows that the level of
difficulty is debatable. installing an operating system for the first
time is time consuming and dificult task for a novice as well. claiming,
"it is hard for a novice to installl an operating system and, thus,
novices should not install operating systems" is a logical fallacy. in
the case of pgp/gpg, it's a dangerous one.

the headline is reckless troll bait for the sheer point of grabbing
attention. it should be changed.



-- 
Liberationtech is public & archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.

Re: [liberationtech] 15 years later, why can't Johnny still not encrypt?

[Jonathan Wilkes]

On 01/15/2014 02:03 PM, Tempest wrote:

carlo von lynX:


There was a thread on LibTech titled "10 reasons not to start using PGP"[2] 
that you might be interested in.

Thanks for the referral, Pranesh.  :)

Since the current reason count is at 15, you may want to
read the updated version at

and it's still a horrible head line. lack of easier usability is not an
argument to "not start" using something. it's a logical fallacy. you
should change it.


You can disagree with it, but it certainly is not a logical fallacy.  
Given that there are a limited number of hours in a day, it is perfectly 
reasonable for someone to decide not to use a technology because it's 
too difficult to understand or use.  And whether or not it's persuasive, 
it's perfectly reasonable to point out how many issues a potential user 
could have when learning/using the technology.


-Jonathan
--
Liberationtech is public & archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change 
to digest, or change password by emailing moderator at compa...@stanford.edu.

Re: [liberationtech] 15 years later, why can't Johnny still not encrypt?

[Nicolai Hähnle-Montoro]

On Wed, Jan 15, 2014 at 8:32 PM, Joseph Lorenzo Hall  wrote:
> I'm thinking of operations like fingerprint verification. I can
> analogize encryption to locking boxes with keys (even asymmetric or
> DHE), but when it comes to other kinds of things (even explaining the
> utility of a cryptographic hash), there aren't a lot of real-world
> analogies to bootstrap their intuition. Maybe this will come in future
> generations of socialized human.

It seems to me that a usable mail encryption and authentication system
should work without ever showing a user any kind of hash except for
key fingerprints, so you don't _need_ an analogy.

For the fingerprints, perhaps it would be best to just pretend that
the fingerprint is the _identity_ of the person.

cu,
Nicolai
-- 
Lerne, wie die Welt wirklich ist,
aber vergiss niemals, wie sie sein sollte.
-- 
Liberationtech is public & archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.

Re: [liberationtech] 15 years later, why can't Johnny still not encrypt?

[Joseph Lorenzo Hall]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256



On 1/15/14, 5:52 AM, Lars Luthman wrote:
> 
> I don't think it's about UI issues anymore, simply about the lack
> of a critical mass and the move to webmail. Webmail operators, who
> by and large are also ad mongers, have zero interest in providing
> tools for client-side encryption since that would prevent them from
> analysing the message content and use it for targeting ads.

I do think there is something else going on here that I'm not sure if
I can adequately articulate: there are certain features of crypto
(opsec/commsec in general!) that are simply non-intuitive and hard to
get people to establish at an instinctual level.

I'm thinking of operations like fingerprint verification. I can
analogize encryption to locking boxes with keys (even asymmetric or
DHE), but when it comes to other kinds of things (even explaining the
utility of a cryptographic hash), there aren't a lot of real-world
analogies to bootstrap their intuition. Maybe this will come in future
generations of socialized human.

I've wondered if a "usable cryptosystem" could be developed that used
as its touchstone user intuition such that if users do what they
naively think they should (or if they're lazy, etc.) it works with
minimal risk to the user (not just fail safely, but not fail at all in
the face of What Users Will Do).

That may just be impossible or at least very hard.

best, Joe

- -- 
Joseph Lorenzo Hall
Chief Technologist
Center for Democracy & Technology
1634 I ST NW STE 1100
Washington DC 20006-4011
(p) 202-407-8825
(f) 202-637-0968
j...@cdt.org
PGP: https://josephhall.org/gpg-key
fingerprint: 3CA2 8D7B 9F6D DBD3 4B10  1607 5F86 6987 40A9 A871


-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.13 (Darwin)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBCAAGBQJS1uJMAAoJEF+GaYdAqahx9/sP/3XLppz02g7nYn5Jy1bGf7+q
icK+EJdtxKWec/WkyOdjitnd6mEEyTXOBo0OYzzDYL/KOz9fafwsIXWfaIem5Qtf
cxhTxbpBKNAWosTOC6ns48SLKEe+z8W6GIMzGsjMkO8TvGdXaKUsgA/xhlMU8zjc
f/uBFYBinUFSLrhPkA1pmyA7LqlCGoSAiumDaWdXRf5zNlEvXcjH5XTI9KuTH89P
Gzi2el73yYHqm9OLgJVJamTTHFeHvQ665MKDmN/K/t4quBx4gv8qYHUS6KKU+zMa
aa/CUFG+7Tjak/yvbFeDTU92K3H6cYRCd7fAcdOSVxV+PGuQlw2JyTzMhWjaoEVQ
K9V3yt/HAX6KcVxPAyLri+BMWTk5IHMC6pfICCJT737J9jTHOxwOj0f+1gOE24mE
WKAlH9eylbc+TpkmTizQh7AmP3jr4CpYm6TZcqUVrsF7M6TVEaqPYGMOCbHu3Z3C
9tz1rJZjViLr8jmRwPOnkXKh0h3GEBhObvTeYDYwyOgMp8cQJCEEJjiiDp94H5Yx
LEvynLesTC9cS6LwoUFtIjoyATuJvUfeHJlh42kn9GtW9Y05A9AcN9hpOOA+I9E0
8SYaYE/2sAR8rQjuWa26rP9Th67sAiW27iLpgJrmiv+TDXM3W0h0Z4bup7P2SJs8
GHHRocjjHyHDtyNmNfFN
=9UAV
-END PGP SIGNATURE-

-- 
Liberationtech is public & archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.

Re: [liberationtech] 15 years later, why can't Johnny still not encrypt?

[Julian Oliver]

..on Wed, Jan 15, 2014 at 06:54:49PM +, Tempest wrote:
> Lars Luthman:
> >
> > I don't think it's about UI issues anymore, simply about the lack of a
> > critical mass and the move to webmail. Webmail operators, who by and
> > large are also ad mongers, have zero interest in providing tools for
> > client-side encryption since that would prevent them from analysing the
> > message content and use it for targeting ads.
> 
> that may be part of it. but, when i do have to walk new users through
> getting gpg and enigmail up and running, they often complain about it
> and would otherwise give up if i didn't insist. whether that speaks to
> the tech itself or the desire for instant gratification by users is a
> matter for debate.

True. I wonder if it's then better to get a little forceful with email 
security. 

Afterall, we don't complain about being asked to set a password when setting up
a computer or new OS install. Perhaps we wouldn't either when setting up
security for email.. 

Webmail aside (a tricky one indeed..) mail client vendors could integrate PGP
into their email account setup process, asking for a passphrase and generating
keys in the background. It could even opt to export those keys to a keyserver.

Once their email account is set up, the user is prompted to encrypt or sign
their emails each time they are about to send them, unless explicitly choosing
to disable that warning (just like we see with 'Remember this password?' in
Firefox).

This of course would make GnuPGP etc a dependency for installing that particular
mail client. It would be great to see Mozilla take this on with Thunderbird. 

Cheers,

-- 
Julian Oliver
PGP 36EED09D
http://julianoliver.com
http://criticalengineering.org
-- 
Liberationtech is public & archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.

Re: [liberationtech] 15 years later, why can't Johnny still not encrypt?

[Tempest]

carlo von lynX:

>> There was a thread on LibTech titled "10 reasons not to start using PGP"[2] 
>> that you might be interested in.
> 
> Thanks for the referral, Pranesh.  :)
> 
> Since the current reason count is at 15, you may want to
> read the updated version at

and it's still a horrible head line. lack of easier usability is not an
argument to "not start" using something. it's a logical fallacy. you
should change it.


-- 
Liberationtech is public & archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.

Re: [liberationtech] 15 years later, why can't Johnny still not encrypt?

[Tempest]

Lars Luthman:
>
> I don't think it's about UI issues anymore, simply about the lack of a
> critical mass and the move to webmail. Webmail operators, who by and
> large are also ad mongers, have zero interest in providing tools for
> client-side encryption since that would prevent them from analysing the
> message content and use it for targeting ads.

that may be part of it. but, when i do have to walk new users through
getting gpg and enigmail up and running, they often complain about it
and would otherwise give up if i didn't insist. whether that speaks to
the tech itself or the desire for instant gratification by users is a
matter for debate.


-- 
Liberationtech is public & archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.

Re: [liberationtech] 15 years later, why can't Johnny still not encrypt?

[Steve Weis]

As one anecdote, when I TAed the MIT Network and Computer security
course, we assigned "Why Johnny Can't Encrypt" as the first reading.
We asked the students to send us a PGP encrypted & signed message and
tell us how long it took.

If I recall correctly, it took an average of 30 minutes for
non-existing users to figure out how to use PGP. Think about that.
These were graduate & upperclass undergraduate computer science
students enrolled in a network security course. Everyone had accounts
on the same university system and were mostly using standalone email
clients.

Best of all, someone decided it would be funny to generate a fake key
for me and post it to pgp.mit.edu. Several students fell for the
trick, didn't verify the key, and encrypted their homework with the
wrong key. It was a great way to drive home the lesson, but we asked
the jokers to kindly revoke their key, which they did.

Long story short, PGP was still hard to figure out for an experienced
cohort of users, who didn't have the issues of webmail and
proliferation of mobile platforms we have today. I don't think
anything has improved to make it viable for a wider audience.

On Wed, Jan 15, 2014 at 2:23 AM, Anders Thoresson  wrote:
> Hi all!
>
> When doing research on email encryption and why it's still not widely used, 
> I've read Alma Whittens "Why Johnny Can’t Encrypt: A Usability Evaluation of 
> PGP 5.0" [1] from '99. I wonder if anyone knows of similar but more recent 
> usability studies on encryption software?
>
> Comparing the findings made by Whittens and compare them to the software 
> available today, not much seems to have happened. But does the conclusion 
> still holds, that a lack of mass-adoption of email encryption is due to 
> problematic UX – or are there other reasons that today are seen as more 
> important?
>
> [1] – 
> https://www.usenix.org/legacy/events/sec99/full_papers/whitten/whitten.ps
>
> Best regards,
> Anders Thoresson
> Freelance reporter
> and...@thoresson.net
> http://anders.thoresson.se
> http://www.dn.se/blogg/teknikbloggen
> http://twitter.com/thoresson
>
> --
> Liberationtech is public & archives are searchable on Google. Violations of 
> list guidelines will get you moderated: 
> https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
> change to digest, or change password by emailing moderator at 
> compa...@stanford.edu.
-- 
Liberationtech is public & archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.

Re: [liberationtech] 15 years later, why can't Johnny still not encrypt?

[Mrs. Y.]

As an analyst and working practitioner who has to teach users how to use
encryption, I'm incredibly frustrated by this issue. I would love to see
some research.

I've also written a high-level piece on the topic here:

http://www.networkcomputing.com/security/email-encryption-and-the-goldilocks-prin/240158288

Michele


On 1/15/14 9:06 AM, Greg Norcie wrote:
> The Symposium on Usable Security is an entire conference dedicated to
> the subject. They have their proceedings all available on their website:
> 
> http://cups.cs.cmu.edu/soups/2013/program.html
> 
> 
> 
> - Greg
> 
> On 1/15/14, 5:23 AM, Anders Thoresson wrote:
>> Hi all!
>>
>> When doing research on email encryption and why it's still not
>> widely used, I've read Alma Whittens "Why Johnny Can’t Encrypt: A
>> Usability Evaluation of PGP 5.0" [1] from '99. I wonder if anyone
>> knows of similar but more recent usability studies on encryption
>> software?
>>
>> Comparing the findings made by Whittens and compare them to the
>> software available today, not much seems to have happened. But does
>> the conclusion still holds, that a lack of mass-adoption of email
>> encryption is due to problematic UX – or are there other reasons
>> that today are seen as more important?
>>
>> [1] –
>> https://www.usenix.org/legacy/events/sec99/full_papers/whitten/whitten.ps
>>
>>  Best regards, Anders Thoresson Freelance reporter 
>> and...@thoresson.net http://anders.thoresson.se 
>> http://www.dn.se/blogg/teknikbloggen http://twitter.com/thoresson
>>
>>
>>
-- 
Liberationtech is public & archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.

Re: [liberationtech] 15 years later, why can't Johnny still not encrypt?

[Greg Norcie]

The Symposium on Usable Security is an entire conference dedicated to
the subject. They have their proceedings all available on their website:

http://cups.cs.cmu.edu/soups/2013/program.html



- Greg

On 1/15/14, 5:23 AM, Anders Thoresson wrote:
> Hi all!
> 
> When doing research on email encryption and why it's still not
> widely used, I've read Alma Whittens "Why Johnny Can’t Encrypt: A
> Usability Evaluation of PGP 5.0" [1] from '99. I wonder if anyone
> knows of similar but more recent usability studies on encryption
> software?
> 
> Comparing the findings made by Whittens and compare them to the
> software available today, not much seems to have happened. But does
> the conclusion still holds, that a lack of mass-adoption of email
> encryption is due to problematic UX – or are there other reasons
> that today are seen as more important?
> 
> [1] –
> https://www.usenix.org/legacy/events/sec99/full_papers/whitten/whitten.ps
>
>  Best regards, Anders Thoresson Freelance reporter 
> and...@thoresson.net http://anders.thoresson.se 
> http://www.dn.se/blogg/teknikbloggen http://twitter.com/thoresson
> 
> 
> 
-- 
Liberationtech is public & archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.

Re: [liberationtech] 15 years later, why can't Johnny still not encrypt?

[carlo von lynX]

On Wed, Jan 15, 2014 at 06:00:14AM -0500, Pranesh Prakash wrote:
> Anders Thoresson  [2014-01-15 11:23:04 +0100]:
> > Comparing the findings made by Whittens and compare them to the software 
> > available today, not much seems to have happened. But does the conclusion 
> > still holds, that a lack of mass-adoption of email encryption is due to 
> > problematic UX 

I believe UX has no chance of fixing the usability if the
way the underpinnings work undermine any such effort. The
number one problem being that there EXISTS a way to message
unencrypted, and that the user is expected to make sure that
encryption is being used. Pond is a good example on how to
do away with that. Pond is easier to use, because it CANNOT
send unencrypted messages. Also RetroShare is easier to handle
than PGP. And both are really bad UX-wise as yet. Any UX
designer working on them half a day could improve them a lot
whereas trying to fix PGP+email is a lost game.

We discussed this topic in a usability session at the 30c3.
Videos will appear on youbroketheinternet.org in the coming
weeks and I'll keep libtech posted.

> There was a thread on LibTech titled "10 reasons not to start using PGP"[2] 
> that you might be interested in.

Thanks for the referral, Pranesh.  :)

Since the current reason count is at 15, you may want to
read the updated version at http://secushare.org/PGP


-- 
http://youbroketheinternet.org
 ircs://psyced.org/youbroketheinternet
-- 
Liberationtech is public & archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.

Re: [liberationtech] 15 years later, why can't Johnny still not encrypt?

[Pranesh Prakash]

Anders Thoresson  [2014-01-15 11:23:04 +0100]:
> Comparing the findings made by Whittens and compare them to the software 
> available today, not much seems to have happened. But does the conclusion 
> still holds, that a lack of mass-adoption of email encryption is due to 
> problematic UX 

This reminds me of a recent Ars Technica story[1] with the headline, "Encrypted 
e-mail: How much annoyance will you tolerate to keep the NSA away?" 
Sub-heading: "How to to encrypt e-mail, and why most don't bother."

> – or are there other reasons that today are seen as more important?

There was a thread on LibTech titled "10 reasons not to start using PGP"[2] 
that you might be interested in.

 [1]: 

 [2]: 


-- 
Pranesh Prakash
Policy Director, Centre for Internet and Society
T: +91 80 40926283 | W: http://cis-india.org
---
Access to Knowledge Fellow, Information Society Project, Yale Law School
M: +1 520 314 7147 | W: http://yaleisp.org
PGP ID: 0x1D5C5F07 | Twitter: https://twitter.com/pranesh_prakash
-- 
Liberationtech is public & archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.

Re: [liberationtech] 15 years later, why can't Johnny still not encrypt?

[Lars Luthman]

On Wed, 2014-01-15 at 11:23 +0100, Anders Thoresson wrote: 
> Comparing the findings made by Whittens and compare them to the software =
> available today, not much seems to have happened. But does the conclusion=
>  still holds, that a lack of mass-adoption of email encryption is due to =
> problematic UX =E2=80=93 or are there other reasons that today are seen a=
> s more important?

I don't think it's about UI issues anymore, simply about the lack of a
critical mass and the move to webmail. Webmail operators, who by and
large are also ad mongers, have zero interest in providing tools for
client-side encryption since that would prevent them from analysing the
message content and use it for targeting ads.


--ll

-- 
Liberationtech is public & archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.

Re: [liberationtech] 15 years later, why can't Johnny still not encrypt?

[wasa bee]

a 2011 study on encrypted radio used by government, police, etc:
http://www.crypto.com/blog/p25


On Wed, Jan 15, 2014 at 10:23 AM, Anders Thoresson wrote:

> Hi all!
>
> When doing research on email encryption and why it's still not widely
> used, I've read Alma Whittens "Why Johnny Can’t Encrypt: A Usability
> Evaluation of PGP 5.0" [1] from '99. I wonder if anyone knows of similar
> but more recent usability studies on encryption software?
>
> Comparing the findings made by Whittens and compare them to the software
> available today, not much seems to have happened. But does the conclusion
> still holds, that a lack of mass-adoption of email encryption is due to
> problematic UX – or are there other reasons that today are seen as more
> important?
>
> [1] –
> https://www.usenix.org/legacy/events/sec99/full_papers/whitten/whitten.ps
>
> Best regards,
> Anders Thoresson
> Freelance reporter
> and...@thoresson.net
> http://anders.thoresson.se
> http://www.dn.se/blogg/teknikbloggen
> http://twitter.com/thoresson
>
> --
> Liberationtech is public & archives are searchable on Google. Violations
> of list guidelines will get you moderated:
> https://mailman.stanford.edu/mailman/listinfo/liberationtech.
> Unsubscribe, change to digest, or change password by emailing moderator at
> compa...@stanford.edu.
>
-- 
Liberationtech is public & archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.

[liberationtech] 15 years later, why can't Johnny still not encrypt?

[Anders Thoresson]

Hi all!

When doing research on email encryption and why it's still not widely used, 
I've read Alma Whittens "Why Johnny Can’t Encrypt: A Usability Evaluation of 
PGP 5.0" [1] from '99. I wonder if anyone knows of similar but more recent 
usability studies on encryption software? 

Comparing the findings made by Whittens and compare them to the software 
available today, not much seems to have happened. But does the conclusion still 
holds, that a lack of mass-adoption of email encryption is due to problematic 
UX – or are there other reasons that today are seen as more important?

[1] – https://www.usenix.org/legacy/events/sec99/full_papers/whitten/whitten.ps

Best regards,
Anders Thoresson
Freelance reporter
and...@thoresson.net
http://anders.thoresson.se
http://www.dn.se/blogg/teknikbloggen
http://twitter.com/thoresson
-- 
Liberationtech is public & archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.