Hi Eleanor,
I understand the logic of the argument, but are there news stories about
people being harmed in the field due specifically (or mainly) to deniability of
the software they are using? (Or research on the topic, though I'm not sure
how it could be a falsifiable or reproducible.)
-Jonathan
On Tuesday, September 30, 2014 11:58 AM, Eleanor Saitta <e...@dymaxion.org>
wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
On 2014.09.28 04.15, Greg wrote:
> Dear Rory,
>
> See this list on ArsTechnica's forum:
>
> http://arstechnica.com/civis/viewtopic.php?f=21&t=1245367
>
> I work for Tao Effect LLC, our software is on that list, and you
> can read about how its plausible deniability compares to
> TrueCrypt's here (forgive this subreddit's insane color scheme):
>
> http://www.reddit.com/r/security/comments/2b5icu/major_advancements_in_deniable_encryption_arrive/cj24a1n
>
> In case anyone on this list wants a license, here's a code for
> 15% off: LIBERATIONTECH
>
> There are 10 of them and you can use them on espionageapp.com
> <http://espionageapp.com/>. They expire November 1st.
While code available is nice, it's sadly not really sufficient to make
this relevant for the activist world. Non-multiplatform tools aren't
a replacement for Truecrypt, and having to pay for licenses makes your
tool completely inaccessible to most folks in authoritarian regimes or
in the majority world who may actually need it. Furthermore, when
dealing with the exigencies of security in the field, having to deal
with license keys at all imposes a serious overhead to expedient
solutions in emergencies.
And finally, the least useful part of Truecrypt is the deniability.
There are very good reasons why tools that attempt to provide
deniability may actually significantly harm field outcomes, something
which developers seem to not understand. (Also, it's bloody hard to
get right, and almost everyone fails, although I haven't looked at
this solution in particular.)
E.
- --
Ideas are my favorite toys.
-----BEGIN PGP SIGNATURE-----
iF4EAREIAAYFAlQq0xAACgkQQwkE2RkM0wq0hwD/a/cWXFzWRDtBR9YtzxNvtZra
zDovJhYWMG4mS/SIBjcBAIh6gCKBZOIXcPJ13TasQy9V3H/h4Gu0kIZz5eMBFGci
=K6CP
-----END PGP SIGNATURE-----
--
Liberationtech is public & archives are searchable on Google. Violations of
list guidelines will get you moderated:
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe,
change to digest, or change password by emailing moderator at
compa...@stanford.edu.
--
Liberationtech is public & archives are searchable on Google. Violations of
list guidelines will get you moderated:
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe,
change to digest, or change password by emailing moderator at
compa...@stanford.edu.
