On Mon, Aug 6, 2012 at 8:51 PM, Jacob Appelbaum <[email protected]> wrote: > Without a browser extension/plugin - there is little to no difference.
But is there one _with_ a browser extension/plugin? Especially on a browser platform that gets transparent pushed upgrades? I'm very skeptical. I especially skeptical that this kind of claim is being made without the context of the people being protected. Perhaps depending on Google not to cooperate with people who would kill you is reasonable if you're in Iran... but matters are less clear if you are a political enemy of a jurisdiction where they have a sizable legal presence. Is the best solution we have to secure tools presenting practical barriers to usage making sure that less secure tools are roughly as hard to use? Of course, I get it… The problem is that the user doesn't reasonable have the free time to understand all the minutia of difference security threat models and defenses, some which are quite subtle. So when you tell a user something is "secure" it damn well better be as secure as we can make it, because people with their lives on the line are inevitably going to make the wrong calls with respect to how much security they need. And I've experienced first hand people having bogus expectations of cryptocat privacy and chat partners being unwilling to switch to OTR instead. But— there are millions and millions of people still using plaintext chat, open to countless numbers of totally undetectable passive observers. There are millions of people using facebook chat which is now (according to the popular press) utilizing machine learning based analysis to identify "criminal" discussions for reporting (and even if now the reporting furthers human welfare, no one sane would assume it would stop there forever). All of this insecure activity contributes to corporate and government addiction to easy surveillance, an addiction which will make eliminating the insecurity harder. Tools that make improving security easy, even if they do an incomplete job of it, can make a real improvement in the total welfare... but if only they can be prevented from siphoning off activity which would use the more secure tools. My preferred method of addressing this concern is to simply hide all mention of security / encryption, etc. if you're not able to provide a state of the art solution. Let casual users _think_ it's as insecure as plain-text, because thats all you're able to really promise that it is. Users who know they need security and are willing to get it won't get tempted away. This advice might apply to the authors of tools like Mumble, which has it's own entirely security unrelated use-cases... Unfortunately, I don't know how you market a tool such as cryptocat and get people to use it in the first place when it's major advantage is that it's on average probably more secure than the alternatives. _______________________________________________ liberationtech mailing list [email protected] Should you need to change your subscription options, please go to: https://mailman.stanford.edu/mailman/listinfo/liberationtech If you would like to receive a daily digest, click "yes" (once you click above) next to "would you like to receive list mail batched in a daily digest?" You will need the user name and password you receive from the list moderator in monthly reminders. You may ask for a reminder here: https://mailman.stanford.edu/mailman/listinfo/liberationtech Should you need immediate assistance, please contact the list moderator. Please don't forget to follow us on http://twitter.com/#!/Liberationtech
