On Mon, Aug 6, 2012 at 9:08 PM, Eleanor Saitta <[email protected]> wrote: > If you insist on only permitting tools which offer a mythical "perfect" > standard of security, you ensure that many at risk users will use > plaintext tools that offer no security at all.
To be fair, I do not believe anyone is demanding "perfect". Here is how I see it: People are insisting on tools which could be reasonably considered state of the art— software has zero marginal cost, after all, and there is little technical reason why everyone can't have access to the most well developed tools. People are insisting on tools which are on the pareto frontier: that to the extent a trade-off _must_ happen because of limits in knowledge, development, or physical law that the solution not compromise beyond that point. E.g. if your security solution somehow depends on a server that doesn't magically exclude the server logging all communications if it could be avoided. People are insisting that tools which make certain impermissible tradeoffs not be called security tools, even if they're the best possible tool given their constraints. (E.g. facebook chat is the best tool available if you limit yourself to the set of chat tools that facebook provides, but we'd still insist that no one call it a security tool). I think these are all reasonable things. But reasonable people can probably disagree on details like where the boundary of impermissible tradeoff lands. On Mon, Aug 6, 2012 at 9:40 PM, Jacob Appelbaum <[email protected]> wrote: > Right and OTR is the counter example. Will Cryptocat be the middle > ground, where it's perfectly easy to use cryptography but missing key > items that make it safe? Alas, if OTR had really solved this — there would be no cryptocat, there would be no (unencrypted) freenode IRC, we wouldn't be worried about facebook because OTR overlay would be ubiquitous. I think in _practice_ not only is secure chat not solved, it's actively becoming less solved as time goes on and people migrate to chat solutions where OTR works less well. Even many of my GNU/Linux using contacts are now using Epiphany which OTR doesn't work with. Does this mean that it's right to punt and go to some no-more-secure-than-ssl hosted thing and call it the best realistic solution? No. But, I think these trends should influence the sorts of tradeoffs which are considered acceptable. _______________________________________________ liberationtech mailing list [email protected] Should you need to change your subscription options, please go to: https://mailman.stanford.edu/mailman/listinfo/liberationtech If you would like to receive a daily digest, click "yes" (once you click above) next to "would you like to receive list mail batched in a daily digest?" You will need the user name and password you receive from the list moderator in monthly reminders. You may ask for a reminder here: https://mailman.stanford.edu/mailman/listinfo/liberationtech Should you need immediate assistance, please contact the list moderator. Please don't forget to follow us on http://twitter.com/#!/Liberationtech
