On 8/13/12 6:53 PM, Gregory Maxwell wrote:
For example, it wouldn't be hard to educate people to only install
software on their secure systems via a downloading tool that verifies
(cryptographically) that the software which is being installed has
been independently peer reviewed by multiple parties and is free of
trusted reviewers asserting that the software is unsafe. The
authenticity and independence of the signing parties can be validated
by the software— the user only needs to provide keys from some people
he knows to bootstrap the process.
It wouldn't be hard— except the tools don't exist and there are a
number of practical challenges that need to be solved, and interesting
tradeoffs that need to be made.
Ok, cool.
But to make an example we can say that even today Tor cannot be secured
against the "Server Operator" in the sense that if you are an "average
user" you need to trust Tor Project, distributing Tor binaries.
One would say, "but there are hash and pgp signature and instruction on
how to verify it" .
It doesn't matter for the average user.
The average user will NEVER check it.
The average user doesn't even know "what a digital signature is".
The average user does not know how to download pgp, import keys, execute
command line arguments to verify a crypto checksum.
Those are all stuff for crypto-nerds and power-users, but not for
average users.
So imho in the current context of technology, the average user,
regardless what the provider say/suggest on the download page, does not
have a real way to verify that what he is download does not contain a
backdoor.
Being the operator Tor Project distributing Tor Browser Bundle,
CryptoCat distributing a Chrome plugin, GnuPG Project distributing
WinPGP, the problem is the same (for the average user).
This means that most of this discussion around CryptoCat is based on the
need of a technology to solve a problem for "the average users" that
simply does not exists (and that CryptoCat cannot solve).
-naif
_______________________________________________
liberationtech mailing list
[email protected]
Should you need to change your subscription options, please go to:
https://mailman.stanford.edu/mailman/listinfo/liberationtech
If you would like to receive a daily digest, click "yes" (once you click above) next to
"would you like to receive list mail batched in a daily digest?"
You will need the user name and password you receive from the list moderator in
monthly reminders. You may ask for a reminder here:
https://mailman.stanford.edu/mailman/listinfo/liberationtech
Should you need immediate assistance, please contact the list moderator.
Please don't forget to follow us on http://twitter.com/#!/Liberationtech
