http://www.wired.co.uk/news/archive/2013-12/13/cryptography
The quest to make encryption accessible to the masses 13 DECEMBER 13 by CHRIS BARANIUK It's been two years since Nadim Kobeissi unleashed his user-friendly, feline-themed chat software, Cryptocat. At the time, Kobeissi felt that there wasn't exactly a great deal of enthusiasm for his program. "Two years ago not a lot of people cared," he comments. But times have changed. "Now a lot of people care." Kobeissi's challenge, to make encrypted online messaging user-friendly, has long been a bugbear of the crypto community. Apaper, written in 1999, demonstrated that the encryption program PGP completely baffled most users in a series of tests. The study, now fourteen years old, is still frequently cited today as a long-unanswered call to arms. And even though the level of security offered by PGP is slowly becoming more accessible thanks to initiatives like the Enigmail Project, for most people it's still too esoteric and finicky. The challenges for making encryption more user-friendly are often referred to as UX headaches which many view as being more or less insurmountable. Indeed, those who publicly advocate better interfaces for encryption feel that they represent a small minority within the wider crypto community. Meanwhile, Cryptocat is booming and has recently been joined by new services like private social network Syme and Android apps such as TextSecure and RedPhone. A market for this stuff is clearly burgeoning. That web users worry about their privacy is something that's frequently picked up in studies, such as this one, published last month by the European Commission. For example, 70 percent of respondents were, "concerned that their online personal information is not kept secure by websites". Could encryption offer better peace of mind? Kobeissi says that Cryptocat is now clocking 16,000 users per day and over the last two years he claims to have received countless stories from non-expert computer users who tell him they've benefited from his software. "There's a person who sent me an email to say that they used Cryptocat to talk to their parents, who are in Iran," he explains. "They said that they think Cryptocat is the only way that they can communicate with their parents, but sadly it has just been banned in the country -- which is kind of nuts." The software's success is all despite a serious bug in the encryption algorithm which was discovered over the summer. "That was really bad," admits Kobeissi, but he assures Wired.co.uk that subsequent audits of the program have affirmed its integrity. [...] -- Liberationtech is public & archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at [email protected].
