That may be - though some of the PGP solutions are pretty close to
one-click install these days. The old Napster never seemed to phase
anybody. Maybe, whomever is organizing the group needs to spend a
little time picking a system and writing up a how-to-install checklist.
The reality is that anything that's not encrypted tends to get indexed
by google - so, if privacy is a concern (as the OP indicated), then any
standard email list, probably including a google group, is problematic -
at the very least one has to pay very close attention to configuration,
and better to not have an archive (hard to do with google groups).
At the very least, go with a service that has registration and strong
privacy guarantees, or maybe set up a Wordpress or Drupal instance, with
access limited to registered users. Point and click on wordpress.com or
godaddy.
Miles Fidelman
On 7/11/16 11:26 AM, Steve Weis wrote:
Hello Miles. I think your suggestions are not practical for an ad hoc
group of sexual assault survivors. You're talking about them using
PGP, downloading open source clients, or using untested blockchain
systems. I think for a random group of people, all of these will fail
in practice due to poor usability and platform incompatibility. I
think there is little benefit to using a P2P system in this case.
Their threat model is against their abusers and potentially media,
bloggers, or trolls who pick up on the story. It's not against hosted
services like Google or the NSA.
You want something dead simple that works on every platform and
managed by an organization with their own security team. I suggested
Google Apps because it's battle-tested, easy, and in this use case,
free. Yes, Google would see this survivors' group data. They also see
a enterprise data -- even from competitors -- that is much more
valuable and targeted.
On Mon, Jul 11, 2016 at 5:09 AM Miles Fidelman
<mfidel...@meetinghouse.net <mailto:mfidel...@meetinghouse.net>> wrote:
Personally, I'd recommend staying away from any kind of hosting
service
- stick with a peer-to-peer system designed for privacy.
One, really simple notion would be to simply use encrypted email,
perhaps over a list server. It's a pain, but straightforward. It
does,
however expose group membership, in the form of email addresses.
--
In theory, there is no difference between theory and practice.
In practice, there is. .... Yogi Berra
--
Liberationtech is public & archives are searchable on Google. Violations of
list guidelines will get you moderated:
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe,
change to digest, or change password by emailing moderator at
compa...@stanford.edu.
