[liberationtech] Firesheep: Making the Complicated Trivial
Chris Palmer
chris at eff.org
Wed Oct 27 10:45:10 PDT 2010
On Oct 26, 2010, at 5:33 PM, Gregory Maxwell wrote:
> Contrary to your statement— TCPcrypt, or rather the TCPcrypt model,
> doesn't fail to provide authentication. Instead it provides the
> appropriate hooks so that an application can implement its own
> transport-bound domain specific authentication on top of the
> ephemerally keyed secured connection. The TCPcrypt package contains
> example applications that do this.
The only thing that matters is what the user story is: How are people to understand the security guarantee, detect when it has been broken, and know what to do when it has been broken? TCPcrypt's story seems to be "we have no story, and that's a feature".
http://www.faqs.org/docs/artu/ch01s04.html
"""But the cost of the mechanism-not-policy approach is that when the user *can* set policy, the user *must* set policy. Nontechnical end-users [I prefer the term "people" --- CP] frequently find Unix's profusion of options and interface styles overwhelming and retreat to systems that at least pretend to offer them simplicity."""
The biggest security problem on the internet right now is usability. No more half-measures and geek sideshows, please.
--
Chris Palmer
Technology Director, Electronic Frontier Foundation
More information about the liberationtech
mailing list