[liberationtech] What I've learned from Cryptocat

Mon Aug 6 17:43:27 PDT 2012

It's difficult.  I'm not a technologist, but I understand the issues and
the user needs well.  My "type," I'd surmise, is few and far between.

Security experts have obvious reasons for being conservative, and I get
that.  Nevertheless, there are a lot of users who would benefit from *a
little bit* of added security.  The question, then, as I see it, is:

*How do we provide that little bit while still making users aware of risks?*

On Mon, Aug 6, 2012 at 5:31 PM, Nadim Kobeissi <nadim at nadim.cc> wrote:

> I think guys like Jillian and Douglas should be more public with their
> rhetoric. Really, I agree with your views, but I can't cup my ears to a
> debate that the conservative security community is largely overwhelming me
> in.
>
> NK
>
>
>
> On Mon, Aug 6, 2012 at 5:28 PM, Jillian C. York <jilliancyork at gmail.com>wrote:
>
>> +1.
>>
>> A *safer *web-based tool than Facebook chat with a GIANT WARNING is far
>> better than everyone continuing to hold their discussions in insecure fora.
>>
>> I get the problem here, I do: You most certainly don't want people to
>> think your tool is 100% safe when it's not.  But moving to a browser add-on
>> only doesn't solve the main problem: That many, many, *many* people who
>> need encrypted chat do not control/admin the device on which they want to
>> chat.
>>
>> If users were probably warned, would that satisfy others?
>>
>>
>>
>> On Mon, Aug 6, 2012 at 5:15 PM, Douglas Lucas <dal at riseup.net> wrote:
>>
>>> Hi Libtech and Nadim,
>>>
>>> Is it possible for both versions of crypto.cat to be available? That is
>>> to say, maintain the existing version of quick, disposable chat rooms,
>>> and then also create the new, more secure version with the XMPP and the
>>> browser extension?
>>>
>>> I ask because in my experience it's easy to get "ordinary civilians" to
>>> use current disposable crypto.cat chatrooms -- shoot them the link, and
>>> suddenly they're off facebook or google chat, which they've heard enough
>>> nasty things about already -- and in so doing, begin to lure them to
>>> what some might call the dark arts. Whereas with the planned extension +
>>> login/password version, the barrier to entry (at least for my target
>>> demographic) is significantly higher.
>>>
>>> A devil's advocate could argue the existence of two versions would
>>> disincentive people from ever moving to more secure methods, but I don't
>>> have anything like the empirical numbers to know what would really
>>> happen.
>>>
>>> In any case, crypto.cat is appreciated!
>>>
>>> :-Douglas
>>> _______________________________________________
>>> liberationtech mailing list
>>> liberationtech at lists.stanford.edu
>>>
>>> Should you need to change your subscription options, please go to:
>>>
>>> https://mailman.stanford.edu/mailman/listinfo/liberationtech
>>>
>>> If you would like to receive a daily digest, click "yes" (once you click
>>> above) next to "would you like to receive list mail batched in a daily
>>> digest?"
>>>
>>> You will need the user name and password you receive from the list
>>> moderator in monthly reminders. You may ask for a reminder here:
>>> https://mailman.stanford.edu/mailman/listinfo/liberationtech
>>>
>>> Should you need immediate assistance, please contact the list moderator.
>>>
>>> Please don't forget to follow us on http://twitter.com/#!/Liberationtech
>>>
>>
>>
>>
>> --
>> *+1-857-891-4244 |** jilliancyork.com | @jilliancyork *
>>
>> "We must not be afraid of dreaming the seemingly impossible if we want
>> the seemingly impossible to become a reality" - *Vaclav Havel*
>>
>>
>>
>>
>

-- 
*+1-857-891-4244 |** jilliancyork.com | @jilliancyork *

"We must not be afraid of dreaming the seemingly impossible if we want the
seemingly impossible to become a reality" - *Vaclav Havel*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.stanford.edu/pipermail/liberationtech/attachments/20120806/a1ed1c82/attachment.html>