[liberationtech] What I've learned from Cryptocat

Gregory Maxwell gmaxwell at gmail.com
Mon Aug 6 18:49:11 PDT 2012 

On Mon, Aug 6, 2012 at 9:08 PM, Eleanor Saitta <ella at dymaxion.org> wrote:
> If you insist on only permitting tools which offer a mythical "perfect"
> standard of security, you ensure that many at risk users will use
> plaintext tools that offer no security at all.

To be fair, I do not believe anyone is demanding "perfect".

Here is how I see it:

People are insisting on tools which could be reasonably considered
state of the art— software has zero marginal cost, after all, and
there is little technical reason why everyone can't have access to the
most well developed tools.

People are insisting on tools which are on the pareto frontier:  that
to the extent a trade-off _must_ happen because of limits in
knowledge, development, or physical law that the solution not
compromise beyond that point.  E.g. if your security solution somehow
depends on a server that doesn't magically exclude the server logging
all communications if it could be avoided.

People are insisting that tools which make certain impermissible
tradeoffs not be called security tools, even if they're the best
possible tool given their constraints.  (E.g. facebook chat is the
best tool available if you limit yourself to the set of chat tools
that facebook provides, but we'd still insist that no one call it a
security tool).

I think these are all reasonable things.  But reasonable people can
probably disagree on details like where the boundary of impermissible
tradeoff lands.

On Mon, Aug 6, 2012 at 9:40 PM, Jacob Appelbaum <jacob at appelbaum.net> wrote:
> Right and OTR is the counter example. Will Cryptocat be the middle
> ground, where it's perfectly easy to use cryptography but missing key
> items that make it safe?

Alas, if OTR had really solved this — there would be no cryptocat,
there would be no (unencrypted) freenode IRC,  we wouldn't be worried
about facebook because OTR overlay would be ubiquitous.

I think in _practice_ not only is secure chat not solved, it's
actively becoming less solved as time goes on and people migrate to
chat solutions where OTR works less well. Even many of my GNU/Linux
using contacts are now using Epiphany which OTR doesn't work with.

Does this mean that it's right to punt and go to some
no-more-secure-than-ssl hosted thing and call it the best realistic
solution?  No.  But, I think these trends should influence the sorts
of tradeoffs which are considered acceptable.

More information about the liberationtech mailing list