[liberationtech] What I've learned from Cryptocat
Moxie Marlinspike
moxie at thoughtcrime.org
Mon Aug 6 19:29:19 PDT 2012
On 08/06/2012 06:59 PM, Eleanor Saitta wrote:
> Except that with your harm mitigation, you push many potential users
> back to plaintext, where they are guaranteed to be owned. What
> percentage of potential cryptocat users would the plugin version have to
> stop from using the tool for you to accept that there was a place for
> the non-plugin version?
Let's stop using the word "plaintext," because my understanding is that
none of the chat services we're speaking of transmit data in the clear.
As I see it, there are currently three possible vectors for attack with
"existing" web-based chat services:
1) SSL interception.
2) Server compromise.
3) Server operator.
The technology in CryptoCat v1 does not address any of these three
vectors, and all of them remain possible. My position is that it's
actually more susceptible to attack via #1 and #2 than existing
web-based chat solutions. I believe your position is that it improves
on vector #3 by virtue of being not-Facebook. (I'm curious how you
measure #3 in comparison to GChat.)
If we postulate that CryptoCat does improve vector #3 by virtue of being
not-Facebook, it isn't a result of the technology, but simply that we've
agreed Nadim has a better monitoring/interception track record than
Facebook. If that's something you think is valuable, it actually seems
like it'd potentially be better served by having someone like the EFF or
Riseup host a web-based and SSL-protected chat service, without brining
any additional cryptography confusion into the mix. A trust project,
not a cryptography project.
Unfortunately for me, I'd rather depend on cryptography than people.
But I believe that CryptoCat is actually well positioned to drive
changes in the ecosystem that will allow them to really improve on those
three vectors in time. I think it's difficult to experiment in public
with security tools, however, and that it's a sage decision to make a
secure solution available (CryptoCat v2) and work on reducing friction
while maintaining security from there.
- moxie
--
http://www.thoughtcrime.org
More information about the liberationtech
mailing list