[liberationtech] What I've learned from Cryptocat

Erik Sundelof erik at sundelof.com
Tue Aug 7 17:05:07 PDT 2012 

Jacob,

Thank you for the note about PARTIAL defenses.

All,

I am astonished yet not about how many people believe there is an absolute solution for security. I personally think it is dishonest to users in real need of protecting their security. Any online transaction comes with risks whether we like it or not. I think it is important to remember when we discuss any tools.

Erik

http:// www.sundelof.com

Sent from my iPad

On Aug 7, 2012, at 4:54 PM, Jacob Appelbaum <jacob at appelbaum.net> wrote:

> Ali-Reza Anghaie:
>> On Tue, Aug 7, 2012 at 7:19 PM, Jacob Appelbaum <jacob at appelbaum.net> wrote:
>> 
>>> Ali-Reza Anghaie:
>>>> 
>>>> I don't think it's they don't get it - once explained to even the most
>>>> jaded they accept the expertise - it's that in the time period with
>>>> immediate windows of opportunity present people are looking for a usable
>>>> solution for ~their~ definition of usable (not "ours"). And they want it
>>>> ~now~ on systems they actually have access to.
>>>> 
>>> 
>>> I regularly explain this to people. Many people have a normal
>>> psychological reaction where they decide they're not important, not a
>>> target, targeting is too hard and so on. Generally, they then say,
>>> "well, whatever" and go on with their lives. It's a heavy burden to
>>> consider the weight of the NSA's warrant-less wiretapping abilities and
>>> ongoing realities.
>> 
>> 
>> To be clear - you and I can afford to worry about NSA and IRGC - the people
>> I'm talking about have more pressing issues right then. That week. And no
>> recourse, ACLU, or EFF to goto. They want a quick and clean solution and
>> sometimes that's just to say "here is where our money is, take care of my
>> family in [OTHER_COUNTRY]"..
>> 
> 
> Well sure. The key thing here is that people don't actually believe that
> we have solutions because well, we don't. Unless you use Tor entirely,
> have no phone, and so on - we have only partial measures.
> 
> Part of what bothered me about Cryptocat was the partial measures that
> need to be made are not really related to user interfaces at all. It's
> almost all under the hood stuff that I take issue with and I'm glad
> Nadim has been changing things.
> 
>> (Extreme example intentional.)
>> 
>> And thank you - I at least understand where you're at better than Tweets
>> express. -Ali
> 
> Sure and thank you!
> 
> Twitter is not the place for such discussions. It's really annoying
> because it's so hard to actually have a discussion. :)
> 
> All the best,
> Jake
> 
> _______________________________________________
> liberationtech mailing list
> liberationtech at lists.stanford.edu
> 
> Should you need to change your subscription options, please go to:
> 
> https://mailman.stanford.edu/mailman/listinfo/liberationtech
> 
> If you would like to receive a daily digest, click "yes" (once you click above) next to "would you like to receive list mail batched in a daily digest?"
> 
> You will need the user name and password you receive from the list moderator in monthly reminders. You may ask for a reminder here: https://mailman.stanford.edu/mailman/listinfo/liberationtech
> 
> Should you need immediate assistance, please contact the list moderator.
> 
> Please don't forget to follow us on http://twitter.com/#!/Liberationtech

More information about the liberationtech mailing list