[liberationtech] What I've learned from Cryptocat

Wed Aug 8 07:53:01 PDT 2012

Andrew: That is exactly what I was trying to say but you explained it much better :-) 

Erik

Sent from my iPad

On Aug 8, 2012, at 6:37 AM, liberationtech at lewman.us wrote:

> On Tue, Aug 07, 2012 at 05:18:02PM -0700, erik at sundelof.com wrote 4.7K bytes in 111 lines about:
> :partial defenses using any technology tool. I may feel too strong about
> :tools being discussed as THE solution or THE bulletproof vest so to speak.
> 
> I'm not picking on you Erik, but this comment finally struck me
> about what's bothered me with this debate. There is no such thing as 'the
> bulletproof vest'. I think this is what some have been trying to
> say, too. Bulletproof vests, like safes, are misnamed for marketing
> purposes. Bulletproof vests are rated for resistance against classes and
> types of ammunition. Personally, I think computer security tools need
> to be more easily identified and rated on a scale for their resistance
> to specific threat models.
> 
> Way too many security people assume the perfect adversary, which even the
> NSA, FSB, MSS, or other national intelligence agencies could never live
> up to (but they will sure help you believe they are perfect). With a
> perfect adversary, all is lost. On a theoretical level, a perfect
> adversary is a fine goal to defeat. On a practical level, a perfect
> adversary doesn't exist.
> 
> Bulletproof vests are rated based on type of ammunition, distance from
> shooter, how many repeated strikes it will survive, and how much force is
> transmitted to the wearer per strike. Any professional physical security
> person will understand the trade-offs between desired resistance, vest
> weight, and likely risks. The material choice matters as well, as kevlar
> or armored plate perform differently. Generally, these professionals will
> explain to you how the bulletproof vest protects you and when it doesn't.
> 
> People are horrible at assessing risk. Give someone a basic local-police
> quality bulletproof vest with no explanation and they feel they are
> invulnerable and adjust their risk-taking accordingly. If you explain
> to them that the vest will last for one, maybe two, shots from a .45
> and that FMJ rounds will go right through it, and that anything from a
> 1m range will likely knock you out from the concussive force of impact,
> suddenly this person adjusts their expectations and behavior. The
> bulletproof vest suddenly seems less bulletproof and the wearer
> understands the risks.
> 
> In general, when working with someone (activists, law enforcement,
> abuse victims, teenagers, etc) I try to understand their threat model,
> explain what solutions work when, and why nothing is perfect.  Ultimately,
> the person is the one that needs to make the risk assessment and adjust
> accordingly. My risk acceptance is different from theirs. I can't make
> the decision for them.
> 
> There is no ultimate tool for security, just different tools for different
> needs in your toolbox. Some tools are better than others along a scale. If
> it is easier to understand threat models and resistance against them,
> everyone would be better off.
> 
> My $0.02.
> 
> -- 
> Andrew
> http://tpo.is/contact
> pgp 0x6B4D6475
> _______________________________________________
> liberationtech mailing list
> liberationtech at lists.stanford.edu
> 
> Should you need to change your subscription options, please go to:
> 
> https://mailman.stanford.edu/mailman/listinfo/liberationtech
> 
> If you would like to receive a daily digest, click "yes" (once you click above) next to "would you like to receive list mail batched in a daily digest?"
> 
> You will need the user name and password you receive from the list moderator in monthly reminders. You may ask for a reminder here: https://mailman.stanford.edu/mailman/listinfo/liberationtech
> 
> Should you need immediate assistance, please contact the list moderator.
> 
> Please don't forget to follow us on http://twitter.com/#!/Liberationtech