[liberationtech] What I've learned from Cryptocat

[Gregory Maxwell]

On Mon, Aug 13, 2012 at 12:38 PM, Fabio Pietrosanti (naif)
<lists at infosecurity.ch> wrote:
> The average user (a very stupid, dumb user but with very strong political
> commitment in freedom fighting) will always trust the website / operator.
>
> We CANNOT FIX that problem in any technical/cryptographic way.
>
> That kind of user will do whatever the "server operator"/"website" will
> tell/ask him to do.

This actually can be solved, at least largely— not in the short term,
but with hard work and education.

The primary problem right now is that there is basically no option
except single party trust for anything except the most sophisticated
users.  But it doesn't have to be this way.

For example, it wouldn't be hard to educate people to only install
software on their secure systems via a downloading tool that verifies
(cryptographically) that the software which is being installed has
been independently peer reviewed by multiple parties and is free of
trusted reviewers asserting that the software is unsafe. The
authenticity and independence of the signing parties can be validated
by the software— the user only needs to provide keys from some people
he knows to bootstrap the process.

It wouldn't be hard— except the tools don't exist and there are a
number of practical challenges that need to be solved, and interesting
tradeoffs that need to be made. (In particular, updates can't be
deployed very rapidly in such a model, so we need to greatly increase
the basic reliablity and security of the software before reviewed
distribution can really work).

Of course, the participant in needs a honest introduction in the first
place— people could deny them knowledge of the existence of this
secure software ecosystem entirely. But compromising a user at an
obviously (to the user) important one time event is much harder than
compromising them at any of hundreds of monthly technological
impediment events.