[liberationtech] CryptoParty Handbook

Jacob Appelbaum jacob at appelbaum.net
Mon Oct 8 15:36:13 PDT 2012 

Greg Norcie:
> Any book written by non-experts about something as complicated as crypto
> will have imperfections.
> 
> But sometimes security researchers become paralyzed with the need for
> something to be perfect. You need to look at it from a public health
> perspective.

Also - sometimes people without a real understanding of things give bad
advice and it is actually bad advice.

>From a public health perspective, I have a hard time believing that
homeopathetic remedies are a net positive when they're basically just
bullshit cargoculting.

The point isn't to be perfect - no one is seriously arguing for perfect.
Most of the (usable) security community agrees that perfection is the
enemy of good enough; the operative point of that tired phrase however
is that something is actually good enough!

> 
> The handbook is not perfect by any means, but someone using it is
> probably better off than if they were simply going in blind.

The chapter that talked about using PPTP is straight up crazy talk.
Anyone using PPTP is worse off unless they merely wanted to get owned
with a few hour delay.

All the best,
Jacob

> --
> Greg Norcie (greg at norcie.com)
> GPG key: 0x1B873635
> 
> On 10/7/12 3:45 PM, Alec Muffett wrote:
>>
>>     Would love to hear why.
>>
>>
>> On behalf of all of us who suffered quietly through the Cryptocat
>> journobitchfest, might I please just beg, "no, or at least not on this
>> list"?
>>
>> I went to the London crypto party, I've met some of the people, I have
>> opinions upon which I am sitting until the enthusiasm wanes a bit and
>> folk are less defensive; and then I will blog them, and the discussion
>> can happen in the blogosphere.
>>
>> Perhaps I am wrong, perhaps everyone does want to listen in on
>> discussion of a book.
>>
>> Perhaps the book is liberation-related technology.
>>
>> Discussion of it will likely be hot air, however, especially since the
>> authors themselves claim it is a moving target.
>>
>>     - alec
>>
>> -- 
>> http://dropsafe.crypticide.com/aboutalecm
>>
>>
>>
>> --
>> Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
>>
> --
> Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
>

More information about the liberationtech mailing list