[liberationtech] Wickr app aims to safeguard online privacy
Jacob Appelbaum
jacob at appelbaum.net
Tue Feb 5 12:03:27 PST 2013
Daniel Colascione:
> On 2/5/2013 11:11 AM, Jacob Appelbaum wrote:
>> Brian Conley:
>>> Apparently Silent Circle is also proposing such a feature now.
>>
>> Such a feature makes sense when we consider the pervasive world of
>> targeted attacks. If you compromise say, my email client today, you may
>> get years of email. If you compromise my Pond client today, you get a
>> weeks worth of messages. Such a feature is something I think is useful
>> and I agreed to it when I started using Pond.
>
> Nobody is objecting to a feature that deletes certain messages after a
> configurable time. I agree that it mitigates some attacks (although less than
> one might think, if the mail account isn't tamper-evident), and timed message
> deletion has other benefits besides. Many MUAs provide this feature, often
> through "filters" or "rules" interfaces.
I think that some people do object to such a feature. It makes sense -
such a feature is pretty much an open research question...
>
> Rich's objection, which I share, is that Wickr (and apparently, Silent Circle)
> attempt to impose this policy on users without allowing them to make an
> independent choice.
>
I agree that using closed source software with a software as a service
model might really suck. Free software for freedom, right?
> Is your position that timed message deletion is valuable only if it is
> sender-selected and MUA-enforced?
Nope. My position is that there is more than a binary choice and more
than a receiver is the attacker at all times way of thinking about the
problem.
All the best,
Jake
More information about the liberationtech
mailing list