[liberationtech] Heml.is - "The Beautiful & Secure Messenger"

Thu Jul 11 02:41:51 PDT 2013

Hi!

Why bad approach? I am reading this comments about Heml.is and they
are a bit funny. On the sad side. Mostly all are just ideological
arguments. Like it is not free software. It will have centralized
server.

At the end what matters is what they will deliver. If it will be a
secure and easy to use messaging for masses, this is something great.
Security is does not help you if interface is useless. We had PGP for
years, but usability is crucial. [1]

If I understand correctly, security-related things will be open
source. Probably crypto on the client side. Server side they will
probably left closed-source. And I assume that client will encrypt
everything and then send to the server. So even if server is
compromised, messages will be safe. But this makes user experience
much easier to maintain.

Yes, ideally it would be better if it would be distributed. But this
opens another issues.

So the concept doesn't sound so bad to me. But I still wonder how they
will secure meta-data (who is/was talking to who).

But please, let us support more diversity in this area. Don't destroy
ideas even before they lunch just because we might personally believe
it should be different. If it was be so easy, we would already have
secure, privacy aware, decentralized messaging with nice user
interface and I do not know which all bells and whistles.

Mitar

[1] http://www.cs.berkeley.edu/~tygar/papers/Why_Johnny_Cant_Encrypt/OReilly.pdf

On Thu, Jul 11, 2013 at 1:12 AM, Albert López <newbiesworld at hotmail.com> wrote:
>
>
> Moreover when they say "our backend infrastructure"... So the service will
> be centralized? Bad approach...
>
>
> ________________________________
>
> gpg --keyserver pgp.mit.edu --search-keys EEE5A447
> http://pgp.mit.edu:11371/pks/lookup?search=0xEEE5A447&op=vindex
>
>
>
>> From: edulix at wadobo.com
>> Date: Wed, 10 Jul 2013 21:36:33 +0200
>
>> To: liberationtech at lists.stanford.edu
>> Subject: Re: [liberationtech] Heml.is - "The Beautiful & Secure Messenger"
>>
>> On Wed, Jul 10, 2013 at 9:30 PM, Nadim Kobeissi <nadim at nadim.cc> wrote:
>> >
>> > "Will it be Open Source?
>> > We have all intentions of opening up the source as much as possible for
>> > scrutiny and help! What we really want people to understand however, is that
>> > Open Source in itself does not guarantee any privacy or safety. It sure
>> > helps with transparency, but technology by itself is not enough. The
>> > fundamental benefits of Heml.is will be the app together with our backend
>> > infrastructure, which is what really makes the system interesting and
>> > secure." — https://heml.is/
>> >
>> > I'm sort of infamous by now for the fusses I make regarding the
>> > importance of open-sourcing security software. I'm pretty sure people are
>> > tired of me so I'm going to be quiet. But it's clear to me that Hemlis's
>> > answer is not the right answer.
>>
>> Hi:
>>
>> Agreed. I won't support heml.is if it's not libre software, as it
>> seems to be the case. They want 100k $ to fund non-free software.
>> That's something I don't think people should support.
>>
>> Regards,
>> --
>> Eduardo Robles Elvira +34 668 824 393 skype: edulix2
>> http://www.wadobo.com it's not magic, it's wadobo!
>> --
>> Too many emails? Unsubscribe, change to digest, or change password by
>> emailing moderator at companys at stanford.edu or changing your settings at
>> https://mailman.stanford.edu/mailman/listinfo/liberationtech
>
> --
> Too many emails? Unsubscribe, change to digest, or change password by
> emailing moderator at companys at stanford.edu or changing your settings at
> https://mailman.stanford.edu/mailman/listinfo/liberationtech

-- 
http://mitar.tnode.com/
https://twitter.com/mitar_m