[liberationtech] DecryptoCat

Thu Jul 11 10:32:03 PDT 2013

On 2013-07-11, at 12:38 PM, Maxim Kammerer <mk at dee.su> wrote:

> On Tue, Jul 9, 2013 at 4:57 PM, Jacob Appelbaum <jacob at appelbaum.net> wrote:
>> While I think Maxim is viewed as exceedingly harsh in how he writes, I
>> think that your response is really the wrong way to deal with him. We
>> should consider that his cultural background is different and that as
>> far as I understand it, he isn't a native english speaker. Between the
>> two things, perhaps we might just ask him to be nicer?
> 
> I am often harsh because I dislike circlejerks. Activists are too
> often completely unable to employ critical thinking when the result of
> that thinking would go contrary to their ideology — even more so when
> said activists lack scientific/technical education. E.g., recall that
> case last year where legal activists on this list finally succeeded in
> (or at least supported, not sure) enhancing export controls of
> software [1]. I was as annoyed as you, but I wasn't surprised. This is
> what these people do: claim they support some idea (e.g., freedom to
> write software), but easily do something to the contrary when the
> result is not aligned with their ideology. There is no critical
> thinking involved — nothing in their life accustomed these people to
> the need to think critically.
> 
> Anyway, back to the topic. I don't care much about Cryptocat, simply
> because I don't care much about web programming. I don't think I
> participated in a discussion about Cryptocat previously. I did
> converse with Nadim when he was going to do something stupid in the
> project once, but got tired quickly when he found it hard to grasp
> simple CS concepts. So he fixed the problem, and I stopped caring,
> fine. But in this thread, I pointed out something very simple:
> Cryptocat paid for professional peer review (audit, whatever you call
> it), and it didn't work. Then, people start to lecture me for some
> reason, as if I have any reason to listen to that chatter. Did
> Cryptocat contact Veracode for a response? I mean, they spent CIA
> money on that, no? Or was that money spent just to be able to write a
> rosy blog post? E.g., I thought about hiring their audit services as
> well before — is that a bad idea? Is the value in such an audit only
> in being able to convince people who don't understand anything about
> programming? So, say, clueless people got happy due to an audit, and
> Cryptocat people were forced to fix a bug due to someone finding and
> widely publishing it — I can understand that. So, where are the
> answers to these questions? Why am I reading useless apologies and
> expressions of support instead?

Wow.

NK

> 
> [1] https://mailman.stanford.edu/pipermail/liberationtech/2012-September/004854.html
> 
> --
> Maxim Kammerer
> Liberté Linux: http://dee.su/liberte
> --
> Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at companys at stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech