[liberationtech] Guardian reporter delayed e-mailing NSA source because crypto is a pain

Andrew Feinberg andrew at andrewfeinberg.com
Wed Jun 12 01:05:19 PDT 2013 

Let's first have context -- at this time I am a 30 year old journalist. But (to establish my geek bona fides) shortly after I could legally drive, but long before I could vote, I went through the process of becoming a registered Debian Linux developer.  

Then, as is the case now, to achieve that status, one needs to have their GnuPG key (back then PGP) signed by a fellow developer who has verified their identity. 

While I had undergone the process with my PGP key back when I was a high school student, by the time Debian made the switch to GPG (as I recall for ideological reasons surrounding PGP's license) I was at university with far less free time, and learning crypto software or getting your keys exchanged and signed wasn't easy. And so I never made the time to learn the new software until recent events led me to revisit my options.

I haven't been a regular Linux user since 2001 (switched to Apple) but I've tried available tools for Linux and what's out there for Mac OS, even trying to compile some F/OSS solutions from scratch on Mac OS. And to be honest, despite all the innovations in user interface over the past 12 years, the situation doesn't look to have changed much since 2001.

Now, I realize that for someone whose very life might depend on strong encryption that works, their incentive to learn even the most arcane and user-unfriendly software could be high enough to overcome any resistance due to either inertia, poor design, or any other conceivable reason why Joe Public wouldn't make everyday use of the stuff.

These days I'm a journalist, and while my work has rarely taken me into places or subjects where encryption is needed, recent events have inspired me to venture back into the available tools to see if I could make using email with strong cryptography easy enough that I could suggest it to regular sources for everyday use.

It still sucks. What exists is godawful at worse and cumbersome at best. 

For a cryptosystem to really, and I mean really become widespread enough to make an impact, it needs to be designed and implemented in such a way that a given user who wants to add that level of security to his** email need only install at the very least some manner of plugin to an existing client, or at most switch to an easy to use replacement which has that functionality built in seamlessly. Key exchange would have to be as easy as forming connections on a social network. Heck, a crypto-social network might be the best way to jump-start such a thing.

But let's be honest here -- I think we all are aware on some level or another that even if one was able to develop and deploy the easiest software imaginable (say, Apple's "iCrypt" that they'd allowed to be vetted, even made key parts open source)  and the most robust algorithms known to man, it's not enough that it be easy to use -- it has to become widely adopted, at least among enough of the population that assuming easy key exchange, it would become a non-event for someone to send or receive an encrypted message. It would have to definitely be widespread enough that, if we also assume pervasive surveillance -- at least on a passive "filtering" level of some kind -- that to see cyphertext being transmitted back and forth would be common enough that it wouldn't raise alarms or attract attention of any sort. 

Let's get real -- assuming surveillance is the new normal, isn't it more likely that cyphertext in the datastream is -- at least as of this day and time -- more likely to attract attention from authorities than say, quality steganography or something like a carefully designed and well executed book code? 

Maybe the idea of pervasive surveillance and any resulting discomfort will raise interest in easy encryption among the general public, but given the state of the current crypto toolbox, I doubt it. 

Andrew

**for those who are PC-inclined, please note I use "his" alone not out of misogyny but for brevity and clarity. 


On Jun 11, 2013, at 9:56 PM, Kate Krauss <katie at critpath.org> wrote:

> It's really easy to use these tools if you already know how to do it. 
> 
> Otherwise they are often complicated and unintuitive. For some of us, they represent an academic field or a fascinating hobby. For others, they are the keys to survival.  Hubris--and not really caring whether they work or not for non-geeks--is an obstacle to security.
> 
> Most activists and journalists don't care how interesting these tools are, as long as they can get them to work. If they were as simple and stupid as AOL circa 2000, that would be great. 
> 
> This is the beauty of cryptoparties--people can sit next to you and talk you through it. Thanks, Asher Wolf. That is often all it takes. Otherwise, tiny glitches or misunderstandings can put them out of reach.
> 
> A security workshop my group organized a couple years ago included lots of geeks ANDS lots of on-the-ground activists (of many stripes, including technophobes) who were teaching each other with the help of two excellent, feminist lead teachers who are good listeners. That also worked well and permanently evangelized everyone about the importance of activism around this issue.
> 
> Yet this is also a capacity problem. There is the equivalent of a fleet of bicycles building online safety tools. And well-paid armies of spies trying to defeat them.
> 
> One way to judge the effectiveness of cryptographically (?) sound tools is not by how cool they are in theory but by how many regular people can figure out how to use them the first time, without help. We can test this and rate the tools.
> 
> Another obvious answer for increasing these tools' legibility is to convene test groups--perhaps this is already happening?-- of regular people and non-geek activists to try them out. And watch those people in action--see what keys they press, see where they pause. And then iterate. Startups do it, and so can we.
> 
> There can be no security if the tools don't scale.
> 
> Katie Krauss
> AIDS Policy Project
> www.AIDSPolicyProject.org
> 
> 
> On Tue, Jun 11, 2013 at 7:54 PM, Nadim Kobeissi <nadim at nadim.cc> wrote:
> This story really solidifies why I believe that we need to make privacy technologies accessible to journalists, instead of simply focusing on the other way around.
> 
> Glenn Greenwald had to substantially delay his communications with Edward Snowden due to how inaccessible a lot of privacy and encryption software is to use.
> 
> Our main and primary goal at Cryptocat has been to focus on making encrypted communications accessible, easier to use and fun and attractive. We've always believed that accessibility is a security feature, and this idea is at the core of our project.
> 
> http://arstechnica.com/security/2013/06/guardian-reporter-delayed-e-mailing-nsa-source-because-crypto-is-a-pain/
> 
> NK
> --
> Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at companys at stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
> 
> --
> Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at companys at stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.stanford.edu/pipermail/liberationtech/attachments/20130612/4c433e5c/attachment.html>

More information about the liberationtech mailing list