[liberationtech] Guardian reporter delayed e-mailing NSA source because crypto is a pain

Jonathan Wilkes jancsika at yahoo.com
Wed Jun 12 12:17:14 PDT 2013 




________________________________
 >From: The Doctor <drwho at virtadpt.net>
>To: liberationtech at lists.stanford.edu 
>Sent: Wednesday, June 12, 2013 11:54 AM
>Subject: Re: [liberationtech] Guardian reporter delayed e-mailing NSA source because crypto is a pain
 

>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA1

>On 06/12/2013 04:53 AM, Paul Bernal (LAW) wrote:
>> This all rings very true for me: I'm a legal academic, and barely a
>> geek, and in reality I barely ever use crypto. I was at the Privacy
>> Law Scholars
>Conference
>> in Berkeley last week when the PRISM story broke, and we had a
>special session
>> at the end of the conference to talk about what we knew - and
>someone asked
>> about 'user-friendly crypto' and there was a kind of laugh/cheer
>around the room.
>> Everyone knows we want it, no-one believes it's there.

>All of this said, I have a few questions.

>First, why are the two mouse clicks required to run the Tor Browser
Bundle considered to onerous to use by many people?

>Seriously.  I get this a lot.  They won't use it because it takes two
mouse clicks.

That comes from a user's obvious lack of understanding about why a
user might want privacy/anonymity, which comes from a failure
on the part of the security community to adequately explain the
negative effects of ignoring the problem.

Once you understand that it comes from ignorance the complaint
is reasonable.  If I don't _really_ need Tor (i.e., if I can't relate to
or understand any of the scant reports I've heard about the dangers
of surveillance or data mining), clicking _any_ extra buttons is annoying.

But there will be plenty of time in the coming months for the non-technical
person to reflect on what could be gleaned from their aggregate email,
browsing habits, and phone conversations.  If you're in the bubble of
doing regular research on privacy/security, make sure to remember that
there's a difference between intuiting certain truths based on an understanding
of how networks operate, and seeing a report of those truths on widely-watched
networks and news sites.

I expect that complaint about clicks to change over the coming months.

-Jonathan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.stanford.edu/pipermail/liberationtech/attachments/20130612/2e10ab0e/attachment-0001.html>

More information about the liberationtech mailing list