Search Mailing List Archives

Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] OkayFreedom (Jacob Appelbaum)

Jillian C. York jilliancyork at
Tue Oct 30 17:13:44 PDT 2012

I don't have time to contribute more at the moment (though I've been
reading) but felt the need to say:

*These are the right questions, and I'm glad you're asking them.*

That's all, carry on :)

On Wed, Oct 31, 2012 at 12:27 AM, Dmitri Vitaliev <dmitri at>wrote:

>  Am going to branch out a little from the discourse between Jake and Eric
> and present this list a recurring dilemma in my experience as a digsec
> trainer and technology advisor -  the question of 'good enough' security
> and what to recommend when others seek advice. Eric and I have had this
> discussion many times before, albeit never in a public forum :)
> I've always been on the side of open rather than proprietary code,
> non-profit rather than corporate initiative, these choices a blend of
> technical and moral reasoning. However it is often difficult to convey my
> sentiment in a short time-frame to an activist who relies on technology but
> has a poor understanding of how it fits together. If you only get one
> chance to explain private VoIP communications, do you wring your hands and
> talk about vulnerabilities in Skype or teach them how to find a trustworthy
> SIP provider and configure an open source client with ZRTP? I've done both
> and felt guilty (for different reasons) no matter the choice.
> Regarding service providers, I have more implicit trust in a RiseUp VPN
> than a Steganos one - however the first choice may actually single out a
> group of activists using VPNs to protect their identity and movements from
> the local provider. The argument also holds for Tor, albeit the ratio for
> activist:unscrupulous user on that network may be a good enough excuse.
> Now back to circumvention and to J vs E. We don't need an arrest to label
> a service flawed-by-design. At the same time there will always be fewer
> initiatives we do trust and they will likely be a little more clunky (less
> sleek?) than their commercial equivalents. Do we just present the facts and
> let the audience make up their own minds or do we make a decision about
> their threat model for them and choose the path of least resistance?
> Dmitri Vitaliev
> On 12-10-30 02:05 AM, liberationtech-request at wrote:
> > Message: 33
> > Date: Mon, 29 Oct 2012 12:26:54 +0000
> > From: Jacob Appelbaum <jacob at> <jacob at>
> > To: liberationtech at
> > Subject: Re: [liberationtech] OkayFreedom
> > Message-ID: <508E760E.4010302 at><508E760E.4010302 at>
> > Content-Type: text/plain; charset=ISO-8859-
> --
> Unsubscribe, change to digest, or change password at:

US: +1-857-891-4244 | NL: +31-657086088
site: <>* | *
twitter: @jilliancyork* *

"We must not be afraid of dreaming the seemingly impossible if we want the
seemingly impossible to become a reality" - *Vaclav Havel*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the liberationtech mailing list