Search Mailing List Archives


Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] Wickr app aims to safeguard online privacy

Jacob Appelbaum jacob at appelbaum.net
Tue Feb 5 12:03:27 PST 2013


Daniel Colascione:
> On 2/5/2013 11:11 AM, Jacob Appelbaum wrote:
>> Brian Conley:
>>> Apparently Silent Circle is also proposing such a feature now.
>>
>> Such a feature makes sense when we consider the pervasive world of
>> targeted attacks. If you compromise say, my email client today, you may
>> get years of email. If you compromise my Pond client today, you get a
>> weeks worth of messages. Such a feature is something I think is useful
>> and I agreed to it when I started using Pond. 
> 
> Nobody is objecting to a feature that deletes certain messages after a
> configurable time. I agree that it mitigates some attacks (although less than
> one might think, if the mail account isn't tamper-evident), and timed message
> deletion has other benefits besides. Many MUAs provide this feature, often
> through "filters" or "rules" interfaces.

I think that some people do object to such a feature. It makes sense -
such a feature is pretty much an open research question...

> 
> Rich's objection, which I share, is that Wickr (and apparently, Silent Circle)
> attempt to impose this policy on users without allowing them to make an
> independent choice.
> 

I agree that using closed source software with a software as a service
model might really suck. Free software for freedom, right?

> Is your position that timed message deletion is valuable only if it is
> sender-selected and MUA-enforced?

Nope. My position is that there is more than a binary choice and more
than a receiver is the attacker at all times way of thinking about the
problem.

All the best,
Jake




More information about the liberationtech mailing list