Search Mailing List Archives

Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] Successful experiment boosting the number of users using OpenPGP verification for file download

adrelanos adrelanos at
Wed Jul 31 10:30:29 PDT 2013


I hope you are interested in the results of a little experiment.

Q: How many users downloaded OpenPGP signatures with the old design of
download page? (You can see the design here: [1] [2])

A: 1 in ~30 users.

Q: How many users downloaded OpenPGP signatures after adding a colored
download table, which indicates, that http downloads without OpenPGP
verification is the least secure method, to the download page? (You can
see the design here: [3])

A: 1 in ~11 users.

Note: This is only an approximation. No experiment meeting scientific
standards. However, while the number of downloads didn't decrease, the
number of signature downloads significantly increased. Which is a good
thing, isn't it? Downloading a signature doesn't imply, the user
successfully managed to use OpenPGP verification or that the user
couldn't be tricked or just ignored an invalid signature error message.

You can get some more information and more detailed statistics here: [5] [6]

This is also a follow up to: "[liberationtech] secure download tool -
doesn't exist?!?" [4]



[2] Please ignore the "Moved to" part. That
snapshot has been forgotten and made later. Nevertheless it gives an
impression how the old download page looked like.)

More information about the liberationtech mailing list