Search Mailing List Archives


Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] Guardian reporter delayed e-mailing NSA source because crypto is a pain

Kate Krauss katie at critpath.org
Tue Jun 11 18:56:09 PDT 2013


It's really easy to use these tools if you already know how to do it.

Otherwise they are often complicated and unintuitive. For some of us, they
represent an academic field or a fascinating hobby. For others, they are
the keys to survival.  Hubris--and not really caring whether they work or
not for non-geeks--is an obstacle to security.

Most activists and journalists don't care how interesting these tools are,
as long as they can get them to work. If they were as simple and stupid as
AOL circa 2000, that would be great.

This is the beauty of cryptoparties--people can sit next to you and talk
you through it. Thanks, Asher Wolf. That is often all it takes. Otherwise,
tiny glitches or misunderstandings can put them out of reach.

A security workshop my group organized a couple years ago included lots of
geeks ANDS lots of on-the-ground activists (of many stripes, including
technophobes) who were teaching each other with the help of two excellent,
feminist lead teachers who are good listeners. That also worked well and
permanently evangelized everyone about the importance of activism around
this issue.

Yet this is also a capacity problem. There is the equivalent of a fleet of
bicycles building online safety tools. And well-paid armies of spies trying
to defeat them.

One way to judge the effectiveness of cryptographically (?) sound tools is
not by how cool they are in theory but by how many regular people can
figure out how to use them *the first time, without help.* We can test this
and rate the tools.

Another obvious answer for increasing these tools' legibility is to convene
test groups--perhaps this is already happening?-- of regular people and
non-geek activists to try them out. And watch those people in action--see
what keys they press, see where they pause. And then iterate. Startups do
it, and so can we.

There can be no security if the tools don't scale.

Katie Krauss
AIDS Policy Project
www.AIDSPolicyProject.org


On Tue, Jun 11, 2013 at 7:54 PM, Nadim Kobeissi <nadim at nadim.cc> wrote:

> This story really solidifies why I believe that we need to make privacy
> technologies accessible to journalists, instead of simply focusing on the
> other way around.
>
> Glenn Greenwald had to substantially delay his communications with Edward
> Snowden due to how inaccessible a lot of privacy and encryption software is
> to use.
>
> Our main and primary goal at Cryptocat has been to focus on making
> encrypted communications accessible, easier to use and fun and attractive.
> We've always believed that accessibility is a security feature, and this
> idea is at the core of our project.
>
>
> http://arstechnica.com/security/2013/06/guardian-reporter-delayed-e-mailing-nsa-source-because-crypto-is-a-pain/
>
> NK
> --
> Too many emails? Unsubscribe, change to digest, or change password by
> emailing moderator at companys at stanford.edu or changing your settings at
> https://mailman.stanford.edu/mailman/listinfo/liberationtech
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.stanford.edu/pipermail/liberationtech/attachments/20130611/adeb8e9a/attachment.html>


More information about the liberationtech mailing list