Search Mailing List Archives


Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] TrueCrypt Alternatives?

Greg greg at kinostudios.com
Tue Sep 30 20:22:24 PDT 2014


Dear Eleanor,

On Sep 30, 2014, at 2:48 PM, Eleanor Saitta <ella at dymaxion.org> wrote:
> I don't have any field stories that I have permission to share, but
> yes, I've heard of specific incidents.

Incidents involving our software?

> More generally, it represents
> an utter lack of awareness on the part of developers for the security
> risk analysis choices faced by individuals actually at risk.

What lack of awareness?

How about you actually try the software before you go around insulting it and its developers?

> There are very good reasons why tools that attempt to provide
> deniability may actually significantly harm field outcomes, something
> which developers seem to not understand.

And there are very good reasons why this statement of yours is bunk when applied to Espionage:

http://www.reddit.com/r/security/comments/2b5icu/major_advancements_in_deniable_encryption_arrive/cj24a1n

You are welcome to criticize our software based on knowledge and experience that you actually have, but don't go around making up nonsense and applying said nonsense to software that you admit having not tried.

On the other hand, criticizing Espionage for not being free is a fine, legitimate criticism, and something that I'd be happy to brainstorm with you if you'd like to find a solution for how to get it to those activists who need it but cannot afford it.

You can email me privately either at this email about that or to: contact at taoeffect.com

My GPG key info is stored in Namecoin at id/greg: dns.dnschain.net/id/greg

Kind regards,
Greg Slepak

--
Please do not email me anything that you are not comfortable also sharing with the NSA.

On Sep 30, 2014, at 2:48 PM, Eleanor Saitta <ella at dymaxion.org> wrote:

> Signed PGP part
> On 2014.09.30 18.01, Jonathan Wilkes wrote:
> > Hi Eleanor, I understand the logic of the argument, but are there
> > news stories about people being harmed in the field due
> > specifically (or mainly) to deniability of the software they are
> > using?  (Or research on the topic, though I'm not sure how it could
> > be a falsifiable or reproducible.)
> 
> I don't have any field stories that I have permission to share, but
> yes, I've heard of specific incidents.  More generally, it represents
> an utter lack of awareness on the part of developers for the security
> risk analysis choices faced by individuals actually at risk.
> 
> E.
> 
> --
> Ideas are my favorite toys.
> 
> --
> Liberationtech is public & archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at companys at stanford.edu.
> 




More information about the liberationtech mailing list