<div><div>Hey all,</div><div><br></div><div>  Personal feelings aside, there seem to be some problems with the article. For one, much of the criticism focused around using a web browser alone (without a plugin or standalone application). Now that it's served entirely via plugin, those criticisms are no longer on the table. </div>
<div><br></div><div>  That some people criticize cryptocat for using SSL seems very disingenuous, as we rely on SSL to help secure everything from bank accounts to email. On top of that, Cryptocat now uses OTR, which is the gold standard in real-time communication encryption.  It's only slight hyperbole to say that everyone uses OTR-encrypted chat, though usually coupled with Pidgin or Adium.  The much-lauded TextSecure also used OTR for its encryption process.  Chat is not dramatically more secure when it's done from a stand-alone application.</div>
<div><br></div><div>  If it seems like I'm nit-picking, it's because there are a lot of nits to pick.  And it's not just with this piece or with pieces about cryptocat.  This is a consistent problem with tech journalism as a whole, where apps are created, audited, patched, audited again, and reworked, making fact-checking more difficult.  If criticisms ABCD are present in version 1.0, and only criticism D applies in version 1.5, then talking about ABCD as if they were still active concerns is not only incorrect, but is a very sensitive topic for developers.</div>
<div><br></div><div>  And frankly, the use of past-tense to describe Cryptocat seems a bit... harsh (even if that wasn't your intention).  It's still a solid app, still under development, and still used by a lot of very passionate users.</div>
<div><br></div><div>Best,</div><div>Griffin Boyce</div><div><br></div><div>-- </div><div>"I believe that usability is a security concern; systems that do <br>not pay close attention to the human interaction factors involved <br>
risk failing to provide security by failing to attract users."<br>~Len Sassaman<br><br>PGP Key etc: <a href="https://www.noisebridge.net/wiki/User:Fontaine" target="_blank">https://www.noisebridge.net/wiki/User:Fontaine</a></div>
</div><div><br></div><div class="gmail_quote">On Tue, Sep 11, 2012 at 1:07 PM,  <span dir="ltr"><<a href="mailto:frank@journalistsecurity.net" target="_blank">frank@journalistsecurity.net</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div><span style="font-size:10pt;font-family:Verdana"><div>Hi everybody,</div><div><br></div><div>Below is my CPJ blog on the Cryptocat debate. It makes some of the same points that I already made here a few weeks ago. And please know that my intent is to help work toward a solution in terms of bridging invention and usability. I know there are different views, and I have already heard some. Please feel free to respond. (If you wish you may wish to copy me at <a href="mailto:frank@journalistsecurity.net" target="_blank">frank@journalistsecurity.net</a> to avoid me missing your note among others.)</div>
<div><br></div><div>Thank you! Best, Frank</div><div><br></div><div><a href="http://www.cpj.org/security/2012/09/in-cryptocat-lessons-for-technologists-and-journal.php" target="_blank">http://www.cpj.org/security/2012/09/in-cryptocat-lessons-for-technologists-and-journal.php</a> </div>
<div><br></div><div></div><div style="text-indent:0px;letter-spacing:normal;text-align:start;font-variant:normal;font-style:normal;font-weight:normal;padding:0px 0px 0.5em;border-top-width:0px;border-bottom-style:none;vertical-align:baseline;clear:both;line-height:18px;color:rgb(17,17,17);text-transform:none;font-size:12px;overflow:hidden;white-space:normal;border-right-width:0px;margin:0px 0px 0.5em;font-family:Verdana,Helvetica,sans-serif;border-left-width:0px;word-spacing:0px">
<div style="margin:0px;padding:0px;border:0px;font-weight:inherit;font-style:inherit;font-size:12px;font-family:inherit;vertical-align:baseline"><h1 style="margin:0.25em 0px 0.5em;padding:0px;border:0px;font-weight:normal;font-style:inherit;font-size:2.25em;font-family:Georgia,Times,serif;vertical-align:baseline;color:rgb(17,17,17);line-height:1">
<span style="font-family:Georgia,Times,serif;font-size:2.25em"><b>In Cryptocat, lessons for technologists and journalists</b></span></h1><div style="margin:0.5em 0px;padding:0px;border:0px;font-weight:inherit;font-style:inherit;font-size:12px;font-family:Verdana,Helvetica,sans-serif!important;vertical-align:baseline;line-height:21px">
By <a href="http://www.cpj.org/blog/author/frank-smyth" style="margin:0px;padding:0px;border:0px;font-weight:inherit;font-style:inherit;font-size:12px;font-family:inherit;vertical-align:baseline;color:rgb(204,51,0);text-decoration:none" target="_blank">Frank Smyth/Senior Adviser for Journalist Security</a></div>
</div><div style="margin:0px;padding:0px;border:0px;font-weight:inherit;font-style:inherit;font-size:12px;font-family:inherit;vertical-align:baseline"><div style="margin:0px;padding:0px;border:0px;font-weight:inherit;font-style:inherit;font-size:12px;font-family:Verdana,Helvetica,sans-serif!important;vertical-align:baseline;line-height:21px">
<span style="margin:0px;padding:0px;border:0px;font-weight:inherit;font-style:inherit;font-size:1em!important;font-family:Verdana,Helvetica,sans-serif!important;vertical-align:baseline;line-height:21px;display:inline"><div style="margin:0px auto 10px;padding:0px;border:0px;font-weight:inherit;font-style:inherit;font-size:12px;font-family:inherit;vertical-align:baseline;width:400px">

<div style="margin:0px;padding:0px;border:0px;font-weight:inherit;font-style:inherit;font-size:10px;font-family:inherit;vertical-align:baseline;color:rgb(136,136,136);line-height:14px;width:400px"><div style="margin:0px;padding:0px;border:0px;font-weight:inherit;font-style:inherit;font-size:10px;font-family:inherit;vertical-align:baseline;text-align:left">
</div></div></div></span><div style="margin:1em 0px;padding:0px 0.75em 0px 0px;border:0px;font-weight:inherit;font-style:inherit;font-size:12px;font-family:inherit;vertical-align:baseline"><span style="font-family:inherit;font-size:12px"><i style="font-style:italic">Alhamdulillah! </i>Finally, a technologist designed a security tool that everyone could use. A Lebanese-born, Montreal-based computer scientist, college student, and activist named Nadim Kobeissi had developed a cryptography tool, <a href="https://crypto.cat/" style="margin:0px;padding:0px;border:0px;font-weight:inherit;font-style:inherit;font-size:12px;font-family:inherit;vertical-align:baseline;color:rgb(204,51,0);text-decoration:none" target="_blank">Cryptocat</a>, for the Internet that seemed as easy to use as Facebook Chat but was presumably far more secure.</span></div>
</div><div style="margin:0px;padding:0px;border:0px;font-weight:inherit;font-style:inherit;font-size:12px;font-family:Verdana,Helvetica,sans-serif!important;vertical-align:baseline;line-height:21px"><div style="margin:1em 0px;padding:0px 0.75em 0px 0px;border:0px;font-weight:inherit;font-style:inherit;font-size:12px;font-family:inherit;vertical-align:baseline">
<span style="font-family:inherit;font-size:12px">Encrypted communications are hardly a new idea. Technologists wary of government surveillance have been designing free encryption software since <a href="http://www.pgpi.org/doc/overview/" style="margin:0px;padding:0px;border:0px;font-weight:inherit;font-style:inherit;font-size:12px;font-family:inherit;vertical-align:baseline;color:rgb(204,51,0);text-decoration:none" target="_blank">the early 1990s</a>. Of course, no tool is completely safe, and much depends on the capabilities of the eavesdropper. But for decades digital safety tools have been so hard to use that few human rights defenders and even fewer journalists (my best guess is one in a 100) employ them.</span></div>
<div style="margin:1em 0px;padding:0px 0.75em 0px 0px;border:0px;font-weight:inherit;font-style:inherit;font-size:12px;font-family:inherit;vertical-align:baseline"><span style="font-family:inherit;font-size:12px">Activist technologists often complain that journalists and human rights defenders are either too lazy or foolish to not consistently use digital safety tools when they are operating in hostile environments. Journalists and many human rights activists, for their part, complain that digital safety tools are too difficult or time-consuming to operate, and, even if one tried to learn them, they often don't work as expected.</span></div>
<div style="margin:1em 0px;padding:0px 0.75em 0px 0px;border:0px;font-weight:inherit;font-style:inherit;font-size:12px;font-family:inherit;vertical-align:baseline"><span style="font-family:inherit;font-size:12px">Cryptocat <a href="http://www.wired.com/threatlevel/2012/07/crypto-cat-encryption-for-all/all" style="margin:0px;padding:0px;border:0px;font-weight:inherit;font-style:inherit;font-size:12px;font-family:inherit;vertical-align:baseline;color:rgb(204,51,0);text-decoration:none" target="_blank">promised</a> to finally bridge these two distinct cultures. Kobeissi was <a href="http://www.nytimes.com/2012/04/18/nyregion/nadim-kobeissi-creator-of-a-secure-chat-program-has-freedom-in-mind.html" style="margin:0px;padding:0px;border:0px;font-weight:inherit;font-style:inherit;font-size:12px;font-family:inherit;vertical-align:baseline;color:rgb(204,51,0);text-decoration:none" target="_blank">profiled</a> in <i>The New York Times</i><span style="margin:0px;padding:0px;border:0px;font-weight:inherit;font-style:inherit;font-size:1em!important;font-family:Verdana,Helvetica,sans-serif!important;vertical-align:baseline;line-height:21px">; </span><a href="http://www.forbes.com/sites/jonmatonis/2012/07/19/5-essential-privacy-tools-for-the-next-crypto-war/" style="margin:0px;padding:0px;border:0px;font-weight:inherit;font-style:inherit;font-size:12px;font-family:inherit;vertical-align:baseline;color:rgb(204,51,0);text-decoration:none" target="_blank"><i>Forbes</i></a> and especially <a href="http://www.wired.com/threatlevel/2012/07/crypto-cat-encryption-for-all/all" style="margin:0px;padding:0px;border:0px;font-weight:inherit;font-style:inherit;font-size:12px;font-family:inherit;vertical-align:baseline;color:rgb(204,51,0);text-decoration:none" target="_blank"><i>Wired</i></a> each praised the tool. But Cryptocat's sheen faded fast. Within three months of winning a prize associated with <a href="http://datatransparency.wsj.com/" style="margin:0px;padding:0px;border:0px;font-weight:inherit;font-style:inherit;font-size:12px;font-family:inherit;vertical-align:baseline;color:rgb(204,51,0);text-decoration:none" target="_blank"><i>The Wall Street Journal</i></a>, Cryptocat ended up like a cat caught in storm--wet, dirty, and a little worse for wear. Analyst Christopher Soghoian--who wrote a <i>Times</i> op-ed <a href="http://www.nytimes.com/2011/10/27/opinion/without-computer-security-sources-secrets-arent-safe-with-journalists.html" style="margin:0px;padding:0px;border:0px;font-weight:inherit;font-style:inherit;font-size:12px;font-family:inherit;vertical-align:baseline;color:rgb(204,51,0);text-decoration:none" target="_blank">last fall</a> saying that journalists must learn digital safety skills to protect sources--blogged that Cryptocat had far too many <a href="http://paranoia.dubfire.net/2012/07/tech-journalists-stop-hyping-unproven.html?utm_source=Contextly&utm_medium=RelatedLinks&utm_campaign=AroundWeb" style="margin:0px;padding:0px;border:0px;font-weight:inherit;font-style:inherit;font-size:12px;font-family:inherit;vertical-align:baseline;color:rgb(204,51,0);text-decoration:none" target="_blank">structural flaws</a> for safe use in a repressive environment.</span></div>
<div style="margin:1em 0px;padding:0px 0.75em 0px 0px;border:0px;font-weight:inherit;font-style:inherit;font-size:12px;font-family:inherit;vertical-align:baseline"><span style="font-family:inherit;font-size:12px">An expert writing in <i>Wired</i> agreed. Responding to another <i>Wired</i> piece just weeks before, Patrick Ball said the prior author's admiration of Cryptocat was "inaccurate, misleading and<a href="http://www.wired.com/threatlevel/2012/08/wired_opinion_patrick_ball/2/" style="margin:0px;padding:0px;border:0px;font-weight:inherit;font-style:inherit;font-size:12px;font-family:inherit;vertical-align:baseline;color:rgb(204,51,0);text-decoration:none" target="_blank">potentially dangerous</a>." Ball is one of the Silicon Valley-based nonprofit <a href="http://www.benetech.org/" style="margin:0px;padding:0px;border:0px;font-weight:inherit;font-style:inherit;font-size:12px;font-family:inherit;vertical-align:baseline;color:rgb(204,51,0);text-decoration:none" target="_blank">Benetech</a> developers of<a href="http://www.benetech.org/human_rights/martus.shtml" style="margin:0px;padding:0px;border:0px;font-weight:inherit;font-style:inherit;font-size:12px;font-family:inherit;vertical-align:baseline;color:rgb(204,51,0);text-decoration:none" target="_blank">Martus</a>, an encrypted database used by groups to secure information like witness testimony of human rights abuses.</span></div>
<div style="margin:1em 0px;padding:0px 0.75em 0px 0px;border:0px;font-weight:inherit;font-style:inherit;font-size:12px;font-family:inherit;vertical-align:baseline"><span style="font-family:inherit;font-size:12px">But unlike Martus, which uses its own software, Cryptocat is a "host-based security" application that relies on servers to log in to its software. And this kind of application makes Cryptocat <a href="http://www.wired.com/threatlevel/2012/08/wired_opinion_patrick_ball/all/" style="margin:0px;padding:0px;border:0px;font-weight:inherit;font-style:inherit;font-size:12px;font-family:inherit;vertical-align:baseline;color:rgb(204,51,0);text-decoration:none" target="_blank">potentially vulnerable</a> to manipulation through theft of login information--as everyone, including Kobeissi, now seems to agree.</span></div>
<div style="margin:1em 0px;padding:0px 0.75em 0px 0px;border:0px;font-weight:inherit;font-style:inherit;font-size:12px;font-family:inherit;vertical-align:baseline"><span style="font-family:inherit;font-size:12px">So we are back to where we started, to a degree. Other, older digital safety tools are "a little harder to use, but their security is real," Ball added in <i>Wired</i>. Yet, in the real world, from<a href="http://www.cpj.org/blog/2011/09/mexican-murder-may-mark-grim-watershed-for-social.php" style="margin:0px;padding:0px;border:0px;font-weight:inherit;font-style:inherit;font-size:12px;font-family:inherit;vertical-align:baseline;color:rgb(204,51,0);text-decoration:none" target="_blank">Mexico</a> to <a href="http://www.cpj.org/2012/07/ethiopia-sentences-eskinder-six-others-on-terror-c.php" style="margin:0px;padding:0px;border:0px;font-weight:inherit;font-style:inherit;font-size:12px;font-family:inherit;vertical-align:baseline;color:rgb(204,51,0);text-decoration:none" target="_blank">Ethiopia</a>, from <a href="http://www.cpj.org/security/2012/05/dont-get-your-sources-in-syria-killed.php" style="margin:0px;padding:0px;border:0px;font-weight:inherit;font-style:inherit;font-size:12px;font-family:inherit;vertical-align:baseline;color:rgb(204,51,0);text-decoration:none" target="_blank">Syria</a> to <a href="http://www.cpj.org/2012/09/bahrain-should-scrap-life-sentence-of-blogger-alsi.php" style="margin:0px;padding:0px;border:0px;font-weight:inherit;font-style:inherit;font-size:12px;font-family:inherit;vertical-align:baseline;color:rgb(204,51,0);text-decoration:none" target="_blank">Bahrain</a>, how many human rights activists, journalists, and others actually use them? "The tools are just too hard to learn. They take too long to learn. And no one's going to learn them," a journalist for a major U.S. news organization recently told me.</span></div>
<div style="margin:1em 0px;padding:0px 0.75em 0px 0px;border:0px;font-weight:inherit;font-style:inherit;font-size:12px;font-family:inherit;vertical-align:baseline"><span style="font-family:inherit;font-size:12px">Who will help bridge the gap? Information-freedom technologists clearly don't build free, open-source tools to get rich. They're motivated by the recognition one gets from building an exciting, important new tool. (Kind of like journalists breaking a story.) Training people in the use of security tools or making those tools easier to use doesn't bring the same sort of credit.</span></div>
<div style="margin:1em 0px;padding:0px 0.75em 0px 0px;border:0px;font-weight:inherit;font-style:inherit;font-size:12px;font-family:inherit;vertical-align:baseline"><span style="font-family:inherit;font-size:12px">Or financial support. Donors--in good part, <a href="http://www.fas.org/sgp/crs/row/R41120.pdf" style="margin:0px;padding:0px;border:0px;font-weight:inherit;font-style:inherit;font-size:12px;font-family:inherit;vertical-align:baseline;color:rgb(204,51,0);text-decoration:none" target="_blank">U.S. government agencies</a>--tend to back the development of new tools rather than ongoing usability training and development. But in doing so, technologists and donors are avoiding a crucial question: Why aren't more people using security tools? These days--20 years into what we now know as the Internet--usability testing is key to every successful commercial online venture. Yet it is rarely practiced in the Internet freedom community.</span></div>
<div style="margin:1em 0px;padding:0px 0.75em 0px 0px;border:0px;font-weight:inherit;font-style:inherit;font-size:12px;font-family:inherit;vertical-align:baseline"><span style="font-family:inherit;font-size:12px">That may be changing. The anti-censorship circumvention tool Tor has grown progressively easier to use, and donors and technologists are now working to make it easier and faster still. Other tools, like <a href="http://www.pgpi.org/" style="margin:0px;padding:0px;border:0px;font-weight:inherit;font-style:inherit;font-size:12px;font-family:inherit;vertical-align:baseline;color:rgb(204,51,0);text-decoration:none" target="_blank">Pretty Good Privacy</a> or its slightly improved <a href="http://www.gnupg.org/" style="margin:0px;padding:0px;border:0px;font-weight:inherit;font-style:inherit;font-size:12px;font-family:inherit;vertical-align:baseline;color:rgb(204,51,0);text-decoration:none" target="_blank">German alternative</a>, still seem needlessly difficult to operate. Partly because the emphasis is on open technology built by volunteers, users are rarely if ever redirected how to get back on track if they make a mistake or reach a dead end. This would be nearly inconceivable today with any commercial application designed to help users purchase a service or product.</span></div>
<div style="margin:1em 0px;padding:0px 0.75em 0px 0px;border:0px;font-weight:inherit;font-style:inherit;font-size:12px;font-family:inherit;vertical-align:baseline"><span style="font-family:inherit;font-size:12px">Which brings us back to Cryptocat, the ever-so-easy tool that was not as secure as it was once thought to be. For a time, the online debate among technologists degenerated into the<a href="http://www.wired.com/threatlevel/2012/08/security-researchers/all/" style="margin:0px;padding:0px;border:0px;font-weight:inherit;font-style:inherit;font-size:12px;font-family:inherit;vertical-align:baseline;color:rgb(204,51,0);text-decoration:none" target="_blank">kind of vitriol</a> one might expect to hear among, say, U.S. presidential campaigns. But wounds have since healed and some critics are now working with Kobeissi to help clean up and secure Cryptocat.</span></div>
<div style="margin:1em 0px;padding:0px 0.75em 0px 0px;border:0px;font-weight:inherit;font-style:inherit;font-size:12px;font-family:inherit;vertical-align:baseline"><span style="font-family:inherit;font-size:12px">Life and death, prison and torture remain <a href="http://www.cpj.org/reports/2011/12/journalist-imprisonments-jump-worldwide-and-iran-i.php" style="margin:0px;padding:0px;border:0px;font-weight:inherit;font-style:inherit;font-size:12px;font-family:inherit;vertical-align:baseline;color:rgb(204,51,0);text-decoration:none" target="_blank">real outcomes</a> for many users, and, as Ball noted in<i>Wired</i>, there are no security shortcuts in hostile environments. But if tools remain too difficult for people to use in real-life circumstances in which they are under duress, then that is a security problem in itself.</span></div>
<div style="margin:1em 0px;padding:0px 0.75em 0px 0px;border:0px;font-weight:inherit;font-style:inherit;font-size:12px;font-family:inherit;vertical-align:baseline"><span style="font-family:inherit;font-size:12px">The lesson of Cryptocat is that more learning and collaboration are needed. Donors, journalists, and technologists can work together more closely to bridge the gap between invention and use.</span></div>
</div></div></div></span></div></blockquote></div>