On Sunday, November 18, 2001, at 01:53 PM, Faustine wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Faustine wrote: Tim wrote:
Getting away fron digital cash for a moment, If you'd care to point me to any examples of crypto companies really focused and committed to developing applications that are commercially appealing to Joe Sixpack AOLuser, I'd be interested to hear about them.
SSL/RSA built into every financial transaction with the common browsers. Visit Amazon, Ebay, etc., and note the secure connections. User-transpaperent, of course, but then, of course, this is precisely what a "Joe Sixpack AOLuser" [SIC] application _must_ be. You know as well as I do that the real push for improving transaction security is coming from commercial interests, not demand by the average user.
Really? When was the last time you worked a Customer Support line for a web site that did CC transactions? End users care about, and insist on security. They don't know JS about it, they don't begin to understand it, but they "know" that 128 bit SSL is better than 40bit, and they know that it "keeps hackers away from their credit cards".
Well, you are the one using the expression "Joe Sixpack AOLuser." As for me, I'm a neo-Calvinist Nietzscheian. It is of little concern to me whether crypto is dumbed-down to the point where Mr. Rogers uses it. I'm a neo-Schopenhauerian Cynic-Stoic eudaimonist. Which is entirely beside the
Is it really such a stretch to say that most people in the crypto community don't really give a damn about Joe wants or needs? How many times have you heard people here implicitly echo the sentiment: "If they're too lazy or stupid to get it, then screw em." point that if you or I were trying to _make money_ selling crypto directly to average home users, we certainly ought to put some real effort into hiring people who know what average home users really want and are comfortable with.
You *can't* sell crypto to home users. Crypto is not a product, it's infrastructure. You sell email clients and web browsers to end users. You sell them Chat Clients and MP3 players. Crypto is (or should be) a part of those, and to be a part of those, it's got to be seamless. Back in 1996 when the "Open Source" movement was going public and picking up steam I came to the conclusion, which I am as certain of today as I was then, that the problem with Open Source, and what I now believe the problem with Crypto-enhanced products to be is the "Last Mile". Solving problems is fun. Solving hard problems is a lot of fun. Doing a proof of concept of these problems is interesting. Putting a useful interface on these proofs of concept is a lot of boring work. Why aren't there any *good* Open Source word processors (usable, yes. functional, well, yes. *good* well integrated consistent, no) other than possibly OpenOffice/StarOffice, which is, well we all know it's lineage.
Even with a whole laundry list of reasons behind the recent troubles (i.e. failures) of ZKS and Network Associates, I don't think you ought to dismiss the "intelligence divide" problem out of hand. Maybe you can, but I think it's still worth considering.
It's not the "intelligence divide", it's ease of use, and a belief in the utility. Why are there no (or damn few) IRC clients/servers that support SSL? Why is there only one (that I'm aware of) chat client that uses crypto? Why the fuck isn't *everything* on the wire encrypted at least once? Because very few people see the utility in it. And they may be right. -- "Remember, half-measures can be very effective if all you deal with are half-wits."--Chris Klein