On 11/20/2014 01:40 AM, Andy Isaacson wrote:
On Wed, Nov 19, 2014 at 10:58:56PM +0000, Cathal (Phone) wrote:
Not if that E2E protocol is entirely undermined. Which is the case here: trust is security. If 600M people think they have privacy and don't, that's a problem.
Have you heard of the phrase "harm reduction"? You can't solve a social/technical problem by insisting that only perfect solutions are acceptable. You must provide incremental solutions that can be part of a broad based move from the horrible place where we are now, towards a more safe future.
Unless when it's not an improvement. False privacy promises are worse than no promises.
I mean, *you* can do whatever you want, but users are going to ignore solutions that don't connect to where they are today. "Incremental steps with continuous improvement" is a model for advice that actually works in improving outcomes for real populations. "Burn everything to the ground and start over" is a model for advice that lets activists maintain ideological purity without dirtying their hands with actual people's actual problems.
Both WhatsApp + TextSecure are centralized systems (which also happen to want full access to you contacts list). So it's actually a radical deterioration compared the decentralized protocols we built all these years. It's not about ideological purity. It's usually the "realists" who choose the easy path of building closed silos instead of getting their hands dirty and improve existing working technologies. -- Nikos Roussos http://www.roussos.cc