On 10/11/15 12:29, Neuhaus Stephan (neut) wrote:

On 2015-11-09 21:12, "oshwm" wrote:

...

On 09/11/15 08:38, Neuhaus Stephan (neut) wrote:

...

On 2015-11-08 09:45, "cypherpunks on behalf of oshwm" wrote:

...

On 08/11/15 08:40, Peter Gutmann wrote:

...

oshwm writes:

...

Can GPG be easier to use, I think so, is it too difficult to use by ordinary people - no, they're just too fucking lazy and lack motivation.

... and this is pretty much the poster child for why we have so much unusable crypto today.

Or, why we have such a fucking retarded human race with the attention span of a knat who expect everything to be given to them on a plate.

I think you're rather making Peter's point for him.

Case in point: Would you care to try to explain to my dad (who is 76) what an expired PGP key means, exactly? What a trusted key is? Hell, what a public key is, even? How a PGP plaintext signature could have failed to verify? (In this context, don't forget to explain to him the difference between UTF-8 and ISO 8859-1.) Hint: an attitude of "well, you just have to learn all these new concepts, you fucking retarded human with the attention span of a knat" is probably not going to help.

I feel sorry for your dad, having a child that thinks so little of his mental capacity.

I guess that’s what I get for choosing an example that makes the ad-hominem too easy.

You see, I didn't know what ad hominem mean't so I had a choice, I could wait for someone to explain it all to me or I could go and find out the meaning for myself - which I did :P

...

If your dad can operate Windows and an email client then he has what is needed to learn enough to sign and encrypt emails with GnuPG. He doesn't need to know how crypto works or every minute detail, he just needs to be able to make sense of a Wizard and to be able to click a few buttons.

I don’t think that’s true, and the reason is that it’s not enough to learn the right sequence of buttons to press. You’re right: learning to press some buttons in the right sequence is the easy part. The tricky part happens when an error occurs, e.g., when a signature fails to verify. And signatures can fail to verify for a huge number of reasons and an Enigmail-style user interface will simply expose them to the user. Without a correct mental model—which goes beyond knowing button sequences—no one will be able to make a correct assessment of an error situation, no matter what the age, education, or mental capacity.

...

He'll be at a disadvantage for not learning more about crypto and PGP but he'll be able to maintain a small amount of privacy in his use of email.

Only when things go right. And only if he cares enough. If there was some automated mechanism that would do all of these things automatically in the background, he could be using encrypted email without even knowing it. Like Skype, who at one time provided encrypted video and voice chat without users even being aware. That did more for security than exposing all the intricate details through an Enigmail-style UI.

Skype: centralized authentication by a third party corporation - you don't have to do any authentication for yourself, you just have to trust that Microsoft will never act in a way inconsistent with your privacy or freedom. PGP: decentralized authentication where the amount of trust you have in the certificates is fully under your control. But with this control comes complexity because you don't have some benevolent overlord taking care of your every need. Take your pick, personally I don't trust big corporations and for that reason will accept the extra complexity.

...

When he gets stuck he might be able to ask his son or daughter for help

He might indeed! Or he might not, given that his interest when interacting with a computer is to e.g. send an email to someone, not to have to expend work to preserve his privacy. I suspect that he’d rather go on with what he was doing — sending email — than asking me what a good but untrusted signature is. (For example.)

If he has little interest in protecting his privacy why would he even bother with any encryption no matter whether it's easy to use or not?

...

- assuming he hasn't given up asking because you hold his mental capacity in such low regard.

OK, next time, I’ll *really* choose another example that doesn’t open myself up to the ad-hominem so easily.

Yep, use stereotypes and you get what you deserve :P

...

...

If we want "ordinary people” (whatever they are, but in a crypto context they’ll be more like my dad than like me) to use encryption, we will have to make it invisible to them. It doesn't even have to be perfect; good enough will do.

You think if crypto is invisible to people then they'll be able to deal with when things go wrong any better than your dad would be if you equipped him with minimal knowledge of how to get by with PGP using e.g Enigmail on Thunderbird?

In most cases, yes. Also, it will enable things to go right more often, simply because configuration options will be removed, making the whole thing easier to write and test.

...

The more you hide details from people, the less they are able to help themselves.

That is only true for a very small number of specialists. The success of many products is precisely the careful hiding of many details, most of which would be unintelligible to the vast majority of users anyway. Unless you’re a trained engineer, you will have no detailed idea how a modern car engine works (or FM radio or …), for example. If you had to know these things in order to operate a car engine, there would be vastly fewer cars out there. And common failure modes of cars — low fuel, low oil or tire pressure and whatnot — have been incorporated into user interfaces that many people routinely and correctly use. That works only by not exposing details.

You can drive a car mostly successfully without too much information but if it stops at the side of the road and the limited info from your dials doesn't tell you what's wrong then a bit more knowledge might just get you home. If anything, this matches the Enigmail model more than the invisible crypto model.

Fun,

Stephan — If I have downvote policy, I will downvote you.