The Crypto Winter

Petro petro at bounty.org
Thu Nov 22 13:17:44 PST 2001 

On Sunday, November 18, 2001, at 01:53 PM, Faustine wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> Faustine wrote:
> Tim wrote:
>> Getting away fron digital cash for a moment, If you'd care to point me
>> to any examples of crypto companies really focused and committed to 
>> developing
>> applications that are commercially appealing to Joe Sixpack AOLuser,
>> I'd be interested to hear about them.
>>> SSL/RSA built into every financial transaction with the common 
>>> browsers.
>>> Visit Amazon, Ebay, etc., and note the secure connections.
>>> User-transpaperent, of course, but then, of course, this is precisely
>>> what a "Joe Sixpack AOLuser" [SIC] application _must_ be.
> You know as well as I do that the real push for improving transaction 
> security
> is coming from commercial interests, not demand by the average user.

	Really?

	When was the last time you worked a Customer Support line for a web 
site that did CC transactions?

	End users care about, and insist on security. They don't know JS 
about it, they don't begin to understand it, but they "know" that 128 
bit SSL is better than 40bit, and they know that it "keeps hackers away 
from their credit cards".


>> Is it really such a stretch to say that most
>> people in the crypto community don't really give a damn about Joe wants
>> or needs? How many times have you heard people here implicitly echo the
>> sentiment: "If they're too lazy or stupid to get it, then screw em."
>>> Well, you are the one using the expression "Joe Sixpack AOLuser."
>>> As for me, I'm a neo-Calvinist Nietzscheian. It is of little concern 
>>> to
>>> me whether crypto is dumbed-down to the point where Mr. Rogers uses 
>>> it.
> I'm a neo-Schopenhauerian Cynic-Stoic eudaimonist. Which is entirely 
> beside the
> point that if you or I were trying to _make money_ selling crypto 
> directly to
> average home users, we certainly ought to put some real effort into 
> hiring
> people who know what average home users really want and are comfortable 
> with.

	You *can't* sell crypto to home users. Crypto is not a product, 
it's infrastructure. You sell email clients and web browsers to end 
users. You sell them Chat Clients and MP3 players.

	Crypto is (or should be) a part of those, and to be a part of 
those, it's got to be seamless.

	Back in 1996 when the "Open Source" movement was going public and 
picking up steam I came to the conclusion, which I am as certain of 
today as I was then, that the problem with Open Source, and what I now 
believe the problem with Crypto-enhanced products to be is the "Last 
Mile".

	Solving problems is fun. Solving hard problems is a lot of fun. 
Doing a proof of concept of these problems  is interesting.

	Putting a useful interface on these proofs of concept is a lot of 
boring work.

	Why aren't there any *good* Open Source word processors (usable, 
yes. functional, well, yes. *good* well integrated consistent, no) other 
than possibly OpenOffice/StarOffice, which is, well we all know it's 
lineage.

> Even with a whole laundry list of reasons behind the recent troubles
> (i.e. failures) of ZKS and Network Associates, I don't think you ought 
> to
> dismiss the "intelligence divide" problem out of hand. Maybe you can, 
> but I
> think it's still worth considering.

	It's not the "intelligence divide", it's ease of use, and a belief 
in the utility.

	Why are there no (or damn few) IRC clients/servers that support 
SSL? Why is there only one (that I'm aware of) chat client that uses 
crypto? Why the fuck isn't *everything* on the wire encrypted at least 
once?

	Because very few people see the utility in it.

	And they may be right.

--
"Remember, half-measures can be very effective if all you deal with are
half-wits."--Chris Klein

More information about the cypherpunks-legacy mailing list