[cryptography] "Meet the groundbreaking new encryption app set to revolutionize privacy..."

Thierry Moreau thierry.moreau at connotech.com
Thu Feb 7 12:56:41 PST 2013 

ianG wrote:
>
> [Hushmail design]  isn't
> perfect but it was a whole lot better than futzing around with OpenPGP  
> keys and manual decrypting.  And it was the latter 'risk' view that won, 
> Hushmail filled that niche between the hard core pgp community, and the  
> people who did business and needed an easy tool.
>
> Don't be suspicious, be curious -- this is where security is at. 
>
> Human rights reporters already put their life on the line.  Your mission 
> is not to protect their life absolutely,

One design aspect seems missing from the high-level discussion: how do you 
define the security mechanism failure mode? You have basically two  
options: connect with an insecure protocol, or do not connect at all.

If it's a life-preserving application, this question should be addressed  
explicitly. A "fail safe" system may be either way, but stakeholders  
should know which way. Airplane pilots are trained according to the  
failure mode of each aircraft subsystem. E.g. if two-way radio fails, the 
pilot may remain confident (from an indication on the cockpit) that the air 
traffic controller (ATC) still sees the aircraft identifier on the radar 
(see Wikipedia entry for transponder) during the emergency landing. Thus 
the decision to land at the major airport (instead of a secondary airport 
with less traffic in conflict but lower grade facilities) is taken based on 
the "fail-safe" property of the aircraft-to-ATC communications subsystem.

Regards,

-- 
- Thierry Moreau

_______________________________________________
cryptography mailing list
cryptography at randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE

More information about the cypherpunks-legacy mailing list