GUADEC: Danny O'Brien on privacy, encryption, and the desktop
Posted Aug 4, 2010 16:15 UTC (Wed) by gmaxwell
Parent article: GUADEC: Danny O'Brien on privacy, encryption, and the desktop
Sometimes security is locked in a trade-off with convenience. But often it's not: In most cases you can have some security (if not maximal security) without any impact on convenience at all.
This is especially relevant for the developers of protocols. Any protocol can be designed to transparently use and mandate encryption. The work required to develop this is small because there are already many libraries that implement the hard parts, and the computation required is irrelevant for most protocols. And yet... we often don't bother "if the user needs crypto, they can tunnel it" but thats rubbish, the user doesn't understand all the risks they face and even if they do it's unlikely that everyone that they communicate with shares the same concerns.
Even without authentication, which can't be provided without at least a small imposition on the user, automatically keyed encryption provides enormous protection: It forces any attacker into an active attack which are much more easily detected, prosecuted, or avoided and much harder to implement. Simple unauthenticated encryption also greatly frustrates panopticon-style monitor-everything surveillance.
If you're worried the encryption without authentication may give the user a false sense of security then simply _don't tell the user that they have encryption_. Protection is still valuable even if the user doesn't know about it, it discourages the creation of unlawful eavesdropping infrastructures by reducing their value so used widely enough it even protects people who don't use it.
The OTR protocol is a great example of this mindset (ignoring the bug with multiple logins). Painless, transparent, always on encryption plus optional authentication which is very easy to use.
HTTP security as implemented in browswers today an example of a failed attempt. No security at all for the vast majority of connections because getting security is costly and annoying. Worst, In spite of compromising basic privacy for sake of always getting authentication it's still completely vulnerable to an active attacker because users usually begin on a HTTP page and won't notice the lack of encryption.
As developers I think we have an ethical obligation to bake these kinds of mandatory security measures into our applications and protocols. Asking the user to take the cost of using these security measures and convincing all their friends to use them is little better than not having them at all.
In the past the Telepathy developers have responded to calls for OTR support in a shameful manner: Mocking people that ask for it as paranoids and pushing some cumbersome certificate based alternative which doesn't provide the right security properties and doesn't provide them in a way which will be useful for anyone.
I hope Danny's presentation made some progress in convincing people in the error of their ways.
to post comments)