zlacker

[parent] [thread] 1 comments
1. lolind+(OP)[view] [source] 2022-01-28 20:37:44
To call encrypted messaging a complete failure you have to demonstrate that the percentage of people capable of maintaining secure messaging is stagnant. As far as I can see, the opposite is true. It is easier than ever to establish and maintain a secure communication channel.

The Signal study showed that the majority of people were unable to understand Signal's security features, but not that the security model is broken. The question at hand isn't how many people are using it wrong but how many people are using it right that never could have managed to do so with PGP keys. If even 10% of Signal's users successfully maintain a secure channel, you're looking at around 5 million people, most of whom probably would not have been able to set up secure messaging without Signal.

Do we still have work to do? Of course! But that doesn't mean that we've failed in our efforts so far.

replies(1): >>upofad+Gk
2. upofad+Gk[view] [source] 2022-01-28 22:26:41
>>lolind+(OP)
That assumes that usability is actually getting better. There is no evidence that this is the case from usability studies. This is not a new problem and we have known what is wrong for something like 20 years now. This isn't something I just thought of. See: Why Johnny Can't Encrypt[1].

[1] https://www.usenix.org/legacy/events/sec99/full_papers/whitt...

[1] https://people.eecs.berkeley.edu/~tygar/papers/Why_Johnny_Ca...

[go to top]