undefined | Better HN

0 pointsupofadown4y ago0 comments

Signal is a good example here because someone did a usability study. In a usability study involving Signal[1], 21 out of 28 computer science students failed to establish and maintain a secure end to end encrypted connection. The usability of end to end encrypted messaging is a serious issue. We should not kid ourselves into thinking it is a solved issue. For all practical purposes it is the issue.

[1] https://www.ndss-symposium.org/wp-content/uploads/2018/03/09...

0 comments

s58065334y ago

This is interesting, and it causes me to reevaluate my stance.

At least we have to agree on what we mean when we say that "end-to-end encryption works". I think there are `shades' of "working" if you will -- for instance, I know I mostly ignore when the key material changes in a Signal conversation, and this could be used to fool me. But then we have to talk about attack vectors and what we want to be protected from. I think it's mostly large-scale data collection and analysis rather than targeted attacks (like the CIA might do).

At any rate, thanks for setting me straight. I will read the paper!

j / k navigate · click thread line to collapse

0 pointsupofadown4y ago0 comments

[1] https://www.ndss-symposium.org/wp-content/uploads/2018/03/09...

0 comments

s58065334y ago

This is interesting, and it causes me to reevaluate my stance.

At any rate, thanks for setting me straight. I will read the paper!

j / k navigate · click thread line to collapse