|
|
|
|
|
|
by upofadown
1589 days ago
|
|
|
Signal is a good example here because someone did a usability study. In a usability study involving Signal[1], 21 out of 28 computer science students failed to establish and maintain a secure end to end encrypted connection. The usability of end to end encrypted messaging is a serious issue. We should not kid ourselves into thinking it is a solved issue. For all practical purposes it is the issue. [1] https://www.ndss-symposium.org/wp-content/uploads/2018/03/09... |
|
|
At least we have to agree on what we mean when we say that "end-to-end encryption works". I think there are `shades' of "working" if you will -- for instance, I know I mostly ignore when the key material changes in a Signal conversation, and this could be used to fool me. But then we have to talk about attack vectors and what we want to be protected from. I think it's mostly large-scale data collection and analysis rather than targeted attacks (like the CIA might do).
At any rate, thanks for setting me straight. I will read the paper!