[messaging] Value of deniability

[Jacob Appelbaum]

On 12/11/14, Mike Hearn <mike at plan99.net> wrote:
>>
>> If you use such a system, I think you've clearly signaled that you
>> don't trust me. I wouldn't chat with you and in fact, I didn't sign
>> this email. :)
>>
>
> Sure about that? ;) You sent it via Gmail which signed it using DKIM as
> coming from your account. To deny you sent it, you would have to either
> claim your account was hacked or that Google is trying to forge evidence.
>

Heh!

It isn't end to end. Hooray. Google can say what they'd like and
Google has been owned in the past. Certainly Google accounts have been
compromised and are regularly compromised. An email from Google is
still just an email. The same email with a PGP signature tied to a key
in a smart card is much stronger assertion in my view.

>
>> End point security is rather weak and so I'd wager that you're aiming
>> to design a protocol "feature" that will be fantastic for framing
>> someone.
>
>
> If you read the newspaper story I linked to from the first email, it was
> the opposite - the guy was being framed and was able to prove it using text
> message evidence, which wasn't deniable presumably due to records kept by
> the carrier (there was CCTV evidence as well anyway). I think being able to
> prove someone said something cuts both ways.
>

I think providing a reasonable doubt is a good goal. The balance
doesn't strike evenly because the world is not fair or balanced with
regard to power. Text message content is logged by many of the
carriers but I presume that they didn't confirm that everything
matches up from full content intercepts. That is to say - the text
message without a strong signature allowed for exoneration. Sounds
like a deniable channel will be similar and that related information
may be useful for confirming assertions.

All the best,
Jacob