[messaging] EFF Insecure Messaging Scorecard

carlo von lynX lynX at i.know.you.are.psyced.org
Mon Nov 17 06:40:17 PST 2014

Sorry for breaking the thread, but I arrived late to the list.

Excuse my bluntness, but to my understanding of secure
messaging there isn't a single secure messaging tool
listed on https://www.eff.org/secure-messaging-scorecard

Everywhere we hear the buzz that metadata is the actual essence 
of bulk surveillance. It's the stuff that undermines the founding 
pillars of democracy and occasionally even kills people.

How can it be ethically acceptable to call any tool
"secure" that does not protect the metadata?

Correct me if I am wrong, but I seriously do not see
any of the metadata-protecting messaging systems in that
list. I know very well that they are all experimental,
but it is irresponsible not to openly say: Sorry people,
there IS no well established and stable messaging system
that will actually protect you as it should. All we can
offer are tools that will protect what you talk about,
not you as a person.

Whereas tools designed to protect not only the words, but
also the person, aren't even known to the EFF it seems:

There are several not so realtime things such as
- Bitmessage
- Cables (possibly needing an upgrade of its DHT)
- I2P Bote (possibly needing an upgrade of its DHT)
- Pond, if you DON'T use any known public server [1]
- Tor-SMTP, again only if you keep your SMTP server secret

And a few that are actually real-time capable:
- Retroshare over Tor [2]
- various TorChat thingies
- maybe some serverless I2P thing I should be aware of

Not to speak of how surreal it is to even list audits
for proprietary software. We know by now that the agencies
do anything which is in their power, so they WILL put backdoors
into proprietary messaging tools AFTER the audit has been done.
Betting on any proprietary tool to be safe is playing Russian 
roulette. It is therefore NOT OK to put a column for audits
next to the column for source code availability, suggesting that
those are orthogonal features that equally deserve a column.
That is... unintentionally whitewashing PRISM.

It is absolutely inappropriate to list proprietary tools with ANY 
green ticks and to think it is a step forward to incentivate audits
that serve no purpose at all while there are hundreds of GNU
projects that deserve maximum attention concerning audits. Focusing 
on irrelevant audits harms the projects that NEED audits now.

No personal offence at anyone intended, I am just trying to
make you change your minds on certain things by saying things
the way I see them. Correct me if I'm wrong - correct your
own thinking and actions if I am right. What we are doing here is
relevant to the long-term future of humanity, so put pride aside
and stick to the facts. Only facts can keep us from political
manipulation, and it may be happening here.

[1] As Trevor Perrin smartly pointed out in
"Tor Hidden Services in (Cables, SMTorP, Pond)", Sat Jun 14 13:31:19 PDT 2014

[2] The Retroshare promised a year ago, Retroshare would soon be
delivered with out-of-the-box support for Tor hidden services.
By default Retroshare does direct F2F which is the worst thing
you could possibly do metadatawise. Combined with hidden services,
one for each person, it will not scale terribly and not be so great
for file sharing, but it fulfils Trevor's requirements stated in [1].
And Retroshare, even though ugly and confusing, has a better usability
than enigmail - simply because there is no SMTP failing underneath.


More information about the Messaging mailing list