[messaging] Value of deniability

[Eleanor Saitta]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On 2014.12.10 21.26, moderncrypto at mkern.fastmail.fm wrote:
> If half the jury has used a version of whatsapp where the history
> is easy to change and they are presented with evidence in the form
> of a chat log from that app (often this is even done with screen
> shots) then their base level of confidence in the evidence will be
> very different.

To be frank, this flies in the face of every chat system user
interface and experience ever designed, along with the natural
understanding of how human conversation works.  The bar for adopting a
system like that would be incredibly high.  A few percentage shift in
the likelihood of a court admitting the forgability of evidence under
rare circumstances does not enter the ballpark.  If that's what it
takes to make deniability useful, it's a clear failure.

> Widespread deployment and awareness of such mutability would
> improve the outcome for all users in the long run.

The outcome of that specific situation, possibly.  It is likely that
such would significantly hamper user understanding of tools that
implemented it (assuming users discovered the feature), delaying
adoption.  As it undermines the basic communicative function of a chat
tool, it would likely contribute negatively to user task efficacy and
thus outcomes in other places.

> There might be cases however where evidence of earlier
> conversations between two accused is brought up. If at that point
> it is not clear who of them made which statements it might well
> bolster the defense of either or both of them.

This seems like grasping at straws.

> It seems you are asking for an example where a) the stakes are
> high enough to warrant close inspection and b) the situation is
> such that doubt about the originator of a message has actual
> benefit to the user. A court room seems indeed to be the only place
> where b) applies. I wouldn't call that a niche though.

While I don't (yet) have statistics to back this up, the risk factors
for the vast majority of high-risk/specifically-targeted users feature
court rooms only incidentally and this specific circumstances vastly
more rarely.  However, the fact that this is the only relevant use
case is a good demonstration of why spending the kind of engineering
effort that has clearly been expended on deniability is nonsensical,
and why the larger design process that has allowed this kind of
misplaced effort and misunderstanding of security outcomes to continue
should be called into question.

> I agree that this introduces an additional concept for the user to 
> understand if they are to make good use of this feature. However if
> you sign messages instead then you have to educate the user about
> the fact that there is no way for them to repudiate the messages
> they send.

Actively signing a message and failing to support deniability are not
the same, as I have explained elsewhere.

E.

- -- 
Ideas are my favorite toys.
-----BEGIN PGP SIGNATURE-----

iF4EAREIAAYFAlSJB8UACgkQQwkE2RkM0wq3/gD/U6PBTan6muRjmye3QjmezpNv
wD0gnQ9rNK+xR5Q8du0BAIRds5iMCr17FvZetBLag+JI+5yytdeY3mWqFh4lPMI/
=2I2G
-----END PGP SIGNATURE-----