Content
@
1 reply
0 recast
2 reactions
William Allen
@williamallen.eth
Is the desire for e2e/zero knowledge encryption (Skiff, Proton, Signal etc) a stated preference with a much smaller TAM vs the revealed preference of 'just good enough' or 'the devs will add it later' encryption?
3 replies
0 recast
4 reactions
Cassie Heart
@cassie
Part of the stated vs revealed preference of E2EE, ZK, MPC, and other cryptographic approaches, hell, even cryptocurrencies, is that the value delivered has to be greater than the investment. With Signal, a lot of heavy lifting is done to make it as usable as possible, and even then, there are still rough edges.
1 reply
0 recast
2 reactions
Cassie Heart
@cassie
Part of this is because it is incredibly difficult to retain the security guarantees by smoothing some of those rough edges. Part of it is because a more holistic solution is required (PKI, such as Apple's iCloud Keychain infrastructure and Advanced Data Protection, has now enabled equivalent security with easier use)
1 reply
0 recast
4 reactions
Cassie Heart
@cassie
Building that holistic solution doesn't happen overnight, and while significant engineering expense went into the new iMessage security features, it still remains limited to iMessage. Revealed preference: if you can't talk to Android users over iMessage, what do you do? Downgrade security.
2 replies
0 recast
3 reactions
Cassie Heart
@cassie
The thing is, people don't realize how crucial the privacy and secrecy guarantees of strong encryption are, until they don't have it but need it. (See women's health care restrictions being passed that have lead to overzealous AGs requesting medical records from out of state)
3 replies
1 recast
15 reactions
William Allen
@williamallen.eth
love these thoughts. thank you!
0 reply
0 recast
1 reaction
