[cryptography] [liberationtech] Heml.is - "The Beautiful & Secure Messenger"

ianG iang at iang.org
Sat Jul 13 06:17:22 EDT 2013

On 13/07/13 09:43 AM, Noon Silk wrote:

>  So what should everyone do?

Risk analysis.  Which starts with your business model.

What you do is go talk to your customers and figure out what happens to 
them.  Formally, you would figure out the frequency of these events, and 
multiply them by the damages.  Order them that way.  Concentrate on the 
top one first, munch your way down the list.

If you do this, in ordinary business, you will find that the NSA isn't 
even on the list, unless for some reason you targetted some space that 
they also targetted [0].

<advert> E.g, in my current business I'm dealing with savings for v. 
poor women in Africa.  The threats that are hitting them are shakedowns 
by police, government, scammers, banks, merchants, each other, family, 
and self, not necessarily in the order we westerners expect.  Sometimes 
with violence.  So those are the things I'm building the system to 
protect against, which of course takes some cryptography to preserve and 
lock down assets rather than hide them, mixed with a lot of other 
things... your classic old 1990s CIA models aren't going to help a lot 
here. </>


[0] jihadist websites, CAs and chat systems for Americans spring to mind.

More information about the cryptography mailing list