Comment Martus author comment (Score 1) 194
We quite appreciate being slashdotted! Some great and insightful comments. I'll start by addressing two main ones:
1. Crypto is not the end-all security answer.
We agree. Much of our documentation is designed to educate about this issue. The main security threats to this data are not someone cracking a strong crypto solution, by our attack analysis. It's the bad password, snooped keyboard strokes, torture, etc. We are also pretty upfront that today's strong crypto is the next generation's college coding project. Our crypto makes HR data 99% more secure (maybe 95%). The most important thing is that it gives these groups more control over their information and makes it a lot less likely that it will be lost.
2. The Al Quaida concern.
The terrorist groups already use/have access to secure communications for email. Martus is designed for human rights bulletins. While it is conceivable that terrorists could use it, why would they if they have better tools for their needs? I like to use the example of guns/machetes/hoes. All of them can be used in committing genocide. Hoes just happen to be far better for farming than for killing, and it's rare for them to be used as a weapon. Design is a strong signal of intention.
1. Crypto is not the end-all security answer.
We agree. Much of our documentation is designed to educate about this issue. The main security threats to this data are not someone cracking a strong crypto solution, by our attack analysis. It's the bad password, snooped keyboard strokes, torture, etc. We are also pretty upfront that today's strong crypto is the next generation's college coding project. Our crypto makes HR data 99% more secure (maybe 95%). The most important thing is that it gives these groups more control over their information and makes it a lot less likely that it will be lost.
2. The Al Quaida concern.
The terrorist groups already use/have access to secure communications for email. Martus is designed for human rights bulletins. While it is conceivable that terrorists could use it, why would they if they have better tools for their needs? I like to use the example of guns/machetes/hoes. All of them can be used in committing genocide. Hoes just happen to be far better for farming than for killing, and it's rare for them to be used as a weapon. Design is a strong signal of intention.
