[Ow-tech] Open Secure Wireless discussion
dpreed at reed.com
dpreed at reed.com
Wed May 28 08:07:27 PDT 2014
It's a general, personal concern about packages/subsystems making security claims.
Since security requires much more than encryption and key management, and since the public lacks even the most elementary notions of how one builds systems secure against the broad set of (technical meaning here:) adversaries and threat models they must worry about, it's important to start a discipline of clarity in claims made.
Part of that discipline should be some kind of explanation of how easy it might be to subvert the package/subsystem for certain goals. Another part should be clarity on what threats it can be used for, and what threats it will do nothing for.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.eff.org/mailman/private/ow-tech/attachments/20140528/26958d6e/attachment.html>
More information about the Ow-tech
mailing list