{"id":99,"date":"2006-08-29T09:42:20","date_gmt":"2006-08-29T09:42:20","guid":{"rendered":"http:\/\/blog.bananasplit.info\/?p=99"},"modified":"2006-08-29T09:42:20","modified_gmt":"2006-08-29T09:42:20","slug":"freenigma-the-cost-of-user-friendliness","status":"publish","type":"post","link":"https:\/\/blog.stmellion.org\/?p=99","title":{"rendered":"Freenigma (The cost of user-friendliness)"},"content":{"rendered":"

Ben Laurie\u00e2\u20ac\u2122s Blog<\/a> drew my attention again this morning when I read his posting<\/a> about Freenigma<\/a>, a PGP\/GnuPG plug-in for Firefox<\/a>. This plug-in raises the question as to whether increased user-friendliness justifies a relaxation in security. In my opinion, this is an absolute no no. The objective of such a system must be security with user-friendliness a secondary goal. There\u00e2\u20ac\u2122s no point in having a broken security system that\u00e2\u20ac\u2122s user-friendly.<\/p>\n

There will be claims that Freenigma<\/a> is intended for people with no understanding of security or crypto, but this makes the situation even worse as these people also have no understanding of the implications of using such a system. Encouraging them to use it is little different to phoning them and asking for their pin number. Try telling a security expert that he should upload his private key to a publicly accessible server. Many security experts wouldn\u00e2\u20ac\u2122t even keep a master private key on their own computers, let alone on someone else\u00e2\u20ac\u2122s.<\/p>\n

Systems such as GnuPG<\/a> were designed to be bullet-proof from a security perspective. Despite this they still have weaknesses that are discovered and patched on a fairly frequent basis. So how can you even begin to maintain and maintain a good reputation for a security system that\u00e2\u20ac\u2122s insecure by design?<\/p>\n","protected":false},"excerpt":{"rendered":"

Ben Laurie\u00e2\u20ac\u2122s Blog drew my attention again this morning when I read his posting about Freenigma, a PGP\/GnuPG plug-in for Firefox. This plug-in raises the question as to whether increased user-friendliness justifies a relaxation in security. In my opinion, this is an absolute no no. The objective of such a system must be security with… Continue reading Freenigma (The cost of user-friendliness)<\/span><\/a><\/p>\n","protected":false},"author":24,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[18],"tags":[],"class_list":["post-99","post","type-post","status-publish","format-standard","hentry","category-security","entry"],"_links":{"self":[{"href":"https:\/\/blog.stmellion.org\/index.php?rest_route=\/wp\/v2\/posts\/99","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.stmellion.org\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.stmellion.org\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.stmellion.org\/index.php?rest_route=\/wp\/v2\/users\/24"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.stmellion.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=99"}],"version-history":[{"count":0,"href":"https:\/\/blog.stmellion.org\/index.php?rest_route=\/wp\/v2\/posts\/99\/revisions"}],"wp:attachment":[{"href":"https:\/\/blog.stmellion.org\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=99"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.stmellion.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=99"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.stmellion.org\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=99"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}