
EFF Secure Messaging Scorecard - ptype
https://www.eff.org/secure-messaging-scorecard
======
tptacek
This scorecard is terrible, and does multiple disservices to the cause of
getting people to use secure messengers:

[https://news.ycombinator.com/item?id=10525266](https://news.ycombinator.com/item?id=10525266)

~~~
dsp1234
Generally you have advocated TextSecure as one of the only good available
options.

Given the comments you linked to, and the time that has passed. Is this still
your top suggestion?

Additionally, in your mind, what criteria are most important for you (if you
were going to build your own scorecard, which I know you cautioned against) to
help the cause of getting people to use secure messaging?

Put another way, if a new secure messaging service came out, how would you
identify that it's a TextSecure-like recommendation vs a cryptocat-like
recommendation (other than the obvious 'they rolled their own encryption, and
did it badly')?

~~~
tptacek
Most cryptographers, if pressed on the question of which secure messenger they
would trust most purely based on sound cryptography, would say
TextSecure/Signal. TextSecure is one of two secure messaging schemes --- the
other being Silent Circle's† --- designed from the beginning to be
cryptographically secure, and not as an instant messenger first and a secure
transport second.

The other approach, of designing user-friendly instant messaging systems and
then layering cryptography on top, has been pretty much an unmitigated
disaster. Cryptocat is the post child for these systems --- and the EFF
scorecard gave it a perfect score! Some of these systems DIY their crypto ---
Telegram is like that, as was Cryptocat --- and suffer accordingly. Others
pull in secure cryptography libraries like Nacl/Sodium. Those are marginally
more secure, but cryptographic secure messaging is its own problem domain, and
Nacl/Sodium doesn't help much with them.

For me, the most important question in a secure messenger is whether _it 's
actually secure_. The second most important question is _how many people can I
talk to using it_. A very, very distant third question is "how usable is it?"

There's no one system that gives you all those attributes, so I suggest
looking at secure messaging as 2-3 problems, not just one:

[https://news.ycombinator.com/item?id=11454172](https://news.ycombinator.com/item?id=11454172)

If it was up to me, there wouldn't be scorecards for secure messaging systems.
I think they intrinsically oversimplify a complicated problem. But I have a
lot of thoughts on what would and wouldn't make such a scorecard less
terrible. I'm waiting for EFF to release the "re-done" scorecard to write them
up.

† _Silent circle is at an uncomfortable intersection of being closed source
and not particularly popular, so it doesn 't get much attention._

~~~
pvg
>designing user-friendly instant messaging systems and then layering
cryptography on top, has been pretty much an unmitigated disaster.

Hang on, what about iMessage or OTR-over-anything.

------
finnn
No Conversations/OMEMO thing and lists Signal/Redphone separately from
TextSecure?

~~~
tptacek
That it's not kept up to date is one of the lesser problems with the
scorecard.

------
CameronBanga
Curious to see what someone like tptacek notes on this. From what I recall of
the past, either him or someone else (Matthew Green maybe?) has had
significant issues with the EFF's scorecards.

~~~
dguido
I think we have talked this issue to death and I'm sad to see this on the
front page, again. This list is one of the worst, if not the worst, public
initiatives ever undertaken by the EFF. More than anything, it represents how
the EFF has lost their way on technical security issues, yet they still feel
confident enough to purport themselves an authority on the topic. It's
actively harmful to people that need this kind of advice and harmful to people
with real advice to give.

[https://twitter.com/thegrugq/status/722086033458790400](https://twitter.com/thegrugq/status/722086033458790400)

[https://twitter.com/thegrugq/status/722084986413649920](https://twitter.com/thegrugq/status/722084986413649920)

Their continued support for this messaging scorecard is one of the primary
reasons I no longer support the EFF.

