Editing Security usability
The edit can be undone. Please check the comparison below to verify that this is what you want to do, and then publish the changes below to finish undoing the edit.
Latest revision | Your text | ||
Line 1: | Line 1: | ||
'''This is a WIP page, come back later.''' | |||
This is a quick page on my feelings towards security and how most security software fails to be usable. | This is a quick page on my feelings towards security and how most security software fails to be usable. | ||
== Background == | == Background == | ||
Recently I read the article [https://wonderfall.dev/fdroid-issues/ F-Droid: how is it weakening the Android security model?] which provides a critique of F-Droid's security model and recommends people use Google Play Store. | Recently I read the article [https://wonderfall.dev/fdroid-issues/ F-Droid: how is it weakening the Android security model?] which provides a critique of F-Droid's security model and recommends people use Google Play Store. | ||
The GrapheneOS developers provided similar critique but it contains numerous uncorrected errors. Instead of correcting this information they have chosen to [https://twitter.com/SylvieLorxu/status/1497624955705565188 threaten SylvieLorxu with legal action] for pointing out these mistakes. I strongly recommend reconsidering any trust towards GrapheneOS and its developers given | The GrapheneOS developers provided similar critique but it contains numerous uncorrected errors. Instead of correcting this information they have chosen to [https://twitter.com/SylvieLorxu/status/1497624955705565188 threaten SylvieLorxu with legal action] for pointing out these mistakes. I strongly recommend reconsidering any trust towards GrapheneOS and its developers given their priorities shown here. | ||
== Usability == | == Usability == | ||
Line 26: | Line 26: | ||
==Key management== | ==Key management== | ||
It's hard to discuss any security solution without discussing | It's hard to discuss any security solution without discussing keys, so allow me to sidetrack for a minute. | ||
Keys are private tokens used in almost all modern security software to gain some useful security property such as confidentiality or authenticity. Unfortunately almost all modern security software requires manual key management. This dumps a few tasks on people. | Keys are private tokens used in almost all modern security software to gain some useful security property such as confidentiality or authenticity. Unfortunately almost all modern security software requires manual key management. This dumps a few tasks on people. | ||
Line 42: | Line 42: | ||
The second task is backing up keys. People have to: | The second task is backing up keys. People have to: | ||
* Create a secure storage location | |||
* Copy the keys to the location | |||
* Backup the secure storage location as well | |||
Unless keys are used for something very important like signing packages or cryptocurrencies, people don't put much effort in to this | Unless keys are used for something very important like signing packages or cryptocurrencies, people don't put much effort in to this step. Skipping this step can result in wasted time or loss of data, or even loss of finances. | ||
In the case where they do take steps to back things up they have to have enough knowledge to do it securely and create redundant backups. Doing this step wrong (such as by backing up a key to cloud storage) can result in compromised keys. | |||
The third step is to manage revoking and rotating keys. People have to: | The third step is to manage revoking and rotating keys. People have to: | ||
Line 60: | Line 60: | ||
Requiring people to manage keys themselves is asking for a lot of trouble and mistakes. So why do it? | Requiring people to manage keys themselves is asking for a lot of trouble and mistakes. So why do it? | ||
The answer is simple: Trust. | The answer is simple: Trust. Who do you trust to verify keys for you? Who do you trust to backup your keys? Who do you trust to revoke and rotate your keys? Whoever or whatever you trust to accomplish these tasks becomes another link in the chain of security, and if this link is compromised then so are you. Security software that uses manual key management tries to avoid adding links to this chain of trust and instead act as a tool. A tool that's as secure as the person using the software. If you're diligent then the software won't betray you, but if you're sloppy then the software won't protect you. | ||
Whoever or whatever you trust to accomplish these tasks becomes another link in the chain of security, and if this link is compromised then so are you. Security software that uses manual key management tries to avoid adding links to this chain of trust and instead act as a tool. A tool that's as secure as the person using the software. If you're diligent then the software won't betray you, but if you're sloppy then the software won't protect you. | |||
My problem with this answer is that it brings up another question: Why doesn't the software mimic the trust I already have as a person? | My problem with this answer is that it brings up another question: Why doesn't the software mimic the trust I already have as a person? | ||
Line 78: | Line 72: | ||
A lot of this really makes sense once you look in to the people that actually develop security software: They're almost always knee deep in to crypto-anarchism and other libertarian ideologies that hold the individual as the sole authority over one's life, with a rejection of things like mutual aid and social structures. These developers have an explicit distrust of authorities, big or small. | A lot of this really makes sense once you look in to the people that actually develop security software: They're almost always knee deep in to crypto-anarchism and other libertarian ideologies that hold the individual as the sole authority over one's life, with a rejection of things like mutual aid and social structures. These developers have an explicit distrust of authorities, big or small. | ||
== | ==Is F-Droid worse than Google Play?== | ||
Now that I've explained how I feel about security and usability, I'm going to circle back to the | Now that I've explained how I feel about security and usability, I'm going to circle back to the blog post I mentioned at the start of this page. It focused on how F-Droid doesn't abide by the Android way of doing things. It's a good read but arrives at a strange conclusion: Use Play Store for top-notch security. | ||
It | |||
- permissions | |||
- f-droid | |||
- curation | |||
-etc | |||