Two dumb ideas: abandoning encrypted email and using phone numbers as account names
The text below is NOT mine. But I agree with pretty much everything it says, and it says things about email, instant messaging and online identity that everybody should know, here it goes.
Background: PGP (Pretty Good Privacy) is a decades-old software standard and program that is still used to encrypt email. In mid-May 2018 a critical bug was discovered in PGP. The text below is a comment of the critiques to PGP, and suggestions for its replacement, made in those days. I probably copied it from some email, or Facebook discussion, but I stupidly forgot to write down also who the author was. So if you are the author, please email me because I want to credit you.
“Cryptography experts are right. But I still think they’re mostly wrong”
(Emphasis is mine)
The experts are right about many things. OpenPGP is old and more recent tools with more modern designs have a lot going for them. But I still think they’re mostly wrong.
The experts, by and large, have yet to offer any credible replacements for PGP. And when they suggest abandoning PGP, what they’re really saying is we should give up on secure e-mail and just use something else. That doesn’t fly. Many people have to use e-mail. E-mail is everywhere. Not improving the security of e-mail and instead expecting people to just use other tools (or go without), is the security elite proclaiming from their ivory tower: “Let them eat cake!”
Furthermore, if that “something else” also requires people use their phone number for everything… well, that’s the messaging world’s equivalent of the widely despised Facebook Real Name Policy. If you ever needed a clear example of why the lack of diversity (and empathy) in tech is a problem, there it is!
Compartmentalization, presenting different identities in different contexts, is a fundamental, necessary part of human behaviour. It’s one of the basics. If you think taking that away and offering fancy crypto, forward secrecy, deniability instead is a win… well, I think your threat models need some work! You have failed and people will just keep on using insecure e-mail for their accounting, their work, their hobbies, their doctor visits and their interaction with local government. Because people know their needs better than you do.
But I digress.
The ridiculous phone number thing aside, I also take issue with the fact that when our opinionated experts do suggest replacements, the things they recommend are proprietary, centralized and controlled by for-profit companies. Some of them (mostly the underdogs) may be open source, but even the best of those use a centralized design and are hostile to federation. In pursuit of security and convenience (and, let’s be honest, control, power and money), openness has been hung out to dry.
This is short-sighted at best.
These cool new apps may be secure today. But what about tomorrow? Odds are, they will be compromised by government mandate, blocked or shut down.
What else could I (Marco) add? Only the confirmation of one thing: the context collapse brought by Facebook, WhatsApp and yes, even Telegram, with their “ridiculous phone number thing” is indeed ridiculous. Really ridiculous. If the unknown author above hasn’t convinced you yet, please read my own version of the same thesis.