[Cryptography] Boing Boing pushing an RSA Conference boycott

Tue Jan 14 18:15:37 EST 2014

Disagree. Lavabit is a good example only in that they did the right
thing in the face of legal pressure. That is politically very
important and I'm thankful that they did it, but they are a terrible
example every other way. They had an insecure system ("let us store
your keymatter, your ciphertext, and receive your passphrase - but we
can't decrypt it, honest!"). It was possible to put that system under
legal pressure. That should not have been possible.

If we were to see Lavabit resume (as they tried to do with vague
promises of releasing their currently existing source code in exchange
for large sums of money - see
http://www.kickstarter.com/projects/ladar/lavabits-dark-mail-initiative ),
I would hope that this community would hold them to a very high
standard. Moxie has attempted to do so with good results:
http://www.thoughtcrime.org/blog/lavabit-critique/

I do not mean to say that these people cannot produce secure systems,
merely that they have misled people in the past in ways where they
certainly should have known better.

  - Smári

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.15 (GNU/Linux)
Comment: Using GnuPG with Icedove - http://www.enigmail.net/

iQIcBAEBAgAGBQJS1cUZAAoJENXcKnnC5K6S2mEP/04w6puGjlkkxqKOffRx3/MW
Bzbd86+jGPXlsM6PpDZEe0BG4hHK2MzZ7UyTQ6AughtuivX2ACPiF4nHb4Oyn0E7
HGR6PMHjRfULG9j+VBSsQrszIylhPemg+m71HrwcF5/2pDPEdIpF6ct2BlIh5w2k
6uh/gLTXPIRKgLCBXnWFQJrh3x/YtCzoef+/bgjSkp9G5miUNn3CP9+0B8JMrtoo
R32cCjTjVfDd7WvF5JEc4bS+kLWY+tQTSJh15ok8JYjqAooj/MKP6AJR7ZmBmb9C
56iCUTIs6q5hxb/v8hbIM48Zq8f/V2D2RnMskKmk3jMyT2AvQq3VuLyngwwf4ce5
BsU7sRuTuL7gPp4StSOjQoXHroLUuIB/igWxnpy6uTLBpgSU0KJwXFE3WaihrHMf
vyZMGRZS6Wtl2e7LWY9fLyRSc3yr+hACgUfQnhsQqHKk0Ezz2dkIb1Dy2F9wax/8
icxYTC8mTvEwrbwv8pYYMd9gzmG9aQszdnZtnMeon01TFtql2rtBSAvImwdPdQ7q
7FQ2MfyviD9Bj7EkfU/jegvznLPQ0y4DDRnm6V0s5aBe5HAFrcPz7ADcHtbakVeg
9v0XcEg2kpJDonoNlTyEQbHF0+zoQABCUrXN7m/kBSvexUttEhwiHCqLAx9tWFF+
+7wu9xY1aBUob1Obg2Du
=qFqX
-----END PGP SIGNATURE-----