[Cryptography] protecting information ... was: we need to protect our dox

Tom Mitchell mitch at niftyegg.com
Thu Nov 10 00:08:35 EST 2016

On Wed, Nov 9, 2016 at 4:28 PM, Ron Garret <ron at flownet.com> wrote:

> On Nov 9, 2016, at 1:41 PM, John Denker <jsd at av8n.com> wrote:
> > As part of asking
> >  What's Your Threat Model (WYTM)?
> > we need to ask
> >  What's Your Security Perimeter (WYSP)?
> This really needs to be emphasized.  I meet people all the time who ask me
> if I can build them a magic USB dongle that they can plug in to their
> computer and somehow make it magically secure.  I have to explain to them
> that the very fact that they are asking this question -- that this
> possibility is part of their world view -- is a big part of the problem.
> Most of them don’t like hearing that.

One should add "Intel Compute Stick" to the magic thing pile.
Today I would quickly dismiss them but tomorrow a phone or
pocket size secure device of sufficiently interesting design would
be no harder to lug about than a "Magic USB dongle".

It makes sense that dumb like dirt keyboards, mice and displays
be universal public resources.   The display expectation in turn
could become a very portable VR headset.

Risk/Threat models run from the modest 12 year olds girls diary
vs. her brother to issues of national security in times of war or
the security of nuclear weapons.

To begin the interface and expectation of privacy needs to embrace
the 12 year old.  If done correctly the interface at all levels will be
self-similar and like classic Apple UI goals it will all just work.


  T o m    M i t c h e l l
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20161109/7d652f2e/attachment.html>

More information about the cryptography mailing list