[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[freehaven-cvs] typos, minor fixes, and fill-ins

To: freehaven-cvs@freehaven.net
Subject: [freehaven-cvs] typos, minor fixes, and fill-ins
From: arma@seul.org (Roger Dingledine)
Date: Fri, 22 Oct 2004 00:10:29 -0400 (EDT)
Delivered-to: archiver@seul.org
Delivered-to: freehaven-cvs-outgoing@seul.org
Delivered-to: freehaven-cvs@seul.org
Delivery-date: Fri, 22 Oct 2004 00:11:48 -0400
Reply-to: freehaven-dev@freehaven.net
Sender: owner-freehaven-cvs@freehaven.net

Update of /home/freehaven/cvsroot/doc/wupss04
In directory moria.mit.edu:/home2/arma/work/freehaven/doc/wupss04

Modified Files:
	usability.tex 
Log Message:
typos, minor fixes, and fill-ins


Index: usability.tex
===================================================================
RCS file: /home/freehaven/cvsroot/doc/wupss04/usability.tex,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -d -r1.2 -r1.3
--- usability.tex	20 Oct 2004 18:21:59 -0000	1.2
+++ usability.tex	22 Oct 2004 04:10:27 -0000	1.3
@@ -21,11 +21,11 @@
 
 While security software is the product of developers, the operation of
 software is a collaboration between developers and users.  It's not enough
-to develop software that can be used securely; software that isn't usable
-often suffers in its security as a result.
+to develop software that is possible to use securely; software that
+isn't usable often suffers in its security as a result.
 
-For example, suppose that there are two popular mail encryption programs:
-HeavyCryto, which is more secure (when used correctly), and LightCrypto,
+For example, suppose there are two popular mail encryption programs:
+HeavyCrypto, which is more secure (when used correctly), and LightCrypto,
 which is easier to use.  Suppose you can use either one, or both.  Which
 should you choose?
 
@@ -54,7 +54,7 @@
 can't or won't use it correctly, its ideal security properties are
 irrelevant.
 
-* How bad usability can thwarts security
+* How bad usability can thwart security
 
 [[Brainstorm up a big list.  Possibilities include:
   - Useless/insecure modes of operation.
@@ -71,14 +71,15 @@
 
 Usability is an important parameter in systems that aim to protect data
 confidentiality.  But when the goal is {\it privacy}, it can become even
-more so.  A large category of {\it anonymity networks}, such as XXX, XXX,
-and XXX, aim to hide not only what is being said, but also who is
+more important.  A large category of {\it anonymity networks}, such as
+Tor, JAP, Mixminion, and Mixmaster, aim to hide not only what is being
+said, but also who is
 communicating with whom, which users are using which websites, and so on.
 These systems are used by XXX, XXX, XXX, and XXX.
 
 Anonymity networks work by hiding users among users.  An eavesdropper might
 be able to tell that Alice, Bob, and Carol are all using the network, but
-should not be able to tell which one of them is talking to Dave.  This
+should not be able to tell which of them is talking to Dave.  This
 property is summarized in the notion of an {\it anonymity set}---the total
 set of people who, so far as the attacker can tell, might be the one engaging
 in some activity of interest.  The larger the set, the more anonymous the
@@ -95,24 +96,26 @@
 need to act like each other.  If Alice's client acts completely unlike Bob's
 client, or if Alice's messages leave the system acting completely unlike
 Bob's, the attacker can use this information.  In the worst case, Alice's
-messages are distinguishable entering and leaving the network, and the
-attacker can treat Alice and those like her as if they were on a separate
-network of their own.  But even if Alice's messages are only distinguishable
-as they leave, an attacker can use this information to break exiting messages
-into ``messages from User1,'' ``messages from User2,'' and so on, and can now
+messages stand out entering and leaving the network, and the attacker
+can treat Alice and those like her as if they were on a separate network
+of their own.  But even if Alice's messages are only recognizable as
+they leave the network, an attacker can use this information to break
+exiting messages into ``messages from User1,'' ``messages from User2,''
+and so on, and can now
 get away with linking messages to their senders as groups, rather than trying
 to guess from individual messages.  Some of this {\it partitioning} is
 inevitable: if Alice speaks Arabic and Bob speaks Bulgarian, we can't force
 them both to learn English in order to mask each other.
 
-What does this imply for usability?  More so than before, users of anonymity
+What does this imply for usability?  More so than with encryption systems,
+users of anonymity
 networks may need to choose their systems based on how usable others will
 find them, in order to get the protection of a larger anonymity set.
 
 * Case study: Usability means users, users mean security.
 
-We'll consider an example.  Practical anonymity networks fell into two broad
-classes. {\it High-latency} networks like Mixminion or XXX can resist very
+We'll consider an example.  Practical anonymity networks fall into two broad
+classes. {\it High-latency} networks like Mixminion or Mixmaster can resist very
 strong attackers who can watch the whole network and control a large part of
 the network infrastructure.  To prevent this ``global attacker'' from linking
 senders to recipients by correlating when messages enter and leave the
@@ -165,3 +168,4 @@
 XXXX NICK WRITES MORE HERE
 
 \end{document}
+

***********************************************************************
To unsubscribe, send an e-mail to majordomo@seul.org with
unsubscribe freehaven-cvs       in the body. http://freehaven.net/

Prev by Author: [freehaven-cvs] finish first draft of wpes04 slides
Next by Author: [freehaven-cvs] slides for wpes04 talk
Previous by thread: [freehaven-cvs] Add NICK WRITES MORE HERE notes
Next by thread: [freehaven-cvs] add a bunch more sections
Index(es):
- Author
- Thread