[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-talk] Successful experiment boosting the number of users using OpenPGP verification for file download
Hi!
I hope you are interested in the results of a little experiment.
Q: How many users downloaded OpenPGP signatures with the old design of
download page? (You can see the design here: [1] [2])
A: 1 in ~30 users.
Q: How many users downloaded OpenPGP signatures after adding a colored
download table, which indicates, that http downloads without OpenPGP
verification is the least secure method, to the download page? (You can
see the design here: [3])
A: 1 in ~11 users.
Note: This is only an approximation. No experiment meeting scientific
standards. However, while the number of downloads didn't decrease, the
number of signature downloads significantly increased. Which is a good
thing, isn't it? Downloading a signature doesn't imply, the user
successfully managed to use OpenPGP verification or that the user
couldn't be tricked or just ignored an invalid signature error message.
You can get some more information and more detailed statistics here: [5] [6]
This is also a follow up to: "[liberationtech] secure download tool -
doesn't exist?!?" [4]
Cheers,
adrelanos
Footnotes:
[1] http://www.webcitation.org/6IWk5h4E9
[2] Please ignore the "Moved to https://www.whonix.org" part. That
snapshot has been forgotten and made later. Nevertheless it gives an
impression how the old download page looked like.)
[3] http://www.webcitation.org/6IWk5h4E9
[4]
https://mailman.stanford.edu/pipermail/liberationtech/2013-July/009625.html
[5] https://whonix.org/wiki/Dev/Download_Statistics
[6] http://www.webcitation.org/6IWlyqokZ
--
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk