[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Tor as a sort of "library/dependancy" for third party software



Disclaimer: That's becoming slightly off-topic.

On 9/29/11 1:19 AM, Joe Btfsplk wrote:
>> p.s. The alternative to provide the same degree of security/usability is
>> to use a Java Applet with file upload+file encryption+silvertunnel as a
>> Tor Client layer.
> I'm curious (& forgive my ignorance), but what kind / situation of
> whistle blower do you mean that would use this application?

First of all GlobaLeaks doesn't try to address *all possible conditions
of whistleblowing* but most of them, starting from a very paranoid
approach (ex: a whistleblower in Iran submitting sensitive material or
even an Italian employee of a public administration in south of
Italy...) up to a absolutely relaxed approach (ex:corporate environment
integrated with active directory for whistleblower
authentication/identification).

Second we must always think:
Who is the "average whistleblower" in the real world (not in the
wikileaks mediatic world)?
It's an ignorant. It's someone that's not practical with technology.
You need to think that on other other side of the monitor there is a
"dumb user" that may have a valid motivation or not for his
submission/report and he is prone to making mistake..

Even if darwin told us the story about the evolution and that person
should evolve or die, because a submission by a whistleblower can be of
public interest, we should try to help him in avoiding making too much
mistakes (at least with technology).

Then, because Whistleblowing is not "technology" but it's something
human and social, the mistakes are mainly done into the "social sphere"
and not into the "technological sphere".

We're trying at least to provide ways to "reduce" the mistakes that a
Whistleblower can do on a "technological sphere".

The context of use can be "so many" that we can only generally work on
different submission process with different degree of usability vs
security scenario and make them available.

Like Tor, that's agnostic respect to it's use.

Then the "humans" will do the rest.

-naif
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk