Alice and Bob are Really Confused
This is a modal window.
Das Video konnte nicht geladen werden, da entweder ein Server- oder Netzwerkfehler auftrat oder das Format nicht unterstützt wird.
Formale Metadaten
| Titel |
| |
| Serientitel | ||
| Anzahl der Teile | 109 | |
| Autor | ||
| Lizenz | CC-Namensnennung 3.0 Unported: Sie dürfen das Werk bzw. den Inhalt zu jedem legalen Zweck nutzen, verändern und in unveränderter oder veränderter Form vervielfältigen, verbreiten und öffentlich zugänglich machen, sofern Sie den Namen des Autors/Rechteinhabers in der von ihm festgelegten Weise nennen. | |
| Identifikatoren | 10.5446/36354 (DOI) | |
| Herausgeber | ||
| Erscheinungsjahr | ||
| Sprache |
Inhaltliche Metadaten
| Fachgebiet | ||
| Genre | ||
| Abstract |
|
DEF CON 2374 / 109
12
19
20
23
24
29
32
33
36
51
58
60
62
66
67
68
69
70
71
77
82
84
85
88
89
92
98
99
103
104
107
00:00
COMCoxeter-GruppeSchreib-Lese-KopfComputerunterstützte ÜbersetzungPerspektivePunktSoftwareentwicklerVersuchsplanungVersionsverwaltungCASE <Informatik>KryptologieRechenschieberGraphische BenutzeroberflächeSingularität <Mathematik>DatenmissbrauchGoogolProgramm/Quellcode
01:01
KryptologieJensen-MaßMAPHaar-MaßMereologieProgrammbibliothekIRIS-TVerbindungsloser ServerRippen <Informatik>SkriptspracheDatenmissbrauchDefaultInternetworkingBitProgrammbibliothekBenutzerfreundlichkeitMultiplikationsoperatorComputersicherheitMAPt-TestKryptologieFlächeninhaltTotal <Mathematik>DifferentePhysikalisches SystemMinkowski-MetrikDemoszene <Programmierung>Endliche ModelltheorieApp <Programm>Protokoll <Datenverarbeitungssystem>MathematikCASE <Informatik>WinkelverteilungNichtlinearer OperatorNeuroinformatikPerspektiveComputerunterstützte ÜbersetzungTwitter <Softwareplattform>GradientHackerMooresches GesetzCross over <Kritisches Phänomen>GrundraumBrowserComputerspielSichtenkonzeptDigitalisierungLeistung <Physik>Mixed RealityUmwandlungsenthalpieComputeranimation
04:35
Interface <Schaltung>BenutzeroberflächeSoftwareEinsComputersicherheitMailing-ListeFundamentalsatz der AlgebraPerspektiveVorlesung/Konferenz
05:20
Data Encryption StandardPrototypingSoftwareInverser LimesMathematikSchriftzeichenerkennungATMMixed RealityComputersicherheitMaschinenschreibenProgramm/QuellcodeComputeranimation
05:56
StereometrieSoftwareInverser LimesData Encryption StandardPrototypingSoftwaretestSpannweite <Stochastik>CADGroße VereinheitlichungProgrammpaketComputersicherheitATMTabelleCASE <Informatik>KryptologieSoftwareGoogolPhysikalisches SystemE-MailFront-End <Software>SpieltheorieDatenmissbrauchSoftwaretestDebuggingCodeDemoszene <Programmierung>Schnitt <Mathematik>BitDifferenteOpen SourceQuick-SortIntegralt-TestHyperbelverfahrenDefaultPrototypingProgramm/Quellcode
07:43
Inverser LimesSoftwarePrototypingMulti-Tier-ArchitekturCADStereometrieData Encryption StandardSoftwareIterationSoftwaretestFunktionalWeb SiteMorphismusBestimmtheitsmaßVerkehrsinformationKryptologieDatenbankProgramm/Quellcode
08:27
Inverser LimesSoftwareCADStereometriePrototypingMessage-PassingPublic-Key-KryptosystemKryptologieTermElektronischer FingerabdruckSchlüsselverwaltungDatenmissbrauchReelle ZahlQuick-SortDemoszene <Programmierung>MultiplikationsoperatorComputerspielChiffrierungProgramm/Quellcode
09:22
RohdatenKraftKette <Mathematik>InternetworkingKryptologieProzess <Informatik>SoftwaretestSoundverarbeitungSoftware
09:58
InternetworkingKraftKette <Mathematik>Elektronisches ForumEnergiedichteOvalSummierbarkeitComputeranimation
10:32
InternetworkingKraftKette <Mathematik>Elektronisches ForumEinfacher RingSukzessive ÜberrelaxationProzess <Informatik>DigitalisierungVorzeichen <Mathematik>Anwendungsspezifischer ProzessorMultiplikationsoperatorKryptologieOpen SourceQuick-SortArithmetisches MittelReibungswärmeSoftwareMehrrechnersystemÄquivalenzklasse
11:18
KraftKette <Mathematik>InternetworkingSpieltheorieWeb SitePrimidealHash-AlgorithmusInstallation <Informatik>Physikalisches SystemInternetworkingVerknüpfungsgliedElektronischer FingerabdruckMehrrechnersystemAnalogieschluss
12:13
Digitale PhotographieWeb logKartesische KoordinatenKryptologieCOMSoftwareComputersicherheitQuick-SortBaumechanikKonstruktor <Informatik>
12:53
SpieltheorieDigitale PhotographieOrdnung <Mathematik>MultiplikationsoperatorProgrammfehlerWeg <Topologie>Äußere Algebra eines ModulsSoftwareKontextbezogenes SystemKryptologieDifferenteSpieltheorie
13:38
Diskrete-Elemente-MethodeTouchscreenKryptologieATMRechter WinkelIndexberechnung
14:22
Diskrete-Elemente-MethodeTelekommunikationBildschirmsymbolGruppenoperationGüte der AnpassungProzess <Informatik>Graphische BenutzeroberflächeDifferenteGraphfärbungBildschirmfensterCASE <Informatik>Quick-Sort
15:09
ATMMAPComputeranimation
15:47
ATMWärmeleitfähigkeitMultiplikationsoperatorGüte der AnpassungComputeranimation
16:47
ATMTouchscreenSoftwareMultiplikationsoperatorOffice-PaketAusnahmebehandlungMessage-PassingCASE <Informatik>Cookie <Internet>RouterTabelleInformationsspeicherungÜberlagerung <Mathematik>Graphische BenutzeroberflächeComputeranimation
17:53
ATMProdukt <Mathematik>BrowserProxy ServerATMObjektorientierte ProgrammierspracheBildschirmfensterNeuroinformatikDifferente
18:57
SystemaufrufKonfiguration <Informatik>Quick-SortZahlenbereichVersionsverwaltungCASE <Informatik>Physikalisches SystemGüte der AnpassungMaschinenschreibenMultiplikationsoperator
20:53
Web logElektronischer FingerabdruckDatenmissbrauchTouchscreenElektronischer FingerabdruckSoftwareATMProtokoll <Datenverarbeitungssystem>Physikalisches SystemDifferenteArithmetisches MittelKontextbezogenes SystemSoftwareentwicklerEin-AusgabeComputersicherheitApp <Programm>Prozess <Informatik>Kartesische KoordinatenHalbleiterspeicherShape <Informatik>AnalogieschlussDigitalisierungCASE <Informatik>Streaming <Kommunikationstechnik>Programm/QuellcodeJSON
23:15
KonstantePersönliche IdentifikationsnummerData Encryption StandardROM <Informatik>ZeichenketteGeradeCodeProjektive EbeneEinfache GenauigkeitTermMessage-PassingPlastikkarteDivergente ReiheSoftwaretestPhysikalisches SystemVerkehrsinformationPersönliche Identifikationsnummert-TestMittelwertATMOpen SourceÄhnlichkeitsgeometriePasswortFrequenzTwitter <Softwareplattform>Metropolitan area networkRechenschieberBildgebendes VerfahrenOffice-PaketE-MailFigurierte Zahl
25:35
Message-PassingMessage-PassingApp <Programm>Physikalisches SystemStandardabweichungSoftwareSoundverarbeitung
26:39
Peer-to-Peer-NetzSoftwareentwicklerStandardabweichungCookie <Internet>ClientPlug inChatten <Kommunikation>Konfiguration <Informatik>Computerunterstützte ÜbersetzungSchwach besetzte MatrixService providerComputersicherheitDemoszene <Programmierung>Message-PassingCASE <Informatik>SystemplattformProtokoll <Datenverarbeitungssystem>DifferenteKryptologieDigitales Zertifikat
27:58
Interface <Schaltung>TouchscreenE-MailProzess <Informatik>Kontextbezogenes SystemDatensichtgerätMinimumServerCodeQuaderMultiplikationsoperator
28:58
Mixed RealityDifferentePasswortE-MailKontextbezogenes SystemZweiSchnittmengeComputersicherheitGruppenoperationDatenmissbrauchÄhnlichkeitsgeometrieProzess <Informatik>Programm/Quellcode
30:01
Prozess <Informatik>ThumbnailATMDifferentePunktInstallation <Informatik>QuaderDipolmomentProgramm/Quellcode
30:44
UnordnungPasswortWechselsprungApp <Programm>DefaultServerURLChiffrierungKartesische AbgeschlossenheitPASS <Programm>Güte der Anpassungt-Test
31:32
Digitale PhotographieWeb logChiffrierungSoftwaretestPASS <Programm>BenutzerfreundlichkeitStangenzirkelUmwandlungsenthalpiePunktSoftwaretestE-MailComputeranimationVorlesung/Konferenz
32:20
Cookie <Internet>Open SourceImplementierungOffene MengePunktE-MailWeb SiteInternetworkingBetafunktionMereologieGeradeQuaderInstallation <Informatik>BildschirmfensterGruppenoperationKryptologieCross over <Kritisches Phänomen>ComputersicherheitDifferenteSystemplattformInterface <Schaltung>SchnittmengeAuflösung <Mathematik>DatenmissbrauchProgrammfehlerMathematikTouchscreenE-MailMultiplikationsoperatorDatensichtgerätApp <Programm>Prozess <Informatik>Ganze FunktionInternetworkingBefehlsprozessorKontextbezogenes SystemZählenSynchronisierungServerOffene MengeNP-hartes ProblemHilfesystemDefaultEinfach zusammenhängender RaumWeb SiteChiffrierungProtokoll <Datenverarbeitungssystem>Ordnung <Mathematik>EDV-BeratungQuadratzahlFormation <Mathematik>PortabilitätComputeranimation
35:18
TypentheorieChiffrierungMultiplikationGewicht <Ausgleichsrechnung>GeradeMAPElektronische UnterschriftBitE-MailQuick-SortComputeranimation
35:53
MaßerweiterungBrowserGoogolMigration <Informatik>HackerComputersicherheitBrowserPhysikalisches SystemMaßerweiterungDienst <Informatik>DifferenteMessage-PassingBildschirmsymbolBildschirmfensterDebuggingEinhüllendeGoogolService providerCASE <Informatik>GefrierenBenutzerbeteiligungKontextbezogenes SystemE-MailComputeranimation
37:47
BrowserBrowserSelbst organisierendes SystemGamecontrollerInformationsspeicherungMaßerweiterungComputerarchitekturKontextbezogenes SystemFundamentalsatz der AlgebraPublic-Key-KryptosystemCachingTopologischer Vektorraum
38:23
MeterSoftwaretestNeuroinformatikHash-AlgorithmusPublic-Key-KryptosystemRippen <Informatik>Elektronische PublikationFaktor <Algebra>GoogolHypermediaGruppenoperationServerSchlüsselverwaltungElektronischer FingerabdruckSoftwaretestComputersicherheitVirtuelle MaschineChiffrierungMessage-PassingOpen SourceDifferenteWeb SiteDemoszene <Programmierung>Stützpunkt <Mathematik>FunktionalAggregatzustandEndliche ModelltheorieInverser LimesTwitter <Softwareplattform>Selbst organisierendes SystemMultiplikationDatenmissbrauchPunktTeilbarkeitSpezielle unitäre GruppeApp <Programm>Offene Menge
41:23
ChiffrierungMessage-PassingPublic-Key-KryptosystemElektronische PublikationE-MailVirtuelle MaschineNeuroinformatikSoftwareNotebook-ComputerARM <Computerarchitektur>BenutzerfreundlichkeitComputersicherheitExpertensystemSchlüsselverwaltungKryptologieVererbungshierarchiePunktwolkeFlächeninhaltFaktor <Algebra>SicherungskopieProgramm/Quellcode
Transkript: Englisch(automatisch erzeugt)
00:00
So, hi, I'm David. So, just a quick disclaimer. Some people are allergic to cats. I'm allergic by the lack of cats, so I will cough sporadically throughout this presentation, just a heads-up. Cool. So, this is a very obligatory, like, biography slide. This is really boring,
00:21
so I had to doge the kind of the sriracha presentations. So, I'm a developer by trade, but I've been doing more in the design and user experience world, so I've been kind of bringing in, like, UX and UI from a developer perspective. I help organizing crypto parties in New York City, Brooklyn, Manhattan, etc., Staten Island, even, at one point. And kind of the foray that I've
00:45
had into privacy-enhancing technology or something was the thing that I called case stacks, case.ac, which is a thing that basically turns your Google search history into a big mess. There's a version on GitHub that kind of works on Chrome, but not really. I don't know why I put the cypher punks thing. Yeah. Oh, also, I'm from New York.
01:02
Cool. So, here's kind of the typical story of what happens. There's been a lot more attention lately on a lot of privacy-enhancing technology, namely a lot of things that use crypto. So, people have been wanting to learn more about it. So, people come to crypto parties, they're like, hey, I want to do this stuff, like, you know, I want to be cool like
01:21
this. So, yes, we go there. Also exporting PNGs apparently gives you the white background by default instead of a black one. So, this is kind of the history of, like, what we're going to be talking about. Since December 2012, when the first crypto party
01:41
happened in New York, we've had like 24 of them, and they've kind of been everywhere. So, these are all different communities. They all have different skill levels, different sense, different areas of expertise. Not all of them are going to be, like, the holistic totality of security, cryptography, and the math behind it, and operational security. So, it's a myth. So,
02:04
you have hacker spaces where, like, these things end up kind of happening first because there's just enough of a crossover on Twitter between, like, hackers in the CCC and, like, Azure Wolf that it just, like, ends up happening. So, that's kind of the first audience. There's been a few of them at, like, Aquamom, Fat Cat Fab Lab, which just
02:22
recently had its relaunch, and my resistor, which I'm a member of. And a lot of people there are kind of more or less primed to the idea of, like, security and technology. So, but maybe less so on kind of usability, which I'll get into in a little bit. Libraries are kind of the
02:43
different story. We've done a few crypto parties at the Brooklyn Public Library and then Verso Books is not a library, but I added them in there because they've had a few things and it's kind of a silverware environment. And that brings in kind of a cross section of everybody in Brooklyn. So, not just, like, Williamsburg hipsters, but just, like, everybody. Like, people from, like, Coney Island and stuff. It's great.
03:03
They deal with a lot of new internet users. So, people that have never touched email outside of a web browser or, like, outside of an app. So, the whole idea of, like, a protocol being what's actually behind the scenes is a new thing. So, it's important to know, like, remember, like, what people's mental models are around, like, a lot of these systems. So, people already see it as being end-to-end, but it's really not.
03:23
Art galleries, just because, like, New York has them. Callux Institute is not an art gallery. It's the Callux Institute, but it's inside an art gallery, weirdly enough, because they have space. Maybe Castles is kind of this weird video game slash coding slash digital art
03:42
cool space that brings in, like, a lot of interesting folks. And they're kind of doing it just because, like, it's just an intrinsically, like, compelling thing to just be able to, like, have this technology that, like, you know, takes galaxies of computers worth, like, of computing power to actually, like, crack. So, they're coming in from a totally different
04:01
perspective. Not necessarily always having a specific case for it, but just, like, the coolness of having the ability to do that. Co-working spaces are kind of a different story. It's kind of a mix of, like, well, you know, I want to have, I just want to be more secure. The internet is, like, filthy and dangerous. Like, what do I do? So, that's kind of their perspective. They're used to using technology that is popular for conducting business,
04:22
but maybe not necessarily. Knowing the holistic view of just, like, what security means and all that. University is kind of the same kind of general issue, just, like, grad students being curious and just free food. So, I'm bringing this in from kind of a larger perspective, but one of the best avenues for that and kind of the first, like, place to
04:44
start, I think. So, the Macintosh human interface guidelines are actually really great for more than just Macintosh's from, like, OS2 in the 90s. Not OS2, like, the IBM OS2, but, like, the second OS.
05:02
The first two chapters or so kind of go through some of the fundamentals of user experience and user interface, and these are all just very valuable lessons that I'll just kind of dive into, and particularly some of the ones that, like, specifically deal with or have kind of issues with dealing with security software. So, here's some key lessons. So, we had this idea back in
05:24
the day of, like, modelessness, of just, like, having the ability to have, do multiple things without having to switch between different modes. So, like, you have the ability to, like, you know, print while you're doing something else and, you know, multitasking, etc.
05:43
The idea, though, is that, like, with security, you have a mix of modes, including the, I'm not even going to touch the VGA cable, the fact that a lot of this stuff is actually built, you have the idea of modes between secure and insecure mode, which are a
06:01
little weird because that's a very unique case of when not even touching the table. Something to keep in mind, and unfortunately, like, this is a place where people can really, really mess up really easily if this isn't done between Google. A lot of the crypto software that we have, or at least it's popular, is built on top of existing systems that were not
06:21
inherently designed to be secure. Email, XMPP, these things were not designed to be end-to-end software that just piggybacks on top of it, thus creating a difference between a default and secure and a, like, extra secure mode. So, yeah, this will, it's something to think about,
06:43
and there's very careful ways of, like, approaching that, that I'll get into in a little bit. There's also the idea of perceivability is, unfortunately, in the open source world, we tend to kind of code first and then kind of add a, like, UI later. It's kind of a problem because really, the user only sees the UI, like, they have no understanding of what's going on behind
07:03
the scenes or need for understanding what's going on behind the scenes in some cases, but they do perceive that any, like, breaking that happens in the front end immediately translates to them as something that's broken kind of underneath the hood as well. So, this
07:20
is something that's particularly important in crypto because, like, if you screw up in your privacy, then it's kind of game over. So, if you want to make sure that if something is working behind the scenes, but isn't on the front end, you want to make sure that the front end, the integrity of that matches what's going on in the back end as well. Otherwise, the workingness of the back end is just not communicated. They're going to assume it's broken.
07:41
User testing. So, there's, it's a good idea to prototype your software, just like iterate. So, instead of just, like, having one thing or it's like, all right, and then we're not touching it forever, kind of go through as you add more features, dog food them on people, get them to use it. At Hope, there was a great talk by Katie Nesmith,
08:02
which unfortunately there's only audio up on the Hope website. So, you should check it out if you want to learn, like, how to user test. There's also the idea of metaphors. This ties into the greater UX concept of teamorphism, where it's like, here's your contact book, but it's not a book. It's like a database inside your phone. But we use these things
08:21
to kind of explain, like, what a thing does and what its function is in the way you use it. And unfortunately, this is really hard in crypto because we have a lot of things that are really ambiguous, or we reuse some things like Diffie-Hellman created the idea of, like, public and private keys. But that was just because, like, for, like, all of the history of humanity, if you wanted to send an encrypted message, you had to share
08:44
a private key of some kind, or a private, like, cipher key. So, that sort of verb use was just, like, passed into it. So, it's like, oh, well, you have a public key and a private key. Now, in the real world, though, like, you can't really do anything with two keys. Like, my colleague from Crypto Party Phoenix, Will Bradley, came up with the idea of having a lock,
09:03
and then that is your, like, public key. And then, like, the actual private key is the key, and that makes more sense because you lock stuff up with your private key, with your public key. Or, sorry, you can lock things up with your private key and then distribute the public key for anybody that wants to send you something that you can only unlock. I also have issues with the term fingerprint as well, which I'll get into in a minute.
09:24
So, the more modern lesson, specifically from cryptography software, just from, like, years of kind of basically user testing in front of accidentally side-effective user testing with crypto parties, is there's an idea of, like, forgiveness in UX UI, where you have the, like, ability to undo something, to, like, you know, if you make a mistake, it's cool.
09:44
We'll just undo it. It's fine. You can't, like, if you screw up once in some of these, in some processes within a lot of crypto software, it's just done. Like, there is no undo. So, that means that you instead have to, like, make sure that people know what they're getting
10:02
into and kind of have things in your UI that communicate what's about to happen to mitigate mistakes. So, another thing is just, like, having too many tools. Like, we're looking at, say, like, GPG, for example. That typical setup is, that we usually prescribe, is essentially,
10:24
on OS X, for example, is, like, GPG tools, Thunderbird, Enigmail. And if you're doing, you know, checksums and all these things as you download them, it's somewhat unprocessed, like, and it's tedious. That's why people actually, like, even though they've read about it and they kind of get the idea of what to do, they'll wait until they get to a crypto
10:43
party before they actually attempt it, because there's so many steps involved that they don't want to mess any of them up, because, of course, crypto mistakes and crypto software mean ownage. Anyway, so, that's kind of the idea there. That's a huge force of friction for a lot of things. There's also, I'm just calling this, it's totally made up term, false hope,
11:03
where if there is something that could go wrong, or a feature might not be available, it might not be what they're used to, it's a good idea to warn the user ahead of time, just to, like, let them know. It's, like, this sort of digital equivalent of, like, the highway sign that has, like, cows or, like, goats or emus, where it's, like, you might hit a
11:22
cow if you come here. It's the same idea. You want to, like, kind of communicate what's about to happen, what prerequisites they need before they get to the next step, and I'll get into some examples with that as we go along. There's also just, like, the fact that, even if you have everything communicated 100% correctly, and it's awesome, and, like,
11:40
there's no confusion, the internet will fuck it up. Like, people will go home, do a DuckDuckGo search and be, like, I'm going to go look for XMPP and, oh, this website from 2003 says I need to install game, and game doesn't exist anymore because we named a pigeon, and it's also called Jabber in that system and not XMPP. So, there's one of those things where, like,
12:02
you have to mitigate the realities of the confusion of everybody else. Kind of prime example of that is just, like, explaining what a fingerprint is and then having analogies where it also could be called, like, a hash, for example. So, actually, before I did this talk, I had this idea in the back of my mind that I wanted to, uh, I wanted to actually start a tumblr blog
12:22
that was inspired from readthefuckinghead.tumblr.com, which is all about, like, calling out bad design and Mac applications, and I wanted to do that kind of with crypto software originally, but then I was just, like, looking at, like, how much that blog didn't solve, and, like, everybody, like, tweeted really hard, as snarky as they could, to try to fix
12:40
the security industry and design, and it just didn't work. So, in the spirit of kind of, uh, the sort of common themes of, uh, civility and empathy that we want to permeate through the tech industry, I'm just offering, basically, constructive criticism on existing tools and then, like, going to their bug tracker or their GitHub and through all these examples, except for two of them, because it's taken a long time for me to,
13:01
like, come up with a good design for that, basically offering alternatives on, like, how they can do things differently, uh, which I'm going to go over right now. So, this first example I never recommend in any crypto party because, uh, well, shitty crypto, um, but I'm gonna bring it up for one great feature and one awful feature, uh, specifically,
13:22
when you're dealing with different devices, there's different contexts the software runs on, so, uh, you know, your crypto could be, like, awesome, but if the person on the other end can take a screenshot, then send it to somebody, then, you know, game over, like, uh, and I guess copy and paste and things like that, too. So, it's one of those things you want to mitigate to, like, discourage that, uh, crypt telegram kind of does this by letting
13:44
people know that they took a screenshot, uh, also I realize I'm gonna blur out Will's name at the bottom, sorry, uh, and the thing is, though, there's also issues with kind of going back to the idea of modes of knowing, like, whether you're in a secure mode
14:00
or not secure mode. I have no idea why telegram isn't just always in a secure mode because they built their own infrastructure, they built their own everything, but maybe they're, like, crappy, crypto doesn't let them to let them do that by default. Uh, so people make this, people make these mistakes, like, this is secure, and it's, like, no, you didn't turn on OTR, um, and so, can you spot, like, where, like, what indicator,
14:22
what tells you, communicates to you in the UI, like, whether one is encrypted or not? Like, there is the tiniest, like, lock icon at the very top of next to the name, and it is the only thing that is, like, telling you, like, by the way, this is end-to-end encrypted and not just, like, encrypted in transit. So, there's a lot that could be done better there,
14:44
and just some examples of how to do it better. So, Chrome does a pretty good job at this. Um, the, it's more obvious, like, you have this kind of, like, you know, the top, sort of, like, the way people kind of look at stuff top to bottom, left to right sometimes, but not necessarily. In this case, you could go right to left.
15:03
Uh, the first thing we'll see would be the top of things, in this case, a window, and you're seeing that it's a different color than what the other windows are. It's different, and it has, like, a weird creepy fedora guy in the background. Um, now, in the, in the forefront, though, you see, like, something that will only be needed to be read once, and, uh, basically, that just kind of lets you know what's about to happen.
15:23
Oh, yes. Hi, DEFCON. Who out there is this, uh, first DEFCON? Wow, that's a lot of hands. All right, so, I'm guessing that you guys have already seen this once today. For what, for, uh, those of you who don't know what's going on, uh, we have this
15:43
tradition for first-time speakers. Uh, they, uh, get to do a shot on stage with the goons. Uh, he has to. Everyone, should he join in? You know, I look 17, but I'm actually,
16:26
yeah, yeah, 30, 84, yeah, yeah, yeah. Cool, yeah, yeah, awesome. So, yeah, so we have the, uh, uh, so we have a good example of, I think it's just something about the conductivity of,
16:49
it made the screen turn on, this is good. It might be just something about the metal table. I'm totally guessing. So yeah, so Chrome in this case has like a little message in the
17:21
front that you saw earlier. So it kind of tells you just like what's going on and what specifically this covers. Like it's not, it doesn't tell you, you're about to enter like onion router lands or anything. It just says like specifically, you know, we're not going to store cookies except for the session. Uh, this doesn't protect you from your employer, et cetera, or anybody that has access to the network. It's something that you only had to
17:42
once and that's why it's kind of in the background and out of the way. So it's useful the first time it's still there for anybody that needs it. Um, so it's just a good thing to have. It's, it's a good design. I think it's out of the way it's there, but, uh, cool. Okay, cool. Thanks. Another good example is actually tour products. So
18:05
the tour browser like happens in this completely distinct window where like inside of it, you're back in like surveillance land. Uh, so that's kind of the idea there. The, uh,
18:21
and I think that's a good design to just have a totally separate window and just like not screw around with anything outside of that, uh, in like military is you see the idea of like, here's a computer that's like the red computer, the hot computer. Here's one that's like safe to use. Uh, so you have like two different devices and that makes it so that it's less easy to make a mistake on me. Like, oops, I did this on the wrong totally different
18:43
machine, uh, versus like, Oh no, I did this in the wrong window. I didn't have like my socks proxy set up or whatever. So this is one way to do mode really well. This also tells you like kind of how it works, uh, kind of next steps. Um, uh, and that's, it's great.
19:00
It's good that it explains things on the opposite end of not explaining things. This is an old version. So I just, the full disclaimer, like this has all been fixed, but, uh, a release of signal, like back in January, like can be kind of ran into some problems with people where it was like, yeah, there's a mystery blue button and nobody knows what it does. People were afraid to touch it. Uh, like please label things like it's one of those things
19:21
where I know like sort of this sort of like beauty side of design tends to favor things that have like, you know, very minimal text, very minimal everything and just have just sort of copying Apple on their industrial design. Uh, but when it comes to things like this, you really want to mitigate mistakes. And because of that, you want to make sure that people know what they're getting into specifically. Uh, and also kind of another thing that you see
19:46
in the design world is just like, let's take this number of steps and turn them into two steps or three or like as few, many steps as possible. Uh, so it made it so that you can just have a contact call on like two steps and then tap. Unfortunately,
20:00
though, it doesn't give you the option of like asking you whether you actually want to call them. So like pretty much three out of the four people that tried this the first time, like accidentally called somebody, uh, without realizing it was just going to go through it. Uh, this was also fixed. Now it does what it expects. The other thing is also going back to the theme of false hope, uh, signal runs their own, like,
20:21
it's not using the telephone system, like traditional voice telephone system. So it doesn't necessarily need like an iPhone. So it was installing on my iPod touch, but then instead it couldn't. And then it just kind of didn't have a thing to say, no, it does now. And actually it just works on the iPod. So this is great. Um, but here's one of those things where like you want to deal with these kinds of cases and
20:43
like, um, make sure people understand right away, like what they can or can't do before you like say, go follow these steps. By the way, you can't do anything. Well, uh, this is going to be a recurring theme to a few other software packages, uh, currently, and this is like under GitHub. So this is, this is being looked at, uh, there's the idea of a call button having
21:04
like a corded phone. Like I'm old enough that I remember using a non cellular phone and what those like were shaped like including the rotary phone, like I said, I'm 30. Uh, so yeah, it's, it's one of those things that just might be like a far future concern, like post-millennials, like if people stop watching 80s movies, then people might not understand this weird like half
21:26
C shaped thing as a phone, just something to think about. Uh, the other thing too, is just like, uh, it's a good idea to explain what different features are. Um, incognito mode did this of course, uh, and you know, your mobile device can too. So like there's a thing for
21:43
security. This actually specifically is like, if you do the like expose thing in iOS where you're like tabbing between applications, that actually takes a screenshot of what you're doing. But in this case, it doesn't say that that's what this protects from. So it actually
22:00
just like when you do the expose thing and it just has a blue overlay, which is great. Uh, so the screenshot is just like this blue screen with the logo in the middle. So yeah, explaining what it is is great. And it's really not hard to do. I think I'm not an iOS developer. Uh, and there's also this, so here's the deal with fingerprint. So I kind of alluded to the idea of just like me not liking, like using fingerprint phrasing, especially
22:24
with mobile apps, only because like in the context of where a lot of people are using these in New York, these are people that have been arrested a protest and they'd have a fingerprint taken in the back of their mind. They have this idea that yes, there is a way to like make this thing that was in like into a digital thing. And it's like, is that
22:41
what that is? Like iPhones have a fingerprint reader reader built into them. So the context of where this is happening is a little bit different. So that is something that has literally been tripping people up as far as like what that means. There's also just no explanation of just like what it's derived from or like why it's useful or like how to use it. Um, so if you're going to use that, I would recommend like saying like how,
23:02
how it's useful. Um, and like how it's like, Oh, it's a mathematical hash of like whatever and not the protocol. So, uh, yeah. So fingerprint, I don't, I don't like that analogy, uh, with especially with mobile. So going back into the theme of like kind of systems that have their own infrastructure. Uh, this is, this is great. This is awesome because like,
23:25
if you have that ability to just have only a secure mode and just have it run in the background and not have to think about it, it makes it so you can't make the mistake of like, whoops, accidentally sent this in plain text. Uh, so period is an example of this. There's others, of course, uh, which I'll get into. Um, and some of you wishes that we ran into,
23:43
which I'll get into the next slide. Uh, one of which is like, do you have to add a contact before you can send a message to them, but that's not necessarily communicated well. And it looks so much like email that people just assume it works exactly like email. So like people will post like their period handles under Twitter or whatever it'd be like, this is my period. Like username and like, all right, I'm going to go send somebody a message and I
24:03
can't. The other thing too is the idea of, so another thing that is, that is fantastic is it makes what I would consider better passwords in terms of using pass phrases that are really long instead of like tiny, like weird things that are hard to remember. This is great, but there's
24:20
also a short pin thing that lets you, if you're on specifically, that will only work on that device that you enter a short pin. And if you don't, it's kind of like a muscle, I guess, like you, if you don't exercise that long pass phrase, like people have been kind of forgetting that over like the course of a week or so. Um, so there's ways of testing for that. Uh, I did a really weird project where I tried to use images for a pin that only worked on a local
24:45
land at the last place that I worked at. The way we user tested before we wrote a single line of code is we took a giant piece of cardboard and placed a series of 12 baseball cards, 12 Pokemon cards, 12 World of Warcraft cards, and 12 like weird animals, zoo cards from like the Netherlands. And, uh, we went around the office and we were just like, pick your favorite
25:04
one and we'll write it down. And then like a week, a few days later, we'll be like, which one did you pick? And then a week later it was like, which one did you pick? And then like a month later, three months later, they all remember it. It was awesome. That's just the only reason why we went forward with it. Um, I think phrases could be done
25:20
the same way, but I think there is a sweet spot of when people start forgetting. Uh, so similar user testing, doing things that way will, I think be great in helping people helping figure that sweet spot out. I think there is kind of an average that can come in to play on that. Uh, this is kind of just what I was alluding to earlier. Again, this is on their radar. This is something you're looking into. Uh, so this is just like what
25:43
I did instinctively. Um, would I think one of the person that are quicker party is just like, Hey, I have their username. Let's write the message. Oh no, I don't have recipients, but I have one. What do you mean? It doesn't. Um, so it's, it's one of those things where like you kind of want to let them know this is a reprieve opposite step for the, you give them the false hope of continuing and then not being able to actually do a thing,
26:01
especially after you put work into it. Uh, so here's the downside of a lot of these kinds of systems that have their own like infrastructure that doesn't piggyback on insecure legacy systems is every investor wants their horse in the race. As far as like the new messenger app, like totally want to go after WhatsApp or whatever. Um, and almost none of
26:21
them are interoperable. Like nobody's gonna install like eight secure messaging apps on their phone and then wants to remember like what contacts are and which one. Uh, so everybody's counting on network effects. So just coming to play and be like, everybody's going to use, you know, sure spot or whatever. And there are standards. I would encourage any
26:42
developers out there to like use standards. Uh, of course signal has a lot. So our old mini lock is a curious thing, but can be used by other things. Uh, OTR of course is used. PGP is also used. Let's talk about OTR. So here's the thing that just always the thing that comes up in every crypto party, despite having like kind of a lot of
27:05
other secure messaging options, but for desktops, it's actually kind of sparse. We have an OTR plugin for a DM for, or sorry for a pigeon. And then we also have a DM, which also has support for that. Um, the thing is the way this is communicated is a little weird.
27:21
It's, uh, people are like, Hey, let's go download OTR. They'll go to their phone, like look for OTR. Uh, so, but that really means like, Oh, you have to use something like chat, secure different client and you have to be, it's different depending on what platform you're on. Um, and it's called the actual protocol behind the scenes has to be called different things. You already have to have an account or in some cases you can
27:41
create one, but sometimes there's not an easy way to do that built in. Uh, cats. And so, yeah, basically the, uh, and then you need an XMPP account. And sometimes some of the providers don't have them like science certificates. So that just ends up looking weird. And it just always ends up sketching people out. Uh, so this is
28:04
what the pigeon interface looks like. Now we kind of like have people use, uh, and so Thunderbird has this, they have an onboarding process where if you like, I'm a Thunderbird for the first time, you can just set up a new email account with like Gandhi or whatever, uh, pigeon, unfortunately lacks this. Uh, it's something that I would like to see built in. I'm working on designs and like GTK. I don't know how to do
28:24
that. And, uh, so you have to kind of already have an account or if you know the server that you want to connect to, you can create a new account there using this, but it's also weird because it's like, it's the same interface. Like it's like one of those things that's like probably really efficient in the code where
28:40
it's like the same display used for the edit screen is also the same for the create screen. Uh, but you have this like persistent checkbox at the bottom. Like even if you're like just tweaking your like microphone, you still see it like creating an account on the server, but it doesn't belong in that context anyway. So why is it there? Um, so I would recommend moving that out and I'll get into a good example of how to do that in a second. Um, yeah. And then
29:05
there's just like, uh, issues with like the fact that it's just a very alien way for a lot of people to do things that they would normally do, like reset my password. Um, and then just things that are kind of a throwback to what old IM things used to do, but don't really make sense in this context,
29:24
like mail notifications. There's also just a mix of like different things that are related to security or privacy being thrown out in kind of similar contexts, uh, which will still be in like PGP as well. Uh, yeah, there's just not too much of, there's not a very distinct way to distinguish
29:42
like transit security versus end to end security, uh, which I think is something that really is a new thing that people should think about. Um, and I don't know how to communicate that visually well, but it's something that I'm interested in tackling, uh, in the UTR settings, of course, in a different place because it's a plugin. So it's works a little differently and the install process is a little
30:05
different to use because you have to install two things. You have to install pigeon or EDM and you have to install the OTR plugin, et cetera. So there's just already like now you're just installing more tools and it's different in other places. Like if you're using Debian, you have like, you can just app get, install it and have a signed copy of that binary,
30:20
like available. Where's another things you're just like check box install, cross your fingers. Um, and then people are like, Hey, why don't we have this built in? Yay. Awesome. 2013, let's do it. It's noted. And then like afterwards, people were just kind of like, yeah, thumbs up. And nobody's done it yet. It's a, so it's 55% there. Um, as it may also to why. And so we'll see how far that goes,
30:41
but it looks like that will be available in the pigeon 3.0 release, which I'm looking forward to in five years. Um, so there's chat secure, which is a really great example of how to do this. Uh, so this has a very distinct thing to like be able to say, do you have an account? No, let's create one and just have that be available right away. Uh, it's very easy to just kind of jump in immediately and just start using it,
31:03
which is good. Uh, so this is basically what it could be. Like you don't have to like memorize what the URLs for these different things are. And so it was a ccc.com. No, it's, it's like, uh, is it dot go dot com? No, you see everything right there, which is great. There's a few presets. You can add your own though. You still have the freedom to do that, which is awesome. Uh,
31:22
and then there's some good defaults and all of a certain encryption with the other things. This is a very good user experience. Like this is basically the user experience that, uh, other OTR enable that to students. Uh, so let's, let's take it up a notch. So let's talk about PGP, which like it grew. It's basically like if you ever played Ikaruga, then you know what PGP is
31:41
like. Um, usability has been talked about in PGP actually for a while. A good recommendation is why Johnny can encrypt, uh, which my colleague Trammell recommended in the audience somewhere, uh, which is great. So this talks about 1999 issues, like issues from 1999 regarding PGP. Uh,
32:00
some of them we actually still run into just one. Uh, some of them have been solved actually quite well. Uh, but yeah, they actually did use your testing with a specific audience of like, I think maybe 12 to 24 people and like two of them were able to successfully do everything properly as far as like sending your emails to the other person. There were confusion under points, uh,
32:21
which I'll let you look into by downloading that paper at some time. Okay. So the thing that PGP is like, you already have like too many moving parts. You already have to install too many tools, kind of what I alluded to earlier. Uh, this is just like different, the popularity of different platforms doesn't necessarily line up with what volunteers know. Like for some other reason, there's a huge crossover between security privacy and the BSD group.
32:41
So at any given crypto party in New York, you'll have more people that know how to install PGP on BSD than you do on windows. Uh, and because those interfaces are different, like it's hard to, like help them out on like, well, in open PGP tools, it's like this. And here it's like this, nobody really knows for sure. People are afraid to do things because if they make a mistake, they're fucked. Um, so,
33:01
and the order of things is also something you have to explain because like people just aren't used to the idea of emails or protocol and it's like, oh, you have to set up your email account first and then install this. And Ignal is part of Thunderbird, but then Ignal has to be able to talk to your PGP install. So you have to do that. Um, and even internet users just have never like looked at email outside of a website or an app. So it's just something that has to be considered into play is like,
33:22
you're not just introducing end to end encryption to them and PGP to them. You're also introducing the idea of email as a protocol to them, uh, which is weird. And also like people that have been having that have had a Gmail account now for like 10 years. Uh, you know, IMS default. So it's just going to try to download everything.
33:41
They use the internet connection slow and you can actually do things while you're, that's happening. Cause it just chokes up CPU so bad that you can actually do it. So it's a good idea to like take advantage of the writing for different processes and have things in the background run while things in the foreground can happen. Uh, of course that wasn't the way email always was like pop makes it so that
34:00
you've been habit so that you're not downloading your entire email history on the server. You're just getting, you know, as it comes to the idea of like one email landing in one place that you checked and a different email landing in another place that you checked and having those not sync across devices in the modern age, like after the nineties is something that people are just terrified by. It's just a box window. All right. And the other thing too,
34:21
is just like the stack that we're counting on as far as like Thunderbird, like the cross platform, like thing that we can tell everybody to use in windows, Linux, or Mac, uh, or open BSE is, uh, is basically a man aware at this point, like they're doing bug fixes, but there's not going to be any design changes happening anytime soon. Um, there's a lot of just little things like they don't, people don't think about like set text sizes and like resolution of
34:43
displays and things like that and how small that gets. Uh, so it's important to like accommodate for the idea of really big screens, because even if you don't think that your email app is going to like show in times square the resolutions of your screens are only going to get stronger. And so that that's something that's going to have to be thought about. Uh, there's also no,
35:01
I didn't indicate the subject lines is not okay. There's also something that was brought up in the 1999 paper on why Johnny can encrypts. Uh, there are ways of kind of highlighting things within like those text boxes you do that for the two PGP does that for the two phones. So let people know it should also do it for the subject line. My opinion, uh, kind of like what it does here,
35:21
when you have like the two fuel that's like red, um, because I don't have like signatures, the trust level is not high enough or whatever. And then you have the subject line, but nothing is indicating that's unencrypted at all. It's something that we literally just have to tell everybody individually forever. Uh, so we could just have something either highlighted red and you have a little thing that pops up, say, Hey, this isn't encrypted.
35:40
The rest of the body isn't, sorry, it's just the way the 1970s design email. Um, then we also have this idea of multiple things, sort of like multiple types of encryption happening and like a little bit of confusion on what each of those are. So the future is, uh, not looking so good for that, but there's also the idea of like doing PGP in the browser,
36:02
which has security issues. Uh, but that's why it's done an extension, not in a browser, but then browsers get hacked. But so do operating systems. So security wise, I don't know. That's, I'll leave that to all of you to figure out like whether that's an awful idea or not. Uh, there's a few people doing this, Yahoo, Google, whiteout, Melvolope, all basically doing kind of the same thing.
36:22
Uh, I haven't had a chance to use Yahoo or Google saying, uh, Melvolope or sorry, whiteout.io I couldn't use because it just kind of froze. I couldn't, maybe it did generate a key successfully and I didn't know if the front end was working. so this is what people do when they tell me, when they use Melvolope, uh, they'll start writing a message.
36:41
There'll be a little thing that pops up kind of in the very corner of that compose window. Uh, no text on it, just like a little thing that has like a little icon with a pencil and a piece of paper on it. Uh, and then as soon as you start typing it disappears and doesn't go back, uh, then you're like, all right, I'm ready to encrypt. Oh, wait, I can't. And then you open up the tab and it's saying that you open up the button and
37:01
it's just saying that you're going to add a tab. What does that mean? And in this case you have the ability to like add Melvolope to different web mail service providers, which is a useful feature, but like it's not in the place where people expect it. That would be something like an advanced settings or like a different thing. the other thing too is like, you're like the draft is safe.
37:21
Like you've already typed in your secret message that you want to like say or whatever. And it's already done. Like there's no one do on that really. The age of Google like data retention. So that's the thing. It's like, it should literally just stop you. It should have a different window composer, composer window that should ask you immediately. It's like, is this going to be a secure message? Like, do not start typing yet and then go for it.
37:43
this is a complex design, especially to deal with in a web based context where like you don't really have that much control of the UI that's already presented. but there are advantages. Like everybody already has web browser. People are already familiar with how to use Gmail, Yahoo or Yandex or whatever. Chromebooks are just all over the place. You like, like the speaker room had Chromebooks just everywhere.
38:03
You're not going away. there's also just the idea of just like PTP's fundamental architecture doesn't always work so well with browser extension context where you have like things like criminal storage and like things like you wiped out, you know, extension caches with that and include your private key.
38:21
And then suddenly you don't have a private key anymore at all. and these things made sense back in the day. I don't want to like, dis on, those are made like total sense in 1991. Like the idea is that like back then you had a computer, you only had one computer. You'd have to worry about moving files around because you were just always on one machine. and it was in a locked house.
38:41
You already had, like you really have to worry about key security. You don't have to worry about iCloud, like copying your private key and giving it to Apple. that was just, wasn't a thing back then. And there's the idea of like key servers back then kind of made sense because you really have like secure, like a real strong way to like say, Hey, here's how to announce my public key without security and transit and you do now with HTTPS.
39:01
I was social media that also uses HTTPS and multiple kind of outlets for social media where we can put public keys in not only different websites, but different jurisdictions that those websites live in. So if you have like your public key on QQ or Yandex, IM whatever,
39:20
and you know, Twitter, then you have to deal with like three giant governments hate each other, cooperating to like work over your public key to like try to change all those basically. So it's, it limits the threat model a lot that way. And that kind of approach is something that I really like. the answer is like RSA was already slow to begin with, with, uh, crime factoring and like, even I think the get hub issue,
39:41
one of the get hub issues that I saw on Google's and Dan encryption involved, like trying to like find out like how to make factoring crimes faster. So you're looking at like Chinese mathematicians from like the ancient days and like how they did stuff actually the sun zoo, but not that sun zoo. Cool. So this is one of the things like, do we need private key city files? Like, can we just have them like determined or like derived like deterministically
40:04
from a hash of the public key with a long passphrase, which is what mini lock does, uh, that gets around the idea of like having to worry about file security, which people are just not good at. People will, I literally had people go into classrooms and not understand what a fight was like. This is the age of like iPad apps.
40:22
So it's, it's scary, but it's also something you can go like deal with. and like I said, like social media kind of helps with the, what keys are the function that key servers basically use at one point in the wave, like what key base is doing, I think is extremely compelling. Uh, that's just newer fast performance encryption.
40:41
Like ECC actually runs really fast in JavaScript. Um, I'm already saying not so much. Uh, yeah, that's basically my talk. Uh, user, my Twitter's, and website. Here we go. Don't forget to add me as a contact for us and I have to approve it. And then that's when we can talk, uh, public key ID, lol,
41:02
And also for any of you that are working on these tools, uh, for open source, check out simply secure.org. A lot of people running it behind the scenes are really great. Some of them have taught me some things about user testing. So they're kind of like, they're, they're good people to talk to. Uh, and like I said, check out that talk that Katie did.
41:22
Um, yeah, that's it. Any questions, comments, ideas, concerns, grants. I have no idea where the microphones are for Q and A,
41:40
but they're, they're around, I think. So the question was, do you think it makes sense to keep working on PGP or just kind of like, let it like send it to the goo factory? Um, I think a lot of people are already using it.
42:01
It's one of those things like, you know, where I think it, it'll continue to exist whether we like it or not. So you might as well come up with ways to like have them use it in a way that makes sense. Some of the things that I was thinking about specifically for PGP is the idea of like, well, what if you treated file security the way you would with a key like for door?
42:20
Um, and it's just the thing that you carried with you. Like, do you really need your private key on the computer that you want to use it with? Uh, we have like arm based computers that can like live on USB drive. And I wonder whether that could just be like the super locked down PGP. Like computer that you carry with you. And then just plug in via USB to the laptop that you want to use PGP
42:40
on or NFC to the mobile device to just like be able to say like, Hey, encrypt this message. Um, actually not even do the encryption on the machine to sell on your like user device, but the actual PGP computer and just have it like send in plain text, give you that cipher text and then just have it do the delivery from there. And that would help solve, I think a lot of usability problems that are real as far as like file security,
43:03
having to think about backup software, like all these other things that's one approach that I think works. the other is just like better desktop software. mail pile seems like it's promising and doing well for that again, as long as private keys remain as files, um, you're either going to have to have that file in like one place really
43:22
secure, or you're going to have to like learn and become a security expert. So yeah. Any other questions? Thank you.