STEED - Usable end-to-end encryption

[Jerome Baum]

> ... We can remove *needless* complexity, but security could be said
> to be the art of *introducing* specific complexity that's a lot worse
> for the attacker than it is for you.  It can't be automagical.
> 
> Anyway, key generation is already automated.  All you have to do is 
> (1) choose to employ crypto, and (2) supply a passphrase that you
> can remember.  There are even methods and tools to help you do (2)!
> 
> To be secure without being involved in the process is an
> unreasonable expectation which can never be met.  We need to teach
> our kids to expect to protect themselves online the same way we teach
> them to look both ways before crossing the street.  Probably at the
> same age. Otherwise they'll grow up to believe the hype that you can
> buy security the same as buying bread.

So let's put up traffic lights to help them and employ some crossing
guards to teach them the first steps until they are old enough to make
their own decisions.

Or put another way, we could make the process automagical until the user
has enough experience with the tool to do this themselves. The question
is whether we should -- false sense of security, "reasonable" threat
model, etc.

Either way, it's better to encrypt to key that you _think_ is the
recipient's key than to none at all*, because now your passive attacker
is helpless.

* Under a specific set of threat models.

-- 
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA