[tahoe-dev] security is an anti-feature Re: my klog: I critique an academic Tahoe-LAFS-like cryptosystem

Zooko Wilcox-O'Hearn zooko at zooko.com
Wed Dec 2 13:26:31 PST 2009


Troy:

While I appreciate the sentiment, I'm not sure that a Denial-of- 
Service attack on academia is the right approach.  ;-)

Instead, I wrote a short personal email to lead author of HAIL, Kevin  
Bowers, who as it turns out is a researcher at RSA which has been  
bought by EMC.

Another Next Step is the presentation on Tahoe-LAFS that Brian and I  
are giving at RSA Conference 2010 in March.  RSA Conference, or at  
least the part of it that we are presenting in, is an industrial  
rather than academic conference, but still I'm sure presenting there  
will make Tahoe-LAFS more widely known within the security community.

However, I've been thinking that maybe the security community is the  
wrong market.  Most users, I've come to believe, will instinctively  
reach for the *other* tool if one of the tools is labelled as  
"secure".  This may sound strange, but I think it is true and that  
there is a good reason for it.  Users know that a tool which comes  
with a "security" sticker on it means more hoops they have to jump  
through before they can get their work done: pop-up dialogs asking  
"Are you sure?", key-management hassle, access-denied errors, etc..   
They also know that most of the time bad guys aren't going to be  
attacking them and most of the time this tool isn't going to be the  
weakest link in the chain anyway.  In short, users are rational and  
correct when they pass over the products with "security" in favor of  
the products with "get your job done today".

Now we have always tried with Tahoe-LAFS to make something which  
provides security *without* introducing lots of hassle.  I think  
we've at least partially succeeded (although I'm still alert for more  
evidence from the field to indicate what's working and what isn't).   
So maybe we should find some way to appeal to those people who just  
want a reliable and easy-to-use cloud storage tool and don't want an  
extra helping of "security".

Regards,

Zooko


More information about the tahoe-dev mailing list