So make something better that people will actually use--then the question of what to use will become a no-brainer. "Just use Foo." The "best" alternative to something like Cryptocat is Pidgin/Adium+OTR plugins, and you can't seriously claim they're as usable (nor are their implementations actually perfect.) If not that, then help to fix whatever issues the popular tools have. (They're open source, after all.)<p>Make formal security proofs, implement them, open source your prototypes, and have them vetted by as many cryptographers as possible (so one or two if you're lucky.) Then figure out how to market your product.<p>By far the hardest aspect of cryptography engineering is getting people to use your software in the first place. It doesn't matter how good you are at crypto if your software is never used.<p>It's very easy to criticize. Much harder to actually make more secure, more usable alternatives. (And, ironically, the people who ought to be doing this the most are much more hesitant to do so since they know of many more subtle ways to make mistakes.)
Nadim's ego has lead him down a path where he believes that what he is doing is infallible and his critics do not deserve any level of praise--and it is reenforced by those who do not know any better than he does. You can see this in any project or startup, but in the case of Cryptocat, we have a situation where lives are potentially at risk and there is a likelihood that someone has already been compromised due to his actions.<p>The "cutesy" icons and flashy colours that Cryptocat displays are really nothing more than lipstick on a pig.
As a passive observer of all cryptography discussions on HN, I can't help but think if security researchers spent as much time on creating usable, secure software as they did in proving that other's implementations were flawed we'd be in a much better place.<p>As a user, I just want to be able to message another person, over the internet without having to worry about setting up plugins or setting up any kind of keys. I want to add them to my friend list, click their name, send them a message and be comfortable in the fact that my communication cannot be intercepted.
Guy creates a blog and his first single post is to discourage someone truly trying to innovate in the cryptography space (though admittedly more in usability aspects).<p>After listening to Glen Greenwald at the CCC it was quite clear that cryptography that is easier to use than PGP is really needed in this world (he almost lost the Snowden story due to it). I think that Nadim needs to be encouraged. Sure, point out any flaws but aim for constructive feedback.<p>The points here centre around it "not good enough". This is a bit of a chicken and egg problem and isn't really helpful.
I understand the problem here: don't experiment with crypto with your users' safety in the balance, claiming all the while that they're safe. The sad reality is that none if his users will ever know that there's a problem until it's too late.<p>Slightly off-topic, but this is one of those areas that bugs the hell out of me, and I don't know the solution. On one hand, security and cryptography people tell lawmakers and those in authority that crypto is math, anyone can do it, it's silly to try to regulate it, etc. On the other hand, these same experts tell the "anyones" of the world <i>not</i> to implement their own crypto, mistakes are easy to make, correct implementations are hard ...<p>Here's the kicker for me: If you absolutely should never release another piece of software that might have bugs that could endanger someone's life, then you'll never release another piece of software. You can become the greatest cryptographic implementor on the planet, implement to the current state of the art, and, in a couple years, still have your work completely obliterated by a new attack against a cryptosystem that you are using <i>correctly</i>.
Note that this article simply shits all over Cryptocat without giving any concrete examples: "has had myriad errors in implementation" and "After being berated by dozens, repeatedly, because of the myriad flaws". I kept waiting for Paul to substantiate his criticism or at the very least link to some of the implementation flaws he keeps trumpeting, but he doesn't. Pointing out that Cryptocat has tried multiple encryption schemes isn't really evidence in itself, either.<p>For all I know this guy could be totally right about Cryptocat, but this is absolutely not the way to make this kind of statement. It isn't well-reasoned and it sure as shit isn't informative.
A nice quote from Phil Zimmerman from a comment in a post by Schneier which was posted in a comment to this post:<p>"I remember a conversation with Brian Snow, a highly placed senior cryptographer with the NSA. He said he would never trust an encryption algorithm designed by someone who had not earned their bones by first spending a lot of time cracking codes. That did make a lot of sense. I observed that practically no one in the commercial world of cryptography qualified under this criterion. "Yes", he said with a self assured smile, "And that makes our job at NSA so much easier." A chilling thought. I didn't qualify either. "<p><a href="https://www.schneier.com/blog/archives/2011/04/schneiers_law.html#c530393" rel="nofollow">https://www.schneier.com/blog/archives/2011/04/schneiers_law...</a><p>edit:<p>By the way I think that Jeffrey Paul has a relevant point, I think it deserves to be taken into account. I understand his words can hurt Nadim Kobeissi nevertheless from my point of view they carry no such will.