There Are No Online Security Shortcuts for Human Rights

At Benetech, we're thinking about human rights activists everyday. We're not human rights advocates: we're a group of technologists and scientists dedicated to helping the human rights movement be safer and more effective. We prefer to work mainly behind the scenes, helping the activists pursue their mission of improving respect for human rights, advocating for policy change that advance rights and sometimes even obtaining justice against the perpetrators.

However, there are times where we need to weigh in on a technical issue that impacts human rights activists. Following an admiring Wired.com profile of the web-based chat program, Cryptocat, a fair amount of discussion ensued about the security risks of using a tool with this kind of web-based design. The relevant Wired.com editor responded with an endorsement for use by Middle Eastern dissidents of Hushmail, an online web mail site with a similar design.

The discussion, and this (to us) risky recommendation from a publication with a long history of covering these issues, led Benetech chief scientist, Dr. Patrick Ball, to respond. His oped, When It Comes to Human Rights, There Are No Online Security Shortcuts, was just published on Wired.com. We appreciate the opportunity from Wired to talk about our different views on this critically important issue.

The tech community has immense power in the global battle for human rights. Tech companies supply the tools to help repressive governments suppress human rights and access to information. Those of us in technology who seek to tip the balance back towards advocates of human rights have a responsibility to approach these issues with great care. We need tools that defend the defenders of human rights, and that activists will actually use.

The Benetech team has looked frequently at web-based (or more precisely: web-served) design for the tools we provide for activists, around securely capturing information about human rights abuses. We don't make chat or email tools like Cryptocat or Hushmail, but the security challenges we face in design are similar. To date, we haven't felt we could responsibly design around the intrinsic risks inherent in a web-based tool (although we have been interested in a new set of innovations called host-proof hosting that hold the potential of overcoming these risks).

The Wired piece correctly identifies one of the core challenges faced by designers of tech tools for use in the human rights field: the difficult tradeoff between security and usability. We were inspired to work in this field by Patrick Ball's work training activists around the world to use the first generation of crypto, the seminal program Pretty Good Privacy (PGP) invented by Phil Zimmermann. Patrick found that very few of the activists he trained ended up using PGP, because it was too hard to use. We feel we've made huge strides in usability with our Martus design without compromising security. But, we thought the only way to make it sufficiently secure was to create a standalone application, with separate servers isolated from the users so that they don't run the risk of possibly having access to the user's secrets.

We know that much more needs to be done to make these tools more user-friendly. We know the Cryptocat team is working hard on a new generation of their tool which will try to overcome the weaknesses in the current version, and we welcome their efforts. We want to make sure that security doesn't suffer when it comes to serving those at greatest threat from repressive governments.  At this point, we believe that the risks of straight web-based solutions are too high to recommend them to activists and dissidents who run personal safety risks in their work.

Comments

Jim Fruchterman said…
UPDATE with new news.
Bravo! The Cryptocat developers have taken the advice of the security community. They've moved the design to a more secure architecture. Their new version 2, now in beta, is implemented as a browser plugin which will keep the encryption keys on each user's local computer. This model avoids the inherent problems with storing private keys on hosted servers. It's too early to tell whether Cryptocat 2 will live up to its promise, but it is exciting to see that the developers are moving in the right direction.
5:38 PM
Post a Comment

Popular posts from this blog

Bringing Millions of Books to Billions of People: Making the Book Truly Accessible

Image
I believe in the power of books to change the world. That is not a particularly radical belief among librarians, but I hope to make you believe even more in the power of books. Literacy and access to knowledge underpins just about every social good, from education, to economic development, to health, to women’s empowerment, democracy and respect for human rights. Today, we are poised at a moment in time where we can transcend the limitations of past book technologies and bring the power of books to all humans. To bring the power of books to everybody on this planet, we must make books truly accessible. Love of the print book. It made me who I am. I’m a big fan of the printed book and always have been. However, as a technology, printed books come with serious challenges for some communities (like blind people) that technology can unlock. Consider the issues with printed books. First, they are place-based. In order to read a printed book, you must have physical access to it.  W
Read more

10X: CEO’s Update: Spring 2014

Image
10X: ten times the impact. That’s what’s been on my mind lately. How can our existing successful programs reach ten times more people? How can we use technology in a new way to improve people’s lives that is an order of magnitude better? Can we help stimulate the creation of far more technology-for-good ventures? The Benetech team has already accomplished great things for our users, but there is so much more we can do. Technology currently serves privileged groups through tools that provide access to education, literacy, health, and justice. But what about everybody else? While it’s not a panacea, technology has been the engine of so many improvements in society. The time has never been better to think 10X bigger! I have disruptive approaches to social innovation in mind, with an increasingly connected society where the cost of prototyping and deploying new products is extremely low, and where innovation is no longer the sole purview of well-funded for-profit corporations. We del
Read more

On the Future of Braille: Thoughts by Radical Braille Advocates

Image
Guest Beneblog by  Betsy Beaumon, VP and General Manager, Benetech’s Global Literacy Program. Betsy Beaumon I recently had the honor to speak at the first-ever Braille Summit , hosted on June 19-21, 2013 by the National Library Service for the Blind and Physically Handicapped (NLS) and Perkins School for the Blind. With the goal of promoting braille literacy, this landmark meeting brought together braille experts from around the world to Perkins’ campus in Watertown, Massachusetts. My biggest takeaway from the summit: the time could not be more urgent, and more hopeful, for the future of braille and the prospects of those who need it. That’s why braille is an important focus for us in Benetech’s Global Literacy Program — we know that we must keep braille relevant and make it more available. One of the biggest reasons is that among people who are blind, braille literacy has been linked with higher education levels, higher likelihood of employment and higher income. According
Read more