In working with young and middle-aged professionals in the Middle East region, we have discovered that desktop OTR clients suffer from serious usability issues which are sometimes further exacerbated due to language differences and lack of cultural integration (the technology was frequently described as “foreign”). However, in the case of desktop applications, we have found that the necessity for both parties to download, install and configure the same chat software and OTR plugin was enough to disenfranchise a majority of end-users from regularly engaging in encrypted messaging, even if they had an urgent or pressing need for encrypted communications. We have found that the mobile applications featuring OTR tend to be more accessible due to their platform, specialized purpose and design philosophy which integrates OTR from the outset. For mobile smartphones, OTR is available built-into specialized encrypted messaging applications. OTR-encrypted chat is generally available as a plugin for popular instant messaging software. OTR aims to provide forward secrecy, digital signatures, message authentication, repudiation and plausible deniability for conversations with two participants. 1 IntroductionĬurrent popular encrypted instant messaging technologies largely implement the Off-the-Record protocol (OTR) for encryption between two parties. Our goal is to investigate the feasibility of implementing cryptographic systems in highly accessible mediums, and to address the technical and social challenges of making encrypted instant messaging accessible and portable. ![]() Even if a cryptographic system is technically highly qualified, securing user privacy is not achieved without addressing the problem of accessibility. Our position is that accessibility and ease of use must be treated as security properties. ![]() ![]() We have found that encrypted communications, while in many cases technically well-implemented, suffer from a lack of usage due to their being unappealing and inaccessible to the “average end-user”. We aim to investigate how to best leverage the accessibility and portability offered by web technologies in order to allow encrypted instant messaging an opportunity to better permeate on a social level. Cryptocat is a Free and Open Source Software (FL/OSS) browser extension that makes use of web technologies in order to provide easy to use, accessible, encrypted instant messaging to the general public.
0 Comments
Leave a Reply. |