LEAP logo

LEAP Encryption Access Project

Let's play security bingo! (Updated)

To be honest, this is might be the least satisfying game of bingo ever—but let’s play anyway. The rules are simple: make a grid cross referencing OS platform and communication toolset. In each cell, put the name of an open source software package with reasonable security properties. If this exercise doesn’t make you break down in tears, then you have won.

The rules probably need some adjustment if this game is to catch on.

Here is my attempt at playing:

Windows Mac Linux iOS Android Web
Messages Short Message Pidgin, Gajim, OTR ChatSecure Gibberbot, Beem, TextSecure Cryptocat
Long Message Enigmail, Gpg4win Enigmail, GPGMail Enigmail AGP
Files Storage DiskCryptor EncFS, eCryptfs, DMCrypt AOSP, Cryptonite SafeWith.me
Backup Duplicati Déjà Dup FlashBack
Synchronization seafile, git-annex, SparkleShare, Syncany
Data Wipe Eraser, BleachBit, DBAN DBAN BleachBit, DBAN, wipe InTheClear N/A
Audio/Video Direct Calling Jitsi Jitsi, linphone, sflphone RedPhone, CSimpleSip
Conference Mumble Mumble
Capture & Reporting ObscuraCam
Network Availability Commotion N/A
Confidentiality & Anonymity Tor, OpenVPN N/A
Identity Passwords KeePassX KeePassDroid
Validation OpenPGP, OTR
Authentication Mozilla Persona, WebID

Looking at this table, it is immediately obvious that there are a lot of empty cells. Unfortunately, most of the cells that are filled in contain software that is unfriendly or even sadistic toward the user.

What is missing might be more revealing than what is listed. These toolsets are entirely absent from my ‘security bingo’ game card:

  • Social Networking: When I excluded software that I think is unfeasible (SecureShare) or has no security (Diaspora, etc), then you end up with zero projects.
  • Document Collaboration: I have high hopes for an encrypted etherpad, but so far no one has started work on it.
  • Photos/Vidoes & Galleries: Nothing I have heard of.
  • Events & Scheduling: Nothing I have heard of.
  • Tasks & Planning: Nothing I have heard of.

I also excluded a few obvious categories:

  • Firewall: Reasonable firewall support is now built into most operating systems.
  • Anti-virus: There is no good anti-virus software, either commercially available or free software.

If you have suggestions for how I can fill in my game card, please write elijah@leap.se.