Let's play security bingo! (Updated)
To be honest, this is might be the least satisfying game of bingo ever—but let’s play anyway. The rules are simple: make a grid cross referencing OS platform and communication toolset. In each cell, put the name of an open source software package with reasonable security properties. If this exercise doesn’t make you break down in tears, then you have won.
The rules probably need some adjustment if this game is to catch on.
Here is my attempt at playing:
|Messages||Short Message||Pidgin, Gajim, OTR||ChatSecure||Gibberbot, Beem, TextSecure||Cryptocat|
|Long Message||Enigmail, Gpg4win||Enigmail, GPGMail||Enigmail||AGP|
|Files||Storage||DiskCryptor||EncFS, eCryptfs, DMCrypt||AOSP, Cryptonite||SafeWith.me|
|Synchronization||seafile, git-annex, SparkleShare, Syncany|
|Data Wipe||Eraser, BleachBit, DBAN||DBAN||BleachBit, DBAN, wipe||InTheClear||N/A|
|Audio/Video||Direct Calling||Jitsi||Jitsi, linphone, sflphone||RedPhone, CSimpleSip|
|Capture & Reporting||ObscuraCam|
|Confidentiality & Anonymity||Tor, OpenVPN||N/A|
|Authentication||Mozilla Persona, WebID|
Looking at this table, it is immediately obvious that there are a lot of empty cells. Unfortunately, most of the cells that are filled in contain software that is unfriendly or even sadistic toward the user.
What is missing might be more revealing than what is listed. These toolsets are entirely absent from my ‘security bingo’ game card:
- Social Networking: When I excluded software that I think is unfeasible (SecureShare) or has no security (Diaspora, etc), then you end up with zero projects.
- Document Collaboration: I have high hopes for an encrypted etherpad, but so far no one has started work on it.
- Photos/Vidoes & Galleries: Nothing I have heard of.
- Events & Scheduling: Nothing I have heard of.
- Tasks & Planning: Nothing I have heard of.
I also excluded a few obvious categories:
- Firewall: Reasonable firewall support is now built into most operating systems.
- Anti-virus: There is no good anti-virus software, either commercially available or free software.
If you have suggestions for how I can fill in my game card, please write firstname.lastname@example.org.