app/views/pages/about-us/news/2012/security-bingo/en.haml


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194

- @title = "Let's play security bingo! (Updated)"
- @author = "Elijah"
- @posted_at = "2012-08-28"
- @more = true
- @preview = capture_haml do
  :textile
    To be honest, this is might be the least satisfying game of bingo ever--but let's play anyway. The rules are simple: make a grid cross referencing OS platform and communication toolset. In each cell, put the name of an open source software package with reasonable security properties. If this exercise doesn't make you break down in tears, then you have won.

%style
  :sass
    table.table
      border: 1px solid #ccc
      td
        background: white
        width: 12.5%
        font-size: 0.9em
        border-right: 1px solid #ccc
      td.section
        border-right: 0

= @preview

:textile

  The rules probably need some adjustment if this game is to catch on.

  Here is my attempt at playing:

%table.table
  %tr
    %th
    %th
    %th Windows
    %th Mac
    %th Linux
    %th iOS
    %th Android
    %th Web
  %tbody
    %tr
      %td.section{:rowspan => 3} Messages
      %td Short Message
      %td{:colspan => 3} #{link 'Pidgin' => 'http://pidgin.im'}, #{link 'Gajim' => 'http://gajim.org'}, #{link 'OTR' => 'http://www.cypherpunks.ca/otr/'}
      %td #{link 'ChatSecure' => 'https://chatsecure.org/'}
      %td #{link 'Gibberbot' => 'https://guardianproject.info/apps/gibber/'}, #{link 'Beem' => 'http://beem-project.com'}, #{link 'TextSecure' => 'https://github.com/WhisperSystems/TextSecure'}
      %td #{link 'Cryptocat' => 'https://crypto.cat'}
    %tr
      %td Long Message
      %td #{link 'Enigmail' => 'http://enigmail.mozdev.org/'}, #{link 'Gpg4win' => 'http://www.gpg4win.org/about.html'}
      %td #{link 'Enigmail' => 'http://enigmail.mozdev.org/'}, #{link 'GPGMail' => 'https://www.gpgtools.org/gpgmail/index.html'}
      %td #{link 'Enigmail' => 'http://enigmail.mozdev.org/'}
      %td
      %td #{link 'AGP' => 'http://www.thialfihar.org/projects/apg/'}
      %td
  %tbody
    %tr
      %td.section{:rowspan => 5} Files
      %td Storage
      %td #{link 'DiskCryptor' => 'http://diskcryptor.net'}
      %td
      %td #{link 'EncFS' => 'http://www.arg0.net/encfs'}, #{link 'eCryptfs' => 'http://ecryptfs.org/'}, #{link 'DMCrypt' => 'http://en.wikipedia.org/wiki/Dm-crypt'}
      %td
      %td #{link 'AOSP' => 'http://source.android.com/'}, #{link 'Cryptonite' => 'https://code.google.com/p/cryptonite/'}
      %td #{link 'SafeWith.me' => 'https://SafeWith.me'}
    %tr
      %td Backup
      %td #{link 'Duplicati' => 'http://duplicati.com/'}
      %td
      %td #{link 'Déjà Dup' => 'https://launchpad.net/deja-dup'}
      %td
      %td #{link 'FlashBack' => 'http://www.whispersys.com/flashback.html'}
      %td
    %tr
      %td Synchronization
      %td{:colspan => 3} #{link 'Syncany' => 'http://www.syncany.org/'}, #{link 'git-annex' => 'http://git-annex.branchable.com/assistant/'}, #{link 'SparkleShare' => 'http://sparkleshare.org/'}
      %td
      %td
      %td
    %tr
      %td Data Wipe
      %td #{link 'Eraser' => 'http://eraser.heidi.ie/'}, #{link 'BleachBit' => 'http://bleachbit.sourceforge.net/'}, #{link 'DBAN' => 'http://www.dban.org/'}
      %td #{link 'DBAN' => 'http://www.dban.org/'}
      %td #{link 'BleachBit' => 'http://bleachbit.sourceforge.net/'}, #{link 'DBAN' => 'http://www.dban.org/'}, wipe
      %td
      %td #{link 'InTheClear' => 'https://github.com/SaferMobile/InTheClear'}
      %td N/A
    -# %tr
      %td Collaboration
      %td
      %td
      %td
      %td
      %td
      %td
  %tbody
    %tr
      %td.section{:rowspan => 3} Audio/Video
      %td Direct Calling
      %td{:colspan => 3} #{link 'Jitsi' => 'https://jitsi.org/'}
      %td
      %td #{link 'RedPhone' => 'https://github.com/WhisperSystems/RedPhone'}, #{link 'CSimpleSip' => 'https://code.google.com/p/csipsimple/'}
      %td
    %tr
      %td Conference
      %td{:colspan => 3} #{link 'Mumble' => 'http://mumble.sourceforge.net/'}
      %td
      %td #{link 'Mumble' => 'http://mumble.sourceforge.net/'}
      %td
    %tr
      %td Capture & Reporting
      %td
      %td
      %td
      %td
      %td #{link 'ObscuraCam' => 'https://guardianproject.info/apps/obscuracam/'}
      %td
  %tbody
    %tr
      %td.section{:rowspan => 2} Network
      %td Availability
      %td{:colspan => 5} #{link 'Commotion' => 'http://commotionwireless.net/'}
      %td N/A
    %tr
      %td Confidentiality & Anonymity
      %td{:colspan => 5} #{link 'Tor' => 'https://torproject.org'}, #{link 'OpenVPN' => 'http://openvpn.net'}
      %td N/A
  %tbody
    %tr
      %td.section{:rowspan => 3} Identity
      %td Passwords
      %td{:colspan => 3} #{link 'KeePassX' => 'http://www.keepassx.org/'}
      %td
      %td #{link 'KeePassDroid' => 'http://www.keepassdroid.com/'}
      %td
    %tr
      %td Validation
      %td{:colspan => 6} OpenPGP, #{link 'OTR' => 'http://www.cypherpunks.ca/otr/'}
    %tr
      %td Authentication
      %td{:colspan => 6} #{link 'Mozilla Persona' => 'https://login.persona.org/'}, #{link 'WebID' => 'http://www.w3.org/2005/Incubator/webid/spec/'}
  -# %tbody
    %tr
      %td.section{:rowspan => 2} Anti-intrusion
      %td Firewall
      %td
      %td
      %td Many
      %td
      %td DroidWall
      %td N/A
    %tr
      %td Anti-virus
      %td
      %td ClamXav
      %td ClamAV
      %td
      %td
      %td N/A
  -# %tbody
    %tr
      %td.section{:rowspan => 3} Productivity
      %td Events & Scheduling
      %td
      %td
      %td
      %td
      %td
      %td
    %tr
      %td Tasks & Planning
      %td
      %td
      %td
      %td
      %td
      %td

:textile
  Looking at this table, it is immediately obvious that there are a lot of empty cells. Unfortunately, most of the cells that are filled in contain software that is unfriendly or even sadistic toward the user. Trying to use many of these tools can feel like developing a BDSM relationship with your computer, and you are not the top.

  What is missing might be more revealing than what is listed. These toolsets are entirely absent from my 'security bingo' game card:

  * *Social Networking:* When I excluded software that I think is unfeasible (SecureShare) or has no security (Diaspora, etc), then you end up with zero projects.
  * *Document Collaboration:* I have high hopes for an encrypted etherpad, but so far no one has started work on it.
  * *Photos/Vidoes & Galleries:* Nothing I have heard of.
  * *Events & Scheduling:* Nothing I have heard of.
  * *Tasks & Planning:* Nothing I have heard of.

  I also excluded a few obvious categories:

  * *Firewall:* Reasonable firewall support is now built into most operating systems.
  * *Anti-virus:* Viruses are still mostly a problem on Windows. Other platforms have just gotten lucky so far.

  If you have suggestions for how I can fill in my game card, please write elijah@leap.se.