If your OS is compromised, your favorite communication app might encrypt everything that you send, but that won't help you if that data is collected prior to encryption.

Every developer that advertises their app as secure, should also take the time to educate people on its limitations and how to possible mitigate them.

1/3

"Just install [name of software] and you can safely communicate" is a very bad advice.
It might be safe, but that depends on the environment you apply it to.

"Is it safe enough for me?", you'll be only able to answer if you know the environment that person will apply your advertised software to. Depending on the area the person is located, just trying to download it might raise suspicion.

2/3

And what about virtual keyboards on phones leaking data? How to prevent that?

If your user don't know the answer, you probably failed in educating them in how to securely use your software.

Your secure™ app, can only be as secure as the OS, can only be as secure as the hardware and the user.

3/3

Follow

An example how such education on limitation could look like

Warnings and limitations of Tails:
tails.boum.org/doc/about/warni

I wished more software projects had such in the open and well documented for their users to be discovered.

We need users with informed decisions and awareness for privacy and federation. That's a matter of knowledge. Share it with your users.

· · Web · 0 · 1 · 2
Sign in to participate in the conversation
Linux.Pizza

A instance dedicated - but not limited - to people with an interest in the GNU+Linux ecosystem and/or general tech. Sysadmins to enthusiasts, creators to movielovers - Welcome!