[guardian-dev] Fwd: [liberationtech] Heml.is - "The Beautiful & Secure Messenger"

[Nathan of Guardian]

On 07/11/2013 03:53 AM, Guy Tavor wrote:
> Sorry for jumping in:
No, please - glad to have your input, and see our community expand.
These are important issues, and I would like to keep the discussion
happening here.
>
> If Gibberbot is targeting everyone and want to become a "WhatsApp"
> alternative, then - yes - product design (including "beauty") is very
> important, and still is a long way from market leaders.
Absolutely true. The thing that the marketing around Heml.is that gets
my goat is the subtle message that somehow existing projects in secure
mobile messaging do not care about beauty and simplicity. You better
!@#*@# believe we care, and I am considering making a shiny video in
pastel colors that says "Fuck yeah, we love beautiful things too!"

However, we also care about our users being able to experience beauty
freely for the rest of their lives without that being through a jail
cell window. Freedom is beautiful. Privacy is beautiful, and most of the
beautiful things I have experienced in my life have been in intensely
private moments. Having a pleasing aesthetic experience on my smartphone
falls a bit farther down the list of "things that are beautiful in this
world" for me.

When it comes down to having eight hours to work on code for Gibberbot,
and we have to trade off between improving support for ensuring we are
not man-in-the-middle or that data is safe-guarded on the wire AND on
the device, versus improving our color palette or tweaking layout, we
will always choose the former. I am hoping we are getting to a point
where we have resources for both, but it is ingenuine for someone like
Heml.is to pretend they can do both perfectly without trade-offs. Even
in their opening statements, they are already admitting many trade-offs.

When we think about the best way to achieve always-on/offline messaging,
we spend the time thinking about how to tune OTR properly, so we can
have perfect forward secrecy AND simplified cryptography. We don't just
punt and say "well PGP is good enough in this case, because no one's
keys will ever be compromised anyhow".

While we would really like to have push messaging and add all sorts of
proprietary XMPP/server extensions to make things flow more easily, and
to not require socket connections to be open all of the time, it would
inevitably mean that you can only use our apps with our servers. Again,
there is that trade-off "Boy, we really need offline, push messaging, so
I guess we can't support any server. We don't really need decentralized,
open-standards anyhow, right?". A single point of failure for attack,
monitoring and legal action now exists.

The big point is that nothing they are proposing solves the so-called
"metadata" issue. I.e. traffic surveillance will basically tell you
everything you need to know, especially if the use Google and Apple's
push services which seem likely. All they talk about is the content of
your messages, not the headers, and as we have seen recently, this is
the real problem. Unless you support decentralized servers and an option
for a trusted proxy or darknet routing, you can't solve the metadata
problem.

> When I was still at Google, we ran some usability tests from which
> I've learnt some surprising product-design truths, manily around how a
> person's mind solidifies their opinion based on sensory inputs it is
> not aware of.
> The most mind-blowing (for me anyway) example was around how
> people perceive search-results as of higher-quality if they come in
> 50ms earlier. So - "beauty" is just a general name for a "pleasing
> product" - it should not disturb the eye, UX should be intuitive,
> product should be very fast and responsive, product should give value
> within 30 seconds after installation.
I agree with all of these things, and attended some excellent talks on
design and usability at Google I/O 2013. The best one related how it
only takes a few -1 points on usability to quickly outweigh all the +1
points on function and features... meaning, the judgement of usability
vs value is not equally weighted. I definitely take this into account
when I ponder all the points I wrote above. I really do want both, and I
think it can be achieved, but it just takes longer to get there.

I think Heml.is is like one of those marathon runners who secretly takes
a shortcut via the cab or subway. I may be wrong - they may be like one
of those Kenyan marathon runners, and we may just be too slow. ;P

>
> If the target audience are people who depend their lives / careers /
> well-being on secure channel chat, then "Beauty", speed, usability and
> even performance is only secondary.
>
Yes, I think we understand this market well, and perhaps our lot in life
is to serve this group as best as possible, while leaving the Heml.is
and others to address the broader base of WhatsApp, WeChat, Viber, and
other flavors of the day out in the world.

When I think the hundreds of thousands of users we have today, it makes
me very happy. If we can break through at some point to a larger user
base great, but we won't make compromises to get there.

+n