[OTR-dev] OTR-dev Digest, Vol 75, Issue 2
Allan Nordhøy
epost at anotheragency.no
Thu May 7 11:24:36 EDT 2015
The Xabber icons
<https://github.com/redsolution/xabber-android/commit/1ed13b2625d444112d85b3170c78903a11851fae>
look good. The idea occured to me as i was writing my earlier reply, so it
must have some level of commonality to it. I dropped it because a plain
hinge was my idea of secure, which doesnt communicate anything in the way
of verified or not. The checkmark is brilliant.
However the problem is present with the Xabber set. The first icon
<https://raw.githubusercontent.com/redsolution/xabber-android/1ed13b2625d444112d85b3170c78903a11851fae/app/src/main/res/drawable-hdpi/ic_security_plain_24dp.png>
makes
unverified look quite similar to something that is locked down. Exactly the
opposite.
If instead the top part of the lock is swung around the other way and there
is an exclamation-mark on it, it will alert the user to something not being
optimal. Attached you will find my idea of doing it.
But back to the earlier proposal. Do you all like the new logo? I hope it
comes to use.
I enjoy both the OTR software and communicating with the people behind it,
thank you all.
Allan Nordhøy (kingu)
On Wed, May 6, 2015 at 6:00 PM, <otr-dev-request at lists.cypherpunks.ca>
wrote:
> Send OTR-dev mailing list submissions to
> otr-dev at lists.cypherpunks.ca
>
> To subscribe or unsubscribe via the World Wide Web, visit
> http://lists.cypherpunks.ca/mailman/listinfo/otr-dev
> or, via email, send a message with subject or body 'help' to
> otr-dev-request at lists.cypherpunks.ca
>
> You can reach the person managing the list at
> otr-dev-owner at lists.cypherpunks.ca
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of OTR-dev digest..."
>
>
> Today's Topics:
>
> 1. Re: OTR-dev Digest, Vol 75, Issue 1 (Allan Nordh?y)
> 2. Re: OTR-dev Digest, Vol 75, Issue 1 (Nick Guenther)
> 3. Re: OTR-dev Digest, Vol 75, Issue 1 (Ian Goldberg)
> 4. Re: OTR-dev Digest, Vol 75, Issue 1 (Peter Fairbrother)
> 5. Re: OTR-dev Digest, Vol 75, Issue 1 (Ian Goldberg)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Wed, 6 May 2015 00:11:53 +0200
> From: Allan Nordh?y <epost at anotheragency.no>
> To: otr-dev at lists.cypherpunks.ca
> Subject: Re: [OTR-dev] OTR-dev Digest, Vol 75, Issue 1
> Message-ID:
> <CAMnoC=y6_Pi2W=bZSLXOEV4g61s=
> Cv3yEfAxG3ZRQBVyGCbtCA at mail.gmail.com>
> Content-Type: text/plain; charset="utf-8"
>
> It started with me being exposed to what Pidgin uses as an icon to signal
> the nature of current OTR-connections.
>
> At first some heads (?) forming a crowd of three for cleartext
> conversations.
> Changing into one person with a warning-sign before it for unverified
> connections.
> Verified connection are displayed as just a pictogram of one person.
> For some reason this same icon changes and displays for IRC-chatrooms too,
> still with the OTR-settings for the last opened one-to-one conversation.
>
> I ventured into the the #otr IRC-room to report on a broken link on the
> site, and i also mentioned how the icon-background isn't transparent,
> knowing that its an easy fix. Thinking maybe there might be something
> better to do drop into its place alltogether.
>
> Then, shortly therafter: (21. march 14.03 +0100) jvoisin: we need a logo :<
>
> Many designs later, some of which were novel, but not good, I had maybe
> fixed what I set out to solve in that it would be an improvement over the
> current set of icons.
> Since that isn't good enough I made something that I think works for both
> icons and logo.
>
> Change the colours and you have all modes. Red for "not private", Yellow
> for "unverified" and Green for "authenticated".
>
> Or, still going with two different two designations; two megaphones, an
> envelpe with a questionmark on it, and maybe an envelope being handed over.
>
> Right now there are two instances of the same icon, one at the bottom next
> to the chat-field and another up top along with "OTR" in writing, on a
> different button to trigger the same menu.
>
> What was initially a weekend job of drawing and digitizing resulted in good
> feedback on one design, only to protract over a month, slowly but surely
> passing my own judgement, steadily holding up against attempts to improve
> it. Some pixel-fixes later and here we are.
>
> The design I made is my own, so I can license it however you please.
>
> -Allan Nordh?y (kingu)
>
> On Tue, May 5, 2015 at 6:00 PM, <otr-dev-request at lists.cypherpunks.ca>
> wrote:
>
> > Send OTR-dev mailing list submissions to
> > otr-dev at lists.cypherpunks.ca
> >
> > To subscribe or unsubscribe via the World Wide Web, visit
> > http://lists.cypherpunks.ca/mailman/listinfo/otr-dev
> > or, via email, send a message with subject or body 'help' to
> > otr-dev-request at lists.cypherpunks.ca
> >
> > You can reach the person managing the list at
> > otr-dev-owner at lists.cypherpunks.ca
> >
> > When replying, please edit your Subject line so it is more specific
> > than "Re: Contents of OTR-dev digest..."
> >
> >
> > Today's Topics:
> >
> > 1. OTR logo (Allan Nordh?y)
> > 2. Re: OTR logo (Hans-Christoph Steiner)
> >
> >
> > ----------------------------------------------------------------------
> >
> > Message: 1
> > Date: Tue, 5 May 2015 11:29:13 +0200
> > From: Allan Nordh?y <epost at anotheragency.no>
> > To: otr-dev at lists.cypherpunks.ca
> > Subject: [OTR-dev] OTR logo
> > Message-ID:
> > <CAMnoC=
> > zppASekMeCvcX+8xdVm5qxAiCPxB3XVhoCk-zGhzjahg at mail.gmail.com>
> > Content-Type: text/plain; charset="utf-8"
> >
> > attached
> > -------------- next part --------------
> > An HTML attachment was scrubbed...
> > URL: <
> >
> http://lists.cypherpunks.ca/pipermail/otr-dev/attachments/20150505/95ec2a5e/attachment-0001.html
> > >
> > -------------- next part --------------
> > A non-text attachment was scrubbed...
> > Name: otrlogo.png
> > Type: image/png
> > Size: 3912 bytes
> > Desc: not available
> > URL: <
> >
> http://lists.cypherpunks.ca/pipermail/otr-dev/attachments/20150505/95ec2a5e/attachment-0001.png
> > >
> >
> > ------------------------------
> >
> > Message: 2
> > Date: Tue, 05 May 2015 10:20:12 -0400
> > From: Hans-Christoph Steiner <hans at guardianproject.info>
> > To: otr-dev at lists.cypherpunks.ca
> > Subject: Re: [OTR-dev] OTR logo
> > Message-ID: <5548D19C.8030500 at guardianproject.info>
> > Content-Type: text/plain; charset=utf-8
> >
> >
> > interesting idea. Where did this logo come from?
> >
> > .hc
> >
> > Allan Nordh?y:
> > > attached
> > >
> > >
> > >
> > > _______________________________________________
> > > OTR-dev mailing list
> > > OTR-dev at lists.cypherpunks.ca
> > > http://lists.cypherpunks.ca/mailman/listinfo/otr-dev
> > >
> >
> > --
> > PGP fingerprint: 5E61 C878 0F86 295C E17D 8677 9F0F E587 374B BE81
> > https://pgp.mit.edu/pks/lookup?op=vindex&search=0x9F0FE587374BBE81
> >
> >
> > ------------------------------
> >
> > _______________________________________________
> > OTR-dev mailing list
> > OTR-dev at lists.cypherpunks.ca
> > http://lists.cypherpunks.ca/mailman/listinfo/otr-dev
> >
> >
> > End of OTR-dev Digest, Vol 75, Issue 1
> > **************************************
> >
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: <
> http://lists.cypherpunks.ca/pipermail/otr-dev/attachments/20150506/3f8ac69f/attachment-0001.html
> >
>
> ------------------------------
>
> Message: 2
> Date: Tue, 05 May 2015 19:23:18 -0400
> From: Nick Guenther <nguenthe at uwaterloo.ca>
> To: otr-dev at lists.cypherpunks.ca
> Subject: Re: [OTR-dev] OTR-dev Digest, Vol 75, Issue 1
> Message-ID: <554950E6.7020205 at uwaterloo.ca>
> Content-Type: text/plain; charset=windows-1252; format=flowed
>
>
>
>
> On 05/05/15 06:11 PM, Allan Nordh?y wrote:
> > It started with me being exposed to what Pidgin uses as an icon to signal
> > the nature of current OTR-connections.
> >
> > At first some heads (?) forming a crowd of three for cleartext
> > conversations.
> > Changing into one person with a warning-sign before it for unverified
> > connections.
> > Verified connection are displayed as just a pictogram of one person.
> > For some reason this same icon changes and displays for IRC-chatrooms
> too,
> > still with the OTR-settings for the last opened one-to-one conversation.
> > [...]
> > Change the colours and you have all modes. Red for "not private", Yellow
> > for "unverified" and Green for "authenticated".
> >
> > Or, still going with two different two designations; two megaphones, an
> > envelpe with a questionmark on it, and maybe an envelope being handed
> over.
> >
> > Right now there are two instances of the same icon, one at the bottom
> next
> > to the chat-field and another up top along with "OTR" in writing, on a
> > different button to trigger the same menu.
> >
> > What was initially a weekend job of drawing and digitizing resulted in
> good
> > feedback on one design, only to protract over a month, slowly but surely
> > passing my own judgement, steadily holding up against attempts to improve
> > it. Some pixel-fixes later and here we are.
> >
> > The design I made is my own, so I can license it however you please.
> >
> > -Allan Nordh?y (kingu)
> >
>
> I think this is a great idea. Xabber(.apk)'s recent beta has added new
> logos next to the text input box (a good idea glibly ripped from
> Conversations.apk) and it is easily my favourite feature in the beta.
> It's aesthetically appealing which helps selling crypto to my friends,
> and it's also super readable and obvious what mode you're in.
>
> The Xabber icons are here for comparison:
>
> https://github.com/redsolution/xabber-android/commit/1ed13b2625d444112d85b3170c78903a11851fae
>
> -Nick Guenther
> Stats/CS, uwaterloo
>
>
> ------------------------------
>
> Message: 3
> Date: Wed, 6 May 2015 12:51:33 +0200
> From: Ian Goldberg <ian at cypherpunks.ca>
> To: otr-dev at lists.cypherpunks.ca
> Subject: Re: [OTR-dev] OTR-dev Digest, Vol 75, Issue 1
> Message-ID: <20150506105133.GO4766 at yoink.cs.uwaterloo.ca>
> Content-Type: text/plain; charset=iso-8859-1
>
> On Wed, May 06, 2015 at 12:11:53AM +0200, Allan Nordh?y wrote:
> > Change the colours and you have all modes. Red for "not private", Yellow
> > for "unverified" and Green for "authenticated".
>
> Unfotunately, one can't use only a colour change to indicate something
> like this, for the sake of people who cannot see the colours. Having an
> OTR logo is great, and something we've indeed wanted for a while, and
> this is at the very least a good starting point; thanks! But I don't
> think we should use (coloured versions of) it for the security state
> indicators.
>
> Another logo idea previously proposed was some stylized form of "OTR" in
> a speech bubble; I suggested making it a dashed speech bubble (denoting
> whispering), but then I never heard back.
>
> - Ian
>
>
> ------------------------------
>
> Message: 4
> Date: Wed, 06 May 2015 13:49:13 +0100
> From: Peter Fairbrother <zenadsl6186 at zen.co.uk>
> To: otr-dev at lists.cypherpunks.ca
> Subject: Re: [OTR-dev] OTR-dev Digest, Vol 75, Issue 1
> Message-ID: <554A0DC9.2060709 at zen.co.uk>
> Content-Type: text/plain; charset=ISO-8859-1; format=flowed
>
> On 06/05/15 11:51, Ian Goldberg wrote:
> > On Wed, May 06, 2015 at 12:11:53AM +0200, Allan Nordh?y wrote:
> >> Change the colours and you have all modes. Red for "not private", Yellow
> >> for "unverified" and Green for "authenticated".
> >
> > Unfortunately, one can't use only a colour change to indicate something
> > like this, for the sake of people who cannot see the colours.
>
>
>
> I'm not very familiar with OTR, but - a "not private" mode? And two
> other modes? Is that wise?
>
> Fifth Principle of Information Security Design: "Modes and choices are
> bad in crypto protocols, they give users choices which they are not
> qualified to make. It is your job to be clever, not the user's."
>
> Now OTR's clients are probably mostly a bit above the usual luser, but ..
>
>
>
>
> (Hi Ian, long time no see)
>
>
> -- Peter Fairbrother
>
>
> ------------------------------
>
> Message: 5
> Date: Wed, 6 May 2015 15:34:29 +0200
> From: Ian Goldberg <ian at cypherpunks.ca>
> To: otr-dev at lists.cypherpunks.ca
> Subject: Re: [OTR-dev] OTR-dev Digest, Vol 75, Issue 1
> Message-ID: <20150506133429.GT4766 at yoink.cs.uwaterloo.ca>
> Content-Type: text/plain; charset=iso-8859-1
>
> On Wed, May 06, 2015 at 01:49:13PM +0100, Peter Fairbrother wrote:
> > On 06/05/15 11:51, Ian Goldberg wrote:
> > >On Wed, May 06, 2015 at 12:11:53AM +0200, Allan Nordh?y wrote:
> > >>Change the colours and you have all modes. Red for "not private",
> Yellow
> > >>for "unverified" and Green for "authenticated".
> > >
> > >Unfortunately, one can't use only a colour change to indicate something
> > >like this, for the sake of people who cannot see the colours.
> >
> >
> >
> > I'm not very familiar with OTR, but - a "not private" mode? And two
> > other modes? Is that wise?
> >
> > Fifth Principle of Information Security Design: "Modes and choices
> > are bad in crypto protocols, they give users choices which they are
> > not qualified to make. It is your job to be clever, not the user's."
> >
> > Now OTR's clients are probably mostly a bit above the usual luser, but ..
>
> Yes, totally agree. For many OTR users, who might be using it
> unintentionally because their IM client just ships with it by default,
> say, OTR will just protect their conversations against passive
> eavesdroppers without them needing to know anything.
>
> The mode indicators (at least "Not Private") come in because we're not
> providing a secure messaging network ab initio. Instead, you're talking
> to your existing contacts, who may or may not be equipped to encrypt
> your conversation. So while it is of course best to make a system that
> *cannot* send unencrypted messages, there are compromises one needs to
> make when deploying a security/privacy layer on top of an existing
> system. (Which is why you should design security and privacy *into* the
> system, and not bolt it on top. But we didn't get to design AIM, ICQ,
> or XMPP.)
>
> - Ian
>
>
> ------------------------------
>
> _______________________________________________
> OTR-dev mailing list
> OTR-dev at lists.cypherpunks.ca
> http://lists.cypherpunks.ca/mailman/listinfo/otr-dev
>
>
> End of OTR-dev Digest, Vol 75, Issue 2
> **************************************
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cypherpunks.ca/pipermail/otr-dev/attachments/20150507/35b29bd8/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: plaintext.jpg
Type: image/jpeg
Size: 1684 bytes
Desc: not available
URL: <http://lists.cypherpunks.ca/pipermail/otr-dev/attachments/20150507/35b29bd8/attachment-0001.jpg>
More information about the OTR-dev
mailing list