Saturday, May 20, 2017

EFF's out-of-date Secure Messaging Scorecard

This is an open letter to the Electronic Frontier Foundation.

Dear EFF,

At you wrote "you should not use this scorecard to evaluate the security of any of the listed tools, as many of them have been changed since the scorecard was last updated" but you also wrote "Updates will be made if the listees or others inform us of changes or inaccuracies."

I suppose this has been happening ("the listees or others inform us of changes or inaccuracies") and you have not stood by your promise to make updates accordingly.  This seems to me to be one example of "security vulnerabilities ONLY in EFF software or systems," and so I am reporting it here.  There are people relying on the information at to maintain their messaging apps in a secure fashion, and EFF has apparently dropped the ball.

Is this because we didn't donate enough?  Can you send me a list of the "changes or inaccuracies" that have been reported by listees or others and give me a chance to raise the money it would take to incorporate those changes and inaccuracies into the page there?

Thank you for your work.  I am committed to helping excellent organizations such as yours follow through on their promises.

No comments: