"Treason" as a passphrase word option for Sources? #fail #1541
Comments
|
If someone else from FPF agrees, I can go through this by hand and replace all the "bad" words with other easy to memorize ones. |
|
I agree, both from a UX and psychological perspective, this is a good call. |
|
Don't replace them though. Just remove them. A lot of research went into picking memorizable words for that list https://www.eff.org/deeplinks/2016/07/new-wordlists-random-passphrases, and I'd rather not add in un-memorizable words. Removing 10-20 words (I don't suspect much more will be required) shouldn't hurt the entropy of codenames significantly. |
|
Remove "trump" 😝 |
|
@fowlslegs Aye ayea. Though in the case that @ninavizz brought up, I think it's reasonable to leave the Journalist wordlists alone since sources will never see that. |
|
@fowlslegs @ninavizz @justintroutman I started skimming this and so far, the diff of "definitely remove" includes this: The list of "maybe remove" includes this: How aggressive should I be in removing words with negative connotations? |
|
Also, since this might be more than 10-20 words removed (I have only gotten to 500/7776 so far), I was considering using this wordlist as additions. https://gist.github.com/ehedaya/2743dce1f0d1e8375367 I know it's been cited a few places as "easy to memorize." |
|
I think you're being overly aggressive with removal. I think you should go for words that are particularly negative in the context of leaking information. While "abrasion" generally has a neutral or negative connotation, for a source I think it's unlikely to trigger imagery of some spook rubbing sandpaper on their face (sorry for the graphic imagery y'all). Unless that new wordlist has user studies backing up it's memorizability like EFF's I don't think we should be replacing them, even if we end up removing more like 50 words. |
|
I tend to agree with @fowlslegs on this stance; it makes sense to stick with words that are closely associated with leaking, or the legal consequences of leaking. I realize this leads to some gray area with some words! For example, "treason", "deport", and "affidavit" all make me think of being detained and ending up in court and/or prison. |
|
Yes—the key here is "trigger" words, that will influence a prospective leaker to freeze-up and abandon their task when new to SD, or fail to return to SecureDrop at a later date to return Journalist correspondence. UX is as much psychology, as it is design. In fact, it's more psychology, because familiar visual/interactive patterns yield improved usability—and that's from a lifelong of cognitive training of interactive and visual cues. Thanks for all the enthusiasm on this, it's important (and more fun when it's a team effort)! Words that reflect social values w/o linked direct consequences, aren't of worry to me. "abrasive, armed, badass" and some of the other words, don't strike me so much as being triggers, more social stigmas—which I suspect leakers have already given lengthy contemplation to. @justintroutman it's also important though to remember, that Government Accountability stuff is just one type of leak. An immigrant meatpacker reporting inhumane slaughterhouse practices, or Karen Silkwood, face very different consequences than Ed and Chelsea did. More on that, below. My subsequent reccos, from @heartsucker's list: ...if they exist in the wordlists, my additions to the above: I wouldn't be surprised if some of the above are not on the wordlists, as they have stumbly spellings. Nice to hear that list was researched for what words are easiest for common folks to correctly remember! :) Touched upon, earlier: Food Integrity, Public Health, and Corporate Accountability whistleblowers, face either stalking, harassment, or being disappeared, as consequences for their actions—not facing charges of treason. The latter, only applies to Government Accountability whistleblowers—whom, yes, are the majority of SD Sources atm (it seems). These "types" I came-up with, from the Government Accountability Project website. Many whistleblowers face the loss of jobs and careers they've had for 10-20 years, too—so the pressure is huge. Ed and Chelsea were unusual, in not facing the loss of some lengthy period of devoted service to a career. That's a unique and massive psychological burden for Source users to bear, that SD needs to be sensitive to. Immigrants exploited in crappy working conditions, need a place to safely report their abuses—so sensitivity to their fears of deportation and their families being broken apart, is also good to keep in mind. I created the below after a weekend of browsing through articles of ~50 well-known media-leak whistleblowing cases from the past 50-ish years, and calculating the age and education of whistleblowers at the time they produced their leaks to the media. Many Corporate Accountability whistleblowers—especially in finance—have had legal recourse for their leaks, but in Trump's era I see many more likely pursuing media as their key resources, versus lawsuits what would thrust them into the public spotlight and more likely end their careers.
|
|
I think one could take the words we've come up with as a set, then find all synonyms using https://github.com/geekpradd/PyDictionary, and then find the intersection between the set of these words and their synonyms and the set of words that is our wordlist. |
|
^ In addition to some manual review of both the wordlist and whatever such an operation turns up, that is. Some words that might be considered synonyms will only be synonyms the words y'all've listed above in regards to alternate definitions of those words. I just thought this might be a way to help us be more thorough. |
|
@fowlslegs @heartsucker If the list is only 7500 words and Eric's already combed through the first 500, I'm happy to tackle words 501-3500 (or so) tomorrow—and cd do more, at a later date. I've written articles that were a few thousand words, it's not that much—and I like the idea of not adding any words. When is the next release set to deploy? |
|
@ninavizz I can have this done today (probably before y'all wake up). I feel asleep while working it last night. 😆 |
|
Curious parties can see progress here: https://github.com/heartsucker/securedrop/blob/wordlist-happiness/securedrop/wordlist |
|
I have a PR ready that is knowingly overly aggressive with removals on the grounds that it's easier to say "put that back in" than to go over the list twice. |
https://docs.securedrop.org/en/latest/journalist.html
Super random: but, the third-down screenshot I came upon earlier today, and it shows a created passphrase with the word "treason" in it. Imagining what a n00b Government Accountability type leaker might think upon seeing that—and all I can think, is task abandonment, buh-bye.
Words such as "treason" and "traitor" or "prison" or "murder" or "stalking" or "jail" or "guilty" or "betrayal" or "deported" or "exile" etc. Would it be possible to assemble a list of likely trigger words to be blocked from inclusion in passphrases presented to Sources?
The text was updated successfully, but these errors were encountered: