The fallout from the Snowden affair seems to keep coming, with the shuttering of not one but two secure email services.

For those who have been living under a rock for the past month or so, Edward Snowden is the whistleblower and political dissident who leaked evidence of vast illegal US and UK internet surveillance projects, and who has currently been granted asylum in Russia. Given the American government’s shockingly poor record on the treatment of its political prisoners, as well as their clear desire to make an example of him, I for one am relieved Russia stepped up to its obligations under international law. Granting Mr Snowden some respite from persecution, however temporary that may be, was both legally and morally the right thing to do, even if the cognitive dissonance that I feel from the reversal of the traditional narrative is giving me a migraine.

Known in crypto-analysis circles as “The Rubber Hose technique”.

Lavabit, a Texas based provider of encrypted email apparently used by Snowden, shut down to avoid becoming “complicit in crimes against the American people”. Later Silent Circle, based in Maryland, did the same, taking the view that it was better to close down and destroy its servers than to deal with the inevitable bullying.

The message seems to be simple. You can’t rely on the security of services where the data is out of your control, especially if the machines or companies involved have ties to the USA, but to say you’re safe from this sort of thing because you use a non-us provider (as many seem to be saying) is frankly delusional.

For those who are looking for alternatives to giving all your data to a third party, I do suggest you check out the #indieweb community, especially if you’re a builder. #indiewebcamp-uk is happening in September in Brighton, RSVP here.

It seems it is fast becoming a dangerous time to be a software creator, and no matter how secure your platform, you always run the risk of the rubber hose technique. As an industry, we are living in “interesting times“, it will be interesting where we go from here.

Update: Graham Klyne points out that Silent circle haven’t shuttered their end-to-end encryption offerings.

Image “Security” by XKCD.

It is the little differences between the US and the UK that really interest me.

I was out in Berkeley visiting a friend, it was late and we were sharing a few beers in his apartment before we retired.

On thing I notice is that Americans, contrasted with much of the rest of the world, seem to have much more faith in technology than most. I’m not sure what it is, perhaps just a symptom of the infectious American optimism and the idea that all technology is fundamentally a positive and infallible force.

Perhaps it was the beer.

Anyway,  in a moment of inspiration I realised this sort of bathroom lock (pictured) – which I’ve not seen anywhere outside of America – may be the perfect example of this sort of optimistic faith in technology.

When in the bathroom, you push the central button in order to lock the door from the outside. A twist of the handle springs the lock and opens the door.

What was interesting to me was that there was no feedback as to whether the lock was actually engaged. You pushed the button, and that was it.

There is no way to test it since twisting the handle would automatically disengage the lock. In other words, you had to trust that the mechanism was working as it should… which to my European software engineer’s mind left me with nagging doubts as to whether or not I would be interrupted while in the middle of something, so to speak.

This is to my mind a very good example of how an attempt to create a simple interface unintentionally creates a poor user experience.

Perhaps its just a cultural difference (which is nonetheless an important consideration), but I think many would find feedback comforting in this sort of situation.