Re: [mat-dev] [Pkg-anonymity-tools] pdf-redact-tools

Supprimer ce message

Répondre à ce message
Auteur: intrigeri
Date:  
À: Micah Lee
CC: pkg-anonymity-tools, mat-dev
Sujet: Re: [mat-dev] [Pkg-anonymity-tools] pdf-redact-tools
Hi Micah!

Micah Lee wrote (24 Feb 2015 19:53:30 GMT) :
> I'm not sure of this fits into the realm of anonymity tools, but I've
> recently released a simple script called pdf-redact-tools: [...]


Thanks for the heads up! Looks like a useful tool. I'm happy you wrote
it, and this is enough to make me confident that it does solve some
important real-life problems. Yay!

> Would anyone like to volunteer to package it for Debian?


We're already maintaining MAT [1]. I understand pdf-redact-tools
covers some needs that the MAT doesn't address yet. Still, I'm
personally reluctant to see this kind of functionality thinly spread
over various packages in Debian, mostly for UX reasons, and also
because IMO there are currently to few people working in this niche
field for us to really benefit from competing implementations, so:

* Are there any plans to make both tools converge somehow, e.g.
by adding the missing features in MAT? Both are implemented in
Python, so the starting point doesn't seem that bad :)

* How does `pdf-redact-tools --sanitize' differ from the seemingly
equivalent feature provided by MAT?

[1] https://mat.boum.org/

(OT comment: I'm always concerned by seeing tools pretend they do
something "securely". Not only that's a very bold statement, but that
that's not my main concern. What really bothers me is that it
re-inforces the idea that computer security is a boolean value, that
tools are either secure or not -- that's a far too common mistaken
belief already, that IMO is undermining any educational effort aimed
at conveying the basics of threat modeling and of adjusting one's
defenses to whatever adversaries they expect. Try doing Tails user
support for a couple days on IRC, and then it'll become obvious how
painful it is to constantly struggle again this misconception. May you
please securely redact that statement? :)

Cheers,
--
intrigeri