Feminist cybersecurity 101


Originally published at: http://boingboing.net/2017/01/02/feminist-cybersecurity-101.html


9 hours and no hate-filled screeds in the comments? Sorry 2017 - perhaps I was too quick to judge ya…


I do not understand what makes this a “feminist” guide. The adjective seems vacuous.


It’s a good guide and the white male author wants to specifically direct it towards a non-white male audience. He’s intelligent so he knows this makes it “mansplaining” unless he turns the virtue signaling performance up to 11.

It’s a well intentioned cynical exercise in realpolitik, sure. But the guide is good information, well written, well presented and targeting a bunch of groups that normally get excluded and need this info, so it seems like it will do more good in this form than another.

Yes, the non-charitable reading is that it’s paternalistic, condescending and making a mockery of social justice as a “growth hack”. But don’t assume the worst when there is no reason to assume the author isn’t trying to do what he says he is, help vulnerable people with a subject that is difficult and rapidly growing in importance.


There’s no doubt of the author’s positive intentions. I suppose I simply lament the need for a “feminist opsec” instead of simply “opsec” when the two are identical down to the letter—it is needless division. Is it really untenable to follow an opsec guide from someone who hasn’t signaled that they are not a Trump supporter or republican?

Do we need to be using a feminist floating point library? Do we need our cryptolibraries to be written by progressives, for progressives? This apparent emotional need causes me concern.


Is that necessarily true? Risk assessments on what data to spend your efforts protecting might well be different. For example, having your physical address exposed may be no big deal to most people, but could be literally life-or-death for a woman fleeing a violent partner. A straight cis heterosexual guy with vanilla tastes in porn may have not much to fear if his browsing history is compromised; that may be less true for other sexualities and identities.


Well, the risk assessments would differ yes, but the solutions once you decide security is necessary don’t. And that is what the guide is about, but you do point out why he is trying to educate these groups specifically.


For targeting these groups, I suppose I would entitle such a guide as, “Opsec for women” or “Opsec for fleeing domestic violence”. That conveys the intended audience without saying it’s “different”. Analogously, whereas a book of “floating-point arithmetic for feminists” could be a thing, the book “feminist floating-point arithmetic” will presumably never be a thing (hopefully).

I suppose the phrase “feminist cybersecurity” triggered my identity politics detector and I simply reacted to it.


Do you lament the need - or that it exists?


The opponents are often a little different, but the opsec tools and techniques are the same whether you’re a Californian genderqueer or a Texas-will-secede Trumpeter. Then, as there is no difference between opsec and “feminist opsec”, I lament what I perceive to be as a psychological need for something to be branded as “feminist” for it to be deemed trustworthy.


Well - yes - that sexism exists does suck.


100% agree. If you are going to write something and aim it directly toward a target audience you could at least not just tack on intro paragraphs to appease said audience. Give concrete examples, reasons why this program would work better for this group than another, and so forth. But hey if you think it’ll sell you more copies go for it.

And I don’t lament the need, or that it exists - I lament the sloppiness that it was done with.


Opsec should address specific risk situations as well as general principles. That said, this isnt the dumbest invocation of feminism I’ve ever seen or even the dumbest lately.

closed #14

This topic was automatically closed after 5 days. New replies are no longer allowed.