Crypto Guru David Chaum's Private Communications Network Comes With a Backdoor (softpedia.com) 179
An anonymous reader writes: David Chaum, father of many encryption protocols, has revealed a new anonymity network concept called PrivaTegrity. Chaum, on who's work the Onion protocol was based, created a new encryption protocol that works as fast as I2P and the Onion-Tor combo, but also has better encryption. The only downside, according to an interview, is that he built a backdoor into the darn thing, just to please governments. He says that he's not going to use the backdoor unless to unmask crime on the Dark Web. Here's the research paper (if you can understand anything of it).
two thoughts... (Score:2, Informative)
1. Is anyone going to trust something with a backdoor?
2. who's ?
Re: two thoughts... (Score:1)
PrivaTegrity-Half the Integrity shaking hands with half the privacy.
Re: (Score:1)
It's the entire protocol that has the backdoor... nothing to fix .... just don't use
Re:two thoughts... (Score:4, Funny)
1. Is anyone going to trust something with a backdoor?
Everyone who doesn't know about it or have no clue what a backdoor is, or what it implies. That includes an awful lot of BAs with purchasing decisions.
2. who's ?
It's based on the Baba O'Riley protocol.
Not a new idea (Score:2)
There's a ton of discussion elsewhere (ie, g+), and the Wired article completely misses that he's assuming we know about a classic (and cool) solved problem in computer science, "byzantine generals with collusion".
I suspect it will be attractive to anyone who could lose their master key of a sysadmin quits, and unattarctive to the security services, who don't want to ask for or honour court orders (:-))
Re: (Score:2)
It the backdoor is immutable, it means that a first discovery of it's entrance is available to all.
If there is to be a backdoor, then it must change with every encryption, and it must not be detectable because of a consistent pattern of access.
Two successive encryptions of a same file should produce different results and different backdoors.
Re: (Score:1)
Who decides what is a "crime"?
Re: (Score:1)
1. That's what they want to find out.
2. Anyones if no one cares.
I'm no chump (Score:1)
No way am I trusting Chaum. I'm no chump
Interesting - (Score:2, Interesting)
When PrivaTegrity’s setup is complete, "Nine Server Administrators" in nine different countries would all need to cooperate to trace criminals within the network and decrypt their communications.
Re: Interesting - TTP = FAIL (Score:2, Insightful)
If you can trace criminals you can trace dissidents and political opponents. Anonymity is difficult enough without it being broken by design.
Re: (Score:2)
Yeah, your view isn't universal. There are people out there trying to trace dissidents and political opponents electronically because those dissidents know they'll be in jail for a long time or killed if caught. That law enforcement "should" only get involved when dissent becomes violent is a nice thought, but in China the police become involved if you happen to mutter that the local cops are corrupt, or if someone mentions that you practice meditation and believe that materialism isn't the bees knees.
So ye
Re: (Score:3)
There are two possibilities:
1. All countries friendly, so worthless to the users
2. US court says yes, Russian court says no, so worthless for the government.
Spot the common feature.
Re:Interesting - (Score:4, Interesting)
and this would protect against groupthink powered populist witchhunts how exactly? These days, most governments are more than willing to 'cooperate' when dealing with dissent in any one of their countries (eg: multilateral surveillance to get around civil protections). It would be relatively easy to put the squeeze on those nine people. It's hard enough to both design and implement crypto correctly as it is. It's a waste of time to bother implementing purposely compromised crypto.
Re: (Score:3)
Three keys for satellites up in the sky
Seven for the hackers, in their mommies' homes
Nine keys for sysadmins in collusion with the spies
One for the Dark Lord, in his Oval Office.
In the land of Bruce, where the Schneier lies.
One key to crack them all, one key to find them
One key to bring them all and in the HSM bind them.
In the land of Bruce, where the Schneier lies.
So it's useless for citizens and government (Score:1)
Private citizens who care won't use this because they care about not having their communications intercepted.
Big bad government won't use this because they care about not having foreign intelligence intercepting their communications, but will happily spy on anything they can get.
Botnet operators rejoice at the birth of another avenue for hard to kill C&C.
Re: (Score:2)
Might as well have not made a damn thing (Score:5, Insightful)
Just telling everyone your software has a backdoor is the same spending all of your development time masturbating. No-one is going to use this crap.
Re: Might as well have not made a damn thing (Score:2)
nah - if the backdoor is easily factored out by others, he can do some good without being hunted like Satoshi Nakamoto.
Re: (Score:2)
No.
It's = it is ..and people around here are so enamored of and want to pump more money into public education without fixing its problems (yes, 'its').
Its = possessive
A secure backdooor? (Score:2)
Re:A secure backdooor? (Score:5, Informative)
Is he claiming he found a way to safely have backdoored communications?
Not sure what "safely backdoored" means. The system is spread out amongst many different countries in such a way that many different governments must agree to use the back door. If the USA, the Netherlands, and Russia can agree, for example, then it is probably criminal investigation and not spying going on. I reviewed many of the early drafts of this paper. It's pretty cool.
Re:A secure backdooor? (Score:5, Insightful)
Is he claiming he found a way to safely have backdoored communications?
Not sure what "safely backdoored" means. The system is spread out amongst many different countries in such a way that many different governments must agree to use the back door. If the USA, the Netherlands, and Russia can agree, for example, then it is probably criminal investigation and not spying going on. I reviewed many of the early drafts of this paper. It's pretty cool.
Or, another way to put it, a government needs to compromise only those 9 users to gain unlimited access to all encrypted communications through the system.
Re: (Score:1)
Or, to put it another way, it's got to be some seriously insanely important thing to get Russia and the US to agree.
Incentives (Score:2)
Every spy agency, then, would see that they could monitor sensitive communications simply by collaborating with other spy agencies?
Re: (Score:1)
Every spy agency, then, would see that they could monitor sensitive communications simply by collaborating with other spy agencies?
Not some of them, but all of them. No one trusts the USA, but if you had to get Norway on board, life as a spy might be more difficult.
Re: (Score:2)
That's like the UN Security Council. If China, France, Russian Federation, the United Kingdom, and the United States agree, they can do what they want.
That would probably mean their police agencies deciding among themselves.
Let's look at real cases.
If you had a news service, like Wikileaks, that managed to annoy all of them (as a good news organization should do), they could agree to go after that news organization.
And what are the politically-correct grounds for using the back door? Child pornography? Huma
Re: (Score:2)
That's like the UN Security Council. If China, France, Russian Federation, the United Kingdom, and the United States agree, they can do what they want.
That would probably mean their police agencies deciding among themselves.
Let's look at real cases.
If you had a news service, like Wikileaks, that managed to annoy all of them (as a good news organization should do), they could agree to go after that news organization.
And what are the politically-correct grounds for using the back door? Child pornography? Human trafficking? Tax evasion? Drug dealing? Bribery? Terrorism? Capital crimes? Weapons of mass destruction? Waging war?
What if Miss "A" claims that Julian Assange raped her on one night, though she had enthusiastic sex the nights before and after?
Yup. I think you summarized it pretty well. However, the point is to provide a channel of secure communication that requires a relatively high barrier to overcome. The alternative is for these same governments to ban secure communication completely. You make the call.
Re: (Score:2, Interesting)
The system is spread out amongst many different countries in such a way that many different governments must agree to use the back door. If the USA, the Netherlands, and Russia can agree, for example, then it is probably criminal investigation and not spying going on.
I can't believe you could be that naive.
Re: (Score:2)
The system is spread out amongst many different countries in such a way that many different governments must agree to use the back door. If the USA, the Netherlands, and Russia can agree, for example, then it is probably criminal investigation and not spying going on.
I can't believe you could be that naive.
Look up the definition of "probably."
Re: (Score:2)
Is he claiming he found a way to safely have backdoored communications?
Not sure what "safely backdoored" means. The system is spread out amongst many different countries in such a way that many different governments must agree to use the back door. If the USA, the Netherlands, and Russia can agree, for example, then it is probably criminal investigation and not spying going on. I reviewed many of the early drafts of this paper. It's pretty cool.
Just because something is criminal does not mean it should be criminal per our system of morals and ethics. Free speech in China or Saudi Arabia, for example.
As well, governments will cooperate on issues that may not be illegal but are inconvenient to them, for whatever reason.
You place too much confidence in government doing the right thing.
Re: (Score:2)
Is he claiming he found a way to safely have backdoored communications?
Not sure what "safely backdoored" means. The system is spread out amongst many different countries in such a way that many different governments must agree to use the back door. If the USA, the Netherlands, and Russia can agree, for example, then it is probably criminal investigation and not spying going on. I reviewed many of the early drafts of this paper. It's pretty cool.
Just because something is criminal does not mean it should be criminal per our system of morals and ethics. Free speech in China or Saudi Arabia, for example.
As well, governments will cooperate on issues that may not be illegal but are inconvenient to them, for whatever reason.
You place too much confidence in government doing the right thing.
Actually I have absolute confidence that most governments will do the wrong thing. But if a system exists for which a diverse set of governments must agree, then doing anything, right or wrong, is more difficult. Not impossible, just difficult.
Re: (Score:2)
Is he claiming he found a way to safely have backdoored communications?
Not sure what "safely backdoored" means. The system is spread out amongst many different countries in such a way that many different governments must agree to use the back door. If the USA, the Netherlands, and Russia can agree, for example, then it is probably criminal investigation and not spying going on. I reviewed many of the early drafts of this paper. It's pretty cool.
Just because something is criminal does not mean it should be criminal per our system of morals and ethics. Free speech in China or Saudi Arabia, for example.
As well, governments will cooperate on issues that may not be illegal but are inconvenient to them, for whatever reason.
You place too much confidence in government doing the right thing.
Actually I have absolute confidence that most governments will do the wrong thing. But if a system exists for which a diverse set of governments must agree, then doing anything, right or wrong, is more difficult. Not impossible, just difficult.
Point taken - I just don't think it's going to be very difficult at all to find drivers for nine governments to agree on. I figure that for the majority of requests made by a particular government for information on a particular person, the other eight are most likely to not give a shit at all and will just provide the keys and say "you owe me one".
Re:A secure backdooor? (Score:5, Insightful)
Is he claiming he found a way to safely have backdoored communications?
Nope. He is claiming he has implemented a method requiring multiple key servers to unanimously decide to work together to decrypt a message.
Specifically there are nine servers, all of which must be used together. If 8 of the 9 wish to decrypt something but 1 chooses not to assist, the message can not be decrypted.
He then suggests in his opinion that if those nine servers are spread around the world such that one is in control of by different democratic governments, it would follow that all nine of those governments must then agree the message in question needs to be decrypted.
So far as the axiom holds that "technology can do nothing except enforce a policy" - he is correct.
The question remains about those policies of course, not just at the time the nine servers are deployed and used but also for all time into the future.
Something he states no opinion on, which is also probably wise. My own cynicism has great doubts about that as well.
It's also worth pointing out that at least in the alpha stage of testing the protocol is currently in, this backdoor really is a "US backdoor", as for testing purposes all nine of those key servers are hosted within amazon cloud, so all under control of the same government.
During development testing this is fine, but the people testing the protocol should be absolutely aware of this fact. Test the other aspects of the protocol, assure the protocol as implemented matches exactly the theory. Find and fix bugs. But it is not to be used for trusted communications yet.
The next major hurdle of course is the very policies that need to be drafted and in place before the servers are codified to enforce them.
You know how governments and policies can be some times. It very well may be the case the policies never actually make it to a state anyone agrees is worth using, making the protocol a bit useless, even if not at the fault of the protocol itself.
Re: (Score:1)
He then suggests in his opinion that if those nine servers are spread around the world such that one is in control of by different democratic governments, it would follow that all nine of those governments must then agree the message in question needs to be decrypted.
What if one of those "democratic governments" is the U.S.? Then it is just one government sending eight agents overseas, each with a $5 wrench, to "persuade" the other operators to "agree" that the message must be decrypted. They don't need to go to those governments, they just need to get the guy sitting at the terminal.
Re: (Score:1)
What if one of those "democratic governments" is the U.S.? Then it is just one government sending eight agents overseas, each with a $5 wrench, to "persuade" the other operators to "agree" that the message must be decrypted. They don't need to go to those governments, they just need to get the guy sitting at the terminal.
Agreed.
Maybe if all the people claiming to be the "good guys" actually followed the rule of law, that may not be a problem. But unfortunately that is not the case so we will never really know.
It would be great if the US, and in fact all of the "5 eyes", were not included due to not being democratic, but I don't expect for a second that will be the case.
A second best option would be for the "5 eyes" to count only as one, but that is still vulnerable to the lack of rule of law as you point out.
The guy making
Re: A secure backdooor? (Score:2)
You haven't studied history, particularly regarding the Cold War or even the more recent NSA+Russia+Germany+UK+China intelligence exchanges. The governments do not need to agree on anything yet they come to an awful lot of agreements. Captured spies were continuously interchanged as did communication between the administrations. All the public ever saw was a "Cold War" where governments didn't talk or agree yet in the background they collaborated quite often to their mutual benefit. If governments control t
Re: (Score:1)
Today Russia and the US agree on nothing in private or in the public domain. Both sides have backed themselves into a corner where any maneuver towards a reconciliation in relations is nearly impossible. The Cold War era looks like a love and admiration festival when compared to today's international relationships.
Re: (Score:2)
Publicly perhaps. In 2010 they did a really large spy swap and more recently did Russia and Estonia (a close US ally).
Re: (Score:2)
It's just cheaper to use the Russians to ferry personnel and supplies to the space station. It's not that the Russians are doing something the US can't do if they needed or wanted to. There is no reason the US government should spend Billions of dollars on something where there are much cheaper options. Plus no matter how bad relations get Russia wants to avoid politicizing if at all possible because it generates a lot of hard currency that they desperately need especially since the price of oil has tanked.
Re: (Score:2)
How can we trust that there isn't a deal (perhaps made under duress) to give one of those countries access to all keys in secret?
Re: (Score:2)
How can we trust that there isn't a deal (perhaps made under duress) to give one of those countries access to all keys in secret?
Like I said, you can't trust that.
Re: (Score:2)
Nope. He is claiming he has implemented a method requiring multiple key servers to unanimously decide to work together to decrypt a message. Specifically there are nine servers, all of which must be used together. If 8 of the 9 wish to decrypt something but 1 chooses not to assist, the message can not be decrypted.
So far so good. But there's only two ways this works, either it's closed source, black box and absolutely not to be trusted or you can do:
// encryptForTheNine( decryptionKey )
encryptForTheNine( someString() )
At least I don't know any algorithm that can prove the correct decryption key is embedded without actually decrypting the message. So you go through nine jurisdictions, get a court warrant in each and find the decryption key is 0xDEADBEEF. Then what? It only works if you make tampering with the backdoo
Re: (Score:3)
At least I don't know any algorithm that can prove the correct decryption key is embedded without actually decrypting the message.
On the technical side this does exist and is quite possible.
It is known as Secret Sharing [wikipedia.org]
One example algorithm for this is called Shamir's Secret Sharing [wikipedia.org]
Now I admit I didn't do more than speed-read the first bit of the linked paper for this protocol, but at first glance it looks to utilize three separate "encryption wrapper" stages, where having a known static key embedded would only defeat one of those three.
I can't say if that is enough to do as you claim however maybe you're right.
So you go through nine jurisdictions, get a court warrant in each and find the decryption key is 0xDEADBEEF. Then what?
On the political side,
It took 9 countries to find Snowden a shelter (Score:3)
The title should have read "It took > 9 ..." (Score:2)
Re: (Score:2)
Is he claiming he found a way to safely have backdoored communications?
He then suggests in his opinion that if those nine servers are spread around the world such that one is in control of by different democratic governments
I see a flaw right there. 'Democratic governments' tend to be in each others pockets.
Make one of them in North Korea and then maybe we've got a workable system.
Re: (Score:2)
The next major hurdle is convincing people to actually use this. Regular users who have no clue will just stick to FB messenger etc, which doesn't have end-to-end encryption and isn't going to get it. And people who understand how it works and care about their privacy would never use something like this.
The only way this would be even remotely useful is if governments actually start banning services with no backdoors. But if they do, I very much doubt they'll stop at "backdoor, but requires cooperation of o
Re: (Score:2)
Specifically there are nine servers, all of which must be used together. If 8 of the 9 wish to decrypt something but 1 chooses not to assist, the message can not be decrypted.
Hello other Eight...I will decrypt whatever you want if you decrypt whatever I want.
Also I have pictures of your family in compromising positions so let's just work together on this.
Re: (Score:2)
One of the first things law enforcement is going to do is order that the councils' secret keys be handed over.
Or they'll surreptitiously get them all, and put them in the same place for easy access.
Worthless. (Score:1, Interesting)
Better place (Score:2)
Oh yes! The world will be a better place when governments are aided by secure communications developers in fighting crimes like apostasy, being gay, etc., and whatever new "crimes" might be defined out of thin air in the future.
I'm sure the criminals that will be brought to justice, and hanged, shot and stoned will understand the wisdom of this move.
In other words, what a simpleton.
So basically.. (Score:4, Insightful)
Re: (Score:2)
What I'm taking away from this is that anything David ever has made or will make in the future should not be trusted.
So you would prefer to trust someone that promises that there is no back door (like, say, Juniper, AT&T, etc), or someone that states up front that there is one that requires multi-national agreement to use?
Re: (Score:1)
No. Your jumping to a conclusion that there isn't also another solution which is freedom friendly and the sources/protocol is open/available. I'd rather have something that is not back-doored and is open and trustworthy.
Re:So basically.. (Score:5, Insightful)
What I'm taking away from this is that anything David ever has made or will make in the future should not be trusted.
While I'll grant that the you're partially justified by the ridiculously bad summary, your takeaway is dead wrong.
First, having just skimmed through the article and the (very interesting!) paper, let me point out why the summary is ridiculously bad. Chaum's protocol does not include a backdoor, and certainly not "just to please governments".
What Chaum did was to describe a really cool anonymous routing and communications protocol, with a number of highly desirable properties. The biggest one is that his protocol is designed to be secure against nation state access, unlike Tor. It should also be quite a bit faster than Tor because communications require no public key cryptographic operations; everything is done with very-fast symmetric crypto, building on top of a precomputed homomorphic encryption. Making this scheme work, though, depends on the existence of a trusted third party (TTP).
In general, relying on a TTP is problematic in contexts where there isn't any obvious person or organization who could be trusted. And for a global communications network that will be used by lots of people and which many governments might like to penetrate, and which in fact is specifically focused on trying to prevent penetration by nation states, there clearly exists NO such single party.
Chaum's solution to the problem of how to trust when no one is trustworthy (a common problem in security design, actually) is to distribute the trust (a common solution, though Chaum's implementation is particularly clever). By arranging things so that the TTP role is spread across many different nations, each of which is fairly trustworthy except in particular areas, and selecting those nations so the areas in which they're untrustworthy are different, and designing the cryptography so that any abuse of the TTP role requires willing participation of 100% of said nations, it may be possible to construct a TTP which is trustworthy in the aggregate, even though no individual member is fully trustworthy.
This is a very clever solution to what I would have said is a completely intractable problem.
Re: (Score:2)
His answer is the same as the founders of the U.S. Constitution: balance power with power, and RELY on actors to work only in their own self-interest. Competition among equals is a feature, not a bug.
Re: (Score:2)
It's clever, but it has a huge weakness. Say you distribute the TTP over 9 severs in different countries. Sounds good, but what you really need is 9 administrators in different countries who are unlikely to collude. If they do ever collude, you are screwed. Also, if they all get hacked, you are screwed. Considering what we know of NSA/GCHQ hacking, that isn't an insignificant risk. They would be targeting any servers involved in something like this with zero day exploits, HUMINT and more.
So while it might h
Re: (Score:2)
I would say look to his straight-up crypto work/research as useful/interesting, and he did much useful work there, but I think in terms of proposing technology for Consumer usage / addressing political issues I think he was out of his league.... E.g. Digicash failure.
Not having the good sense to recognize that people concerned enough about privacy to encrypt their messages want end to end security of communications, not a backdoored communications network.
It's sad (Score:3, Insightful)
With deep sorrow we announce the departure of another great security guy we once had. You will be missed.
Re: (Score:2)
The ethics of security are easy: It is your job to ensure the security of whoever entrusted you with data and protect his CIA.
Were this ever implemented... (Score:2)
Then anyone using would likely have to be coerced to use it. Then when some piece needed to be decrypted the likely result would be a message encrypted with another tool that the user has done their damnedest to ascertain has no back door.
Wow good job, we've found a way to bloat data packets even further. Up the bandwidth!
underestimating governments' resolve (Score:2)
Mr. Chaum has clearly underestimate the resolve of governments around the world. If needed, they will coerce the holder(s) of the key(s) to get what they want. Anyone that has even part of the key to the backdoor is going to put a giant bull's eye on themselves and their loved ones.
a better idea would be to take the improvements made and upgrade the Tor protocol.
Re: (Score:2)
https://en.wikipedia.org/wiki/... [wikipedia.org]
Within advanced factories in "neutral" nations the issue was worked on until the Western powers had plain text from every complex crypto device offered for sale.
Western governments do not stop until they have the plain text from any product or service on the market as designed, sold, used and upgraded over any decade.
The UK has its "Draft Com
PrivaTegrity is dead in the water. Long gone is th (Score:1)
Kudos to David or disclosing that but what was he thinking adding in a backdoor?
Sounds like he hoped to cash in on some government contracts (possibly some sales for CEOs looking to snoop in on employees) but the fact is companies selling equipment and software with back doors on balance are losing market share globally due to national security concerns (ask tech companies like Cisco that were in bed with the NSA how their sales are doing in China these days)
Over the long term communications software with
Comment removed (Score:5, Insightful)
LOL, err, I mean, "NO" (Score:2)
LOL, err, I mean, "NO".
Sorry, I don't know who he'll trust or what he'll use it for. I also don't know that Bad Guys(c) won't be able to break into it.
And by "Bad Guys" I mean the NSA/CIA/FBI as well as the friendly folks from the Russian Business Network [wikipedia.org] or other criminal organizations.
Who's work the onion protocol (Score:2)
Doctor Who's work on the onion planet of Spinthoz was limited to an unofficial visit, which means there were no welcome protocols involved.
http://tardis.wikia.com/wiki/O... [wikia.com]
Cheese with that Wine? (Score:3)
2. De-compile it
3. Analise product
4. Remove Back Door.
4.1 Put a new back door in it?(this part never gets old)
5. Miller Time.
Re: (Score:2)
Re: (Score:2)
My understanding is the so-called "backdoor" is inherent to the way the cryptography works --- it's not so much a backdoor, as it is a disclosure that if all the servers keys become known, a third party could break the privacy; "backdoor" is just a consequence of the design that is also what causes the performance improvement, and knowing what the "backdoor" is does not allow it to be removed (without you having to design a new protocol and altogether new system).
topology (Score:2)
Who will watch the watchers? (Score:3)
So... my question would be... Quis custodiet ipsos custodes? [wikipedia.org] who will appoint, monitor and document the decisions of these administrators and if necessary revoke their anointed status as the determiners of what is or isn't acceptable evil (e.g. is sharing a commercial movie evil enough to attract the attention of "the nine" [amazon.com]... how about a casual statement calling for the non-constitutional overthrow of a government... clearly child porn would be considered evil, but what would the cut off age be, 16, 17 or 18... would planning to blow up a public facility in a western country be more evil than threatening to blow up a public facility in a country already mired in a civil war)? Will they be accuser, prosecutor, judge and jury? who will take cases to them and which legal system will apply... can they be sued in the event that they err? what will keep them beyond reproach and will their decisions be made public? will it be possible to appeal their decisions?
Lots of questions and no clear answers.
Chaum's Piss Poor Privacy (Score:1)
Why would anyone bother to use it instead of PGP?
I love the smell of satire in the morning. (Score:1)
Obligatory Slashdot Rant (Score:1)
Nine governments in agreement? (Score:2)
Except where there is something in it for them. Like when they say if you agree to open the door when I want something, then I will open the door when you want something. Maybe we just all agree to leave the door open all the time for convenience.
One or Nine keys ? (Score:2)
Three Rings for the Elven-kings under the sky,
Seven for the Dwarf-lords in their halls of stone,
Nine for Mortal Men doomed to die,
One for the Dark Lord on his dark throne
In the Land of Mordor where the Shadows lie.
One Ring to rule them all, One Ring to find them,
One Ring to bring them all and in the darkness bind them
In the Land of Mordor where the Shadows lie.
Come on what do you want? (Score:2)
The fact is there are a lot of people who wish to do as much harm as they can. We have always had well-poisoners in our midst but thanks to current and near-future technology, their ability to do great harm to great numbers of people is increasing dramatically. I've said this before but here it is again. Tell me I am wrong:
1) The number of technologies that can cause serious, deadly harm to humans and other living things is going up.
2) The number of substantively different or novel attacks that technolog
subjects are stupid (Score:1)
...unlike this PrivaTegrity thing, which requires you to 100% trust a FIXED set of 9 volunteer computers (which apparently cannot be trusted not to collude against you). At least TOR's security model HAS into account the possibility of malicious nodes (which is the whole reason why messages are onion-encrypt
So who will use this? (Score:1)
Here's an even simpler one (Score:1)
Simpler than that: Make all encryption is 100% secure. Only Alice and Bob can read the data.
If law enforcement wants access to the data for crime purposes, THEY GET A WARRANT for either Alice or Bob that demands they decrypt, and Alice and Bob have their normal rights to fight the demand in court, and failure to comply is risking contempt of court.
If Alice or Bob are not in your jurisdiction, then its none of your fucking business. Go ask the country they are in to do it.
See how simple that it?
As soon as yo
Re: (Score:2)
Re: Here's an even simpler one (Score:2)
Failure to comply with the fifth amendment? You can't force someone to decrypt yet in the US unless you're labeled a terrorist. In the UK you can regardless of your label.
Re: (Score:2)
That gives back privacy. People are secure in their houses and papers again.
Re: Understand? WTF? (Score:3)
It's DiceDot now. Corporate probably has focus groups of soccer moms saying the site assumes too much knowledge.
Re: (Score:2)
It's DiceDot now. Corporate probably has focus groups of soccer moms saying the site assumes too much knowledge.
As amusing as that thought is, you don't need a focus group, just look at the anon coward posts in literally every single story that complain about not spelling out common 30 year old technical terms - like TCP or DOS.
They even bitch that a link to wikipedia is too much work for them.
Granted that just raises the question "Why are we listening to ACs?", but sadly these people are not made up boogiemen, and their numbers seem to be on the rise :/
Re: (Score:1)
What are ACs?
Re: (Score:2, Insightful)
In this case, a former /. member that hasn't bothered using their login for the last couple of years.
Re: (Score:3)
Come on Slashdot. Get your shit together. One would think that you could find a way to implement new account creation by now!
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
No, it is calling Alice by the name Bob, without knowing that fact. To hear you tell it, when people on TV have their face blacked out and voice modified, but have a subtitle "Bob", that somehow identifies the person as Alice. In other words, you are an idiot.
Re: (Score:2)
Re: (Score:2)
Again, this cuts to the core of your lack of understanding of anonymity. It isn't all or nothing. When I check the Post as AC I have increased anonymity. Slashdot still knows who posted it, but you don't. I am not anonymous to Slashdot and
Re: (Score:2)
That shows, once again, how little you understand anonymity. How do you know my little sister didn't post using the same account, or maybe I posted the Slashdot user name and password for a number of different people to use?
Re: (Score:2)
Re: That's one way to call it quits as a security (Score:2)
So you're saying that standing up to your government and overthrowing it is never possible? The government is always right even when it isn't?