-- Leo's gemini proxy

-- Connecting to ew.srht.site:1965...

-- Connected

-- Sending request

-- Meta line: 20 text/gemini

2021-06-11

Who can you trust?

tags: nosimpleanswer



So, FBI, Europol and who knows have arrested some 800 suspects over the planet. It has been in the press the last few days.

https://www.vice.com/en/article/akgkwj/operation-trojan-shield-anom-fbi-secret-phone-network


ew0k has some observations about this event.

> What are privately owned corporations doing to us all using skills and tools like these, but more advanced and less regulated?

gemini://warmedal.se/~bjorn/posts/operation-trojan-shield.gmi


When I heard about this event it immediately reminded me of the keynote by Tim Pritlove and John Perry Barlow on the 23C3 Congress of the Chaos Computer Club in Berlin in 2006.


"Who can you trust?"

https://media.ccc.de/v/23C3-1256-en-who_can_you_trust


While I have little sympathy for people selling drugs, weapons, and worse, the question remains. Can I trust anyone providing telecommunication in whatever form? Letters? Parcels? FAX? Telex? Email? Messaging?


The short answer is "No".


Any communication produces a set of observable data (e.g. when, where and how the communication has occured). Any communication involving todays computing devices relies on an impressive pile of hardware, firmware, and software components and private/official/commercial actors --- any of which might be not trustworthy. So it's not a simple problem with simple answers.



Two more things that I find highly interesting:


To hide the clear text content of your communication, said content must leave your device in encrypted form. Your device must not have been tampered with (hardware) and it must not have shady programs (software). Your device must not radiate clear text information or key material in some other form (acoustic or electromagnetic waves). This is already a tall order. For some insight you might want to read about extracting information from air gapped systems:

https://eprint.iacr.org/2016/129.pdf

https://thehackernews.com/2016/02/hacking-air-gapped-computer.html



One can divide a file in pieces, each of which is not useful. There exists a technology called erasure coding which is used for distributed storage of files. The tahoe-lafs project has implemented such a thing. In order to recover the content a minimum number of theses pieces must be combined in one place. This can be feasible for certain use cases.

https://en.wikipedia.org/wiki/Erasure_code

https://en.wikipedia.org/wiki/Tahoe-LAFS

https://tahoe-lafs.org



Cheers,

~ew




Home

-- Response ended

-- Page fetched on Wed Oct 20 19:23:20 2021