image

August 8, 2012

Solutions to Security, Privacy, Identity and Censorship

Filed under: Uncategorized — admin @ 12:06 pm

A couple days ago I came across The Digital Imprimatur, an article from 2003 warning about the dangers of restoring user identity on the internet. Not realizing it was nearly 10 years old, it aroused some serious concerns in me about the possibility of requiring every user to be authenticated. But then I sat down, and thought about the technology of it, as well as the economics.

FUD had clouded my thinking. Here is what the founder of AutoCad, who wrote that document in 2003, was missing: both users and networks have a choice. Once again, the solution is decentralization. And that is largely what happened — in nature, as in human affairs, centralization is very hard to maintain.

Here are my positions:

  • For one thing, I like that there is a dichotomy of users and servers. For many things, this is important. But I would rather say that there are users, and there are networks.
  • I don’t like anonymity for everything because it has serious drawbacks (spam, people can create unlimited accounts, engage in illegal trafficking etc.)
  • But at the same time I don’t like the possibilities that arise from everyone being forced to use some officially issued certificate.

And here are the conclusions I arrived at:

1. Eliminating Spam: Any network, which is concerned about user account spam, simply needs to tie them to something expensive (e.g. a cell phone line that can receive SMS). But it doesn’t have to be traceable — for example, it can be tied to bitcoins or some other currency based on solving difficult mathematical problems with a finite solution space. Anonymity of the account’s owner can still be preserved while eliminating spam.

2. Reputations: A user can still create fake accounts (e.g. for the purposes of anonymity), but each account will have a reputation and be traceable throughout the network where the account exists. So the cost to this user of ruining their reputation (by trolling, or being dishonest, or a myriad of other drawbacks of untraceability) would rise the more the user invested into their account.

3. Verification: A user account on a network can be marked as “verified as who this user is” — for example Twitter’s verified accounts, or Reddit’s IAMA. The network declares the user’s identity, and can store other private things about the user (such as their gender, medical history, etc.) with various degrees of certainty. Internally, the network can use this information about the user. For external consumers, the network may have a privacy policy that the user would rely on when voluntarily divulging private information, such as their identity or medical history.

** HERE, by the way, we should have law enforcement for demonstrable breaches of privacy and security policies. Notice that privacy and security is closely tied to identity. For example, Apple and Amazon recently had major security problems stemming from their policies about identity … I say we need law enforcement rather than merely just some anarchist idea of reputations because small, fly-by-night companies may not care about their reputation and may violate their privacy policies more frequently than large corporations like Apple **

4. Certificates: It is the networks that should have certificates, so the users know who they are connecting to.

Any network could obtain its certificate from an agency that the USERS TRUST. This is already happening with e-commerce. It doesn’t have to be a government, necessarily. At the end of the day, though, the more people trust the agency that issues the certificate, the more people will trust the certificate.Networks such as google that become well-known enough can issue their own identity certificate, acting as their own certificate authority.

Networks would use their certificates to sign information they believe to be true at the time of signature, so that anyone can verify this information without having to query the network, even years later.

5. User certificates: All the verification described in step 3 can be exported by the network to others using certificates. The user can download a certificate showing that they are indeed “Bill Gates according to Google’s verification” or that their medical history is indeed “verified by hospital X at some Y point in time.”

In fact, these signatures can verify entire histories from various different users on various different networks — with entries such as “doctor X saw medical history at point Y and made diagnosis Z.” At point Y, the doctor trusted your medical history from other networks / institutions they respected. They signed not only their diagnosis but the fact that they are doctor X, and they saw your medical history at point Y, etc.

6. Signed software: Certificate holders would be able to sign software that they release. Operating systems and browsers would be able to revoke trust in the software if it is found to be malicious or contain serious security bugs. There would be accountability for software writers who write viruses, have irresponsible security etc. proportional to the cost of obtaining another identity in a trusted network.

In the App Stores (pioneered by Apple, and now cropping up everywhere), software is signed before being “put on the shelf”. This is just the beginning, but in the future, there could be lots of competing app stores and networks certifying software for every platform. Antivirus companies would have a valuable role in testing for security / malicious software and recommending revoking this or that certificate that the software is safe.

Revoking the certificate of certain software does not mean that the users have to lose all confidence in the vendor. In fact, the app store or security company or white hat hacker can contact the vendor with the vulnerability, and allow them to quietly fix it if they believe the vendor to have made a good-faith mistake and did not intend to write a virus / spyware. A responsible time frame for an update can be set before the security flaw is publicized. If the vendor releases the update in time, then all users will see is that version X has a security flaw (and threat level), but there is already a newer version submitted by the vendor. Thus, the vendor’s reputation may actually increase because of their responsiveness, and software will not need to be “pulled off the shelf”.

7. Software on the web: Currently, the way web browsers work, we have to trust whatever is delivered to our web browser by the server. Browsers should start being able to verify the signature of web resources they download. If the server claims that a given resource has been verified by some network, the browser should be able to verify it with that network’s certificate.

In addition, users can be tricked into providing their credentials (such as passwords) to any malicious web site, which simply emulates an interface from their trusted site (such as a facebook login). Right now, this is solved with popups, but a much more elegant solution would be to allow some iframe to have the highest z-order (i.e. “be on top of everyting”) so nothing can hijack the user’s input into it.

I make both proposals here in more detail:
http://news.ycombinator.com/item?id=2024164

In fact, right now entire operating systems like the MacOS have the same problem. Any application can spoof the system’s administrator credentials dialog and capture the user’s root password, using it to take over the system. This can be easily fixed by having the system ask you to enter some favorite phrase of yours when you first install it, and then showing it back to you in the credentials dialog. All Apple would have to do is make sure the dialog is on top of everything, and apps can’t capture a screenshot of what’s inside — just like they do for DRM movies.

An aside: I once emailed Steve Jobs about this, but didn’t hear back… if there was a security company for operating systems, I would report it there and Apple would have a time frame in which to fix this exploit before it was publicized 🙂

8. Patents and Governments: Well, since things are decentralized, and patents/copyright rely on centralized systems (governments) and agreements between them (treaties, etc.) the situation is a toss up. I would say that, in general, since in any given system ultimately trust is usually concentrated in at most a few popular entities that have the resources to actually verify the software (e.g. all competing App Stores for mac), it won’t be tough for a government to intimidate these entities into revoking a software’s certificate.

Unless, of course, we combine part 2. untraceable accounts with reputations, with part 6. signing software, and get “shadow organizations with reputation for verifying software for security holes” … which might be useful for verifying things like whether freenet or perfectdark is still secure. Then, governments wouldn’t be able to stop the distribution of the software, nor force these untraceable organizations to revoke the certificate — fooling the users — and yet the software can still be audited in a meaningful way by the community.

In any case, all these things are side effect of centralizing trust in people/companies with good reputations — whether they are traceable or not. In the future, we may figure out better ways to distribute trust across the entire network. Bitcoin is an early step in that direction, I think.

In Conclusion

When I first read the The Digital Imprimatur, I thought was a recent article. It certainly could seem that way, given the concerns we have today, almost 10 years later. With today’s discussions about government spying on its citizens with drones and other things, the right of the people to peaceably assemble must be protected, and indeed some non-democratic governments were overthrown as people used the internet to organize. In repressive regimes, darknets can be used by people to communicate freely, and the same tools are used by people for notorious purposes such as trafficking drugs. Suppose human trafficking took place and we couldn’t find out who was doing it. How much anonymity should a system allow? These are difficult questions.

When copyright gets involved, the USA and other parties to the Berne Convention sometimes propose (and pass) draconian regulations, or simply take down websites irresponsibly or take down entire businesses before a trial has taken place. Technology such as DRM certainly has some legislative muscle behind it.

But as long as there are alternatives available to people, as long there are decentralized choices, we should be fine.

I hope that some of the suggestions in this article are ultimately implemented, because I think good things await us if we move in those directions.

– Gregory Magarshak

8,345 Comments »

  1. It’s a shame you don’t have a donate button! I’d
    without a doubt donate to this brilliant blog!
    I guess for now i’ll settle for book-marking and adding your RSS feed to
    my Google account. I look forward to new updates and will share this website with my
    Facebook group. Chat soon!

    Comment by Psychotic Milf — August 6, 2020 @ 3:58 am

  2. Thanks for ones marvelous posting! I genuinely enjoyed
    reading it, you will be a great author.I will be sure to bookmark your blog and will often come back down
    the road. I want to encourage continue your great work, have
    a nice holiday weekend!

    Comment by FREELANCE WEB DESIGN • WEB DEVELOPMENT • ECOMMERCE APPLICATIONS & SEO SERVICES in Kuala Lumpur — August 6, 2020 @ 3:59 am

  3. This is a really good tip particularly to
    those new to the blogosphere. Short but very precise information…
    Appreciate your sharing this one. A must read article!

    Comment by free lesbian teen hd — August 6, 2020 @ 4:00 am

  4. Hmm it looks like your site ate my first comment (it was super long) so I guess
    I’ll just sum it up what I wrote and say, I’m thoroughly enjoying your blog.
    I too am an aspiring blog blogger but I’m still new to fucked in the ass whole thing.
    Do you have any tips for novice blog writers? I’d genuinely appreciate it.

    Comment by fucked in the ass — August 6, 2020 @ 4:17 am

  5. Hello there! I know this is kinda off topic however I’d figured I’d ask.
    Would you be interested in exchanging links or maybe guest
    writing a blog post or vice-versa? My site discusses a
    lot of the same topics as yours and I think we could greatly benefit from each other.
    If you’re interested feel free to send me an e-mail. I look forward to hearing
    from you! Wonderful blog by the way!

    Comment by hack gold mango capsa susun — August 6, 2020 @ 4:18 am

  6. What i do not understood is in truth how you are now not really much more
    well-preferred than you might be now. You’re so intelligent.

    You understand therefore significantly in the case of
    this topic, produced me in my opinion consider it from so
    many varied angles. Its like men and women don’t seem to be fascinated except
    it’s one thing to do with Girl gaga! Your personal stuffs nice.

    All the time deal with it up!

    Comment by garden bridge design ideas — August 6, 2020 @ 4:29 am

  7. It’s a shame you don’t have a donate button! I’d most certainly donate to this outstanding blog! I suppose for now i’ll settle for book-marking and adding your RSS feed to my Google account. I look forward to new updates and will talk about this blog with my Facebook group. Chat soon!

    Comment by Crim Safe — August 6, 2020 @ 4:49 am

  8. must be under 500k-play with 1 low level (under level 50, doesnt matter if its a viewer either, but cant be on a second
    account)-low level buyer-sewer entry and exit-cash-get out before 50
    second mark hits-worst crew (asbo as getaway because its slow)-1 duggan shipment-level 1 security pass-only 1 optional prep (other than duggan)-finish in a low amount of
    time-split 50 50-only say 1 sentence every 5 minutes to them(Low communication)-kill 1-5
    guards on each floor(kill only 1-5 cops as wel)-lose
    under 50k-loot from daily vault must be under 50k-move at low speeds-use under 50
    ammo on each floor-keep below 50 health(in red if you can)Good Luck

    Comment by agen poker online terpercaya — August 6, 2020 @ 5:05 am

  9. the time to read or stop by the subject material or web-sites we’ve linked to beneath the

    Comment by خيال — August 6, 2020 @ 5:21 am

  10. play casino online
    best online casino
    online casino u s player

    Comment by play online poker — August 6, 2020 @ 6:04 am

  11. always a large fan of linking to bloggers that I really like but really don’t get a good deal of link like from

    Comment by الخيانة — August 6, 2020 @ 6:28 am

  12. Write more, thats all I have to say. Literally, it seems as though you relied on the video to make your point. You obviously know what youre talking about, why waste your intelligence on just posting videos to your weblog when you could be giving us something informative to read?

    Comment by windows with security screens — August 6, 2020 @ 6:47 am

  13. Please let me know if you’re looking for a author for your weblog.

    You have some really good posts and I think I would be a good asset.
    If you ever want to take some of the load off,
    I’d absolutely love to write some content for your blog in exchange for a link back to mine.
    Please blast me an e-mail if interested. Thanks!

    Comment by football tips — August 6, 2020 @ 6:57 am

  14. I got what you mean , regards for posting .Woh I am happy to find this website through google. “You must pray that the way be long, full of adventures and experiences.” by Constantine Peter Cavafy.

    Comment by Benito Tanksley — August 6, 2020 @ 7:08 am

  15. Hi, I believe your website could be having web browser compatibility issues.

    When I look at your site in Safari, it looks fine
    however, if opening in IE, it has some overlapping
    issues. I simply wanted to give you a quick heads up!
    Besides that, fantastic blog!

    Comment by Daftar Joker123 — August 6, 2020 @ 7:54 am

  16. I was suggested this web site by my cousin. I’m not
    sure whether this post is written by him as
    no one else know such detailed about my problem.

    You’re amazing! Thanks!

    Comment by blue world city — August 6, 2020 @ 8:06 am

  17. Piece of writing writing is also a fun, if you
    be familiar with afterward youu can wrikte or else it is difficult to write.

    Alsso vosit my web-site :: reallifecam, real life cam, reallife cam, reallifecam com, voyeur house,voyeurhouse,porn

    Comment by reallifecam, real life cam, reallife cam, reallifecam com, voyeur house,voyeurhouse,porn — August 6, 2020 @ 8:14 am

  18. Good response in return of this issue with real arguments and
    telling the whole thing regarding that.

    Comment by auto insurance ontario average — August 6, 2020 @ 8:16 am

  19. It’s not my first time to pay a visit this web site, i am visiting this site dailly and obtain good data from here everyday.

    Comment by 남포동출장안마 — August 6, 2020 @ 8:22 am

  20. Hey there! I realize this is kind of off-topic but I needed to
    ask. Does running a well-established website such as yours
    require a lot of work? I am brand new to blogging however I do write fucked in the ass my diary everyday.
    I’d like to start a blog so I can easily share my experience
    and feelings online. Please let me know if you have any ideas or tips for brand new aspiring blog owners.
    Thankyou!

    Comment by fucked in the ass — August 6, 2020 @ 8:31 am

  21. Wow, amazing blog layout! How long have you been blogging for?
    you made blogging look easy. The overall
    look of your web site is magnificent, let alone the content!

    Comment by 마산출장마사지 — August 6, 2020 @ 8:32 am

  22. Thanks in support of sharing such a fastidious thought,
    post is good, thats why i have read it fully

    Comment by Glastonbury legends slot history — August 6, 2020 @ 8:33 am

  23. Genuinely when someone doesn’t understand then its up to other people that they will assist, so here
    it takes place.

    Comment by Slot Bisa Deposit Pulsa — August 6, 2020 @ 8:41 am

  24. Here are some of the web sites we recommend for our visitors

    Comment by الم — August 6, 2020 @ 8:53 am

  25. we like to honor many other world wide web sites around the web, even though they arent linked to us, by linking to them. Underneath are some webpages really worth checking out

    Comment by Amsterdam escorts — August 6, 2020 @ 9:13 am

  26. Right here is the right webpage for anyone who would like to
    understand this topic. You know so much its almost
    hard to argue with you (not that I personally would want to…HaHa).
    You definitely put a fresh spin on a topic that has been written about for decades.

    Wonderful stuff, just excellent!

    Comment by 온라인카지노 — August 6, 2020 @ 9:21 am

  27. This design is spectacular! You certainly know how to keep a reader amused. Between your wit and your videos, I was almost moved to start my own blog (well, almost…HaHa!) Great job. I really enjoyed what you had to say, and more than that, how you presented it. Too cool!

    Comment by Tucson — August 6, 2020 @ 9:23 am

  28. Hello! I simply wish to offer you a big thumbs up for your excellent information you’ve got here on this post.
    I will be returning to your blog for more soon.

    Comment by 동래출장 — August 6, 2020 @ 9:32 am

  29. Why users still make use of to read news papers when in this technological
    globe the whole thing is accessible on net?

    Comment by friend finder sex — August 6, 2020 @ 10:07 am

  30. I and also my friends were actually looking at the good advice from the blog then at once I had a terrible feeling I had not thanked you for those tips. All of the boys are already so thrilled to see them and now have quite simply been having fun with them. We appreciate you getting very considerate and also for getting varieties of tremendous topics millions of individuals are really desirous to know about. My very own sincere regret for not saying thanks to you sooner.

    Comment by Terrance Karabin — August 6, 2020 @ 10:37 am

  31. Magnificent beat ! I wish to apprentice at the same time
    as you amend your site, how could i subscribe for a weblog website?
    The account aided me a acceptable deal. I were a little bit
    acquainted of this your broadcast provided brilliant transparent
    concept

    Comment by Aston Martin — August 6, 2020 @ 10:55 am

  32. I read this article fully about the comparison of newest
    and earlier technologies, it’s amazing article.

    Comment by best crm software reviews — August 6, 2020 @ 11:04 am

  33. Hi there outstanding website! Does running a blog such as this require a massive amount work? I’ve no knowledge of coding but I had been hoping to start my own blog in the near future. Anyways, should you have any suggestions or tips for new blog owners please share. I understand this is off topic nevertheless I just wanted to ask. Kudos!

    Comment by security screens for home windows — August 6, 2020 @ 11:21 am

  34. You are so awesome! I do not think I have read through a single thing like that before.
    So great to discover someone with some genuine thoughts on this topic.
    Really.. thank you for starting this up. This website is one
    thing that is required on the internet, someone with some originality!

    Comment by web hosting — August 6, 2020 @ 11:43 am

  35. At this time it appears like BlogEngine is the top blogging platform available right now.
    (from what I’ve read) Is that what you’re using on your blog?

    Comment by Credit Repair Baytown Tx — August 6, 2020 @ 11:54 am

  36. I am in fact delighted to read this website posts which consists of tons of helpful facts,
    thanks for providing these kinds of data.

    Comment by FChat Chatbot — August 6, 2020 @ 11:54 am

  37. I loved as much as you will receive carried out right here.
    The sketch is attractive, your authored material
    stylish. nonetheless, you command get bought an nervousness
    over that you wish be delivering the following.

    unwell unquestionably come further formerly again as exactly the
    same nearly a lot often inside case you shield this increase.

    Comment by website host — August 6, 2020 @ 11:58 am

  38. It’s actually a great and helpfil piece off
    information. I am happy that you simply shared
    this useful info with us. Please sty us up too date like this.
    Thanks for sharing.

    Feel free to surf to my web page – location bateau,rent,boat,rental boat,boat rental, location,bateau,nice, location bateau nice, boat rent nice, boat rental nice

    Comment by location bateau,rent,boat,rental boat,boat rental, location,bateau,nice, location bateau nice, boat rent nice, boat rental nice — August 6, 2020 @ 12:02 pm

  39. Hey I know this is off topic but I was wondering if you knew of any widgets I could add to my blog that automatically tweet my newest twitter
    updates. I’ve been looking for a plug-in like this for quite some time
    and was hoping maybe you would have some experience with something like
    this. Please let me know if you run into anything.
    I truly enjoy reading your blog and I look forward to your new
    updates.

    Comment by Hurtig lån — August 6, 2020 @ 12:15 pm

  40. Good day! I know this is kinda off topic but I was wondering if you
    knew where I could get a captcha plugin for my comment form?

    I’m using the same blog platform as yours and I’m having problems
    finding one? Thanks a lot!

    Comment by Buy HCG — August 6, 2020 @ 12:32 pm

  41. After I initially left a comment I seem to have clicked the
    -Notify me when new comments are added- checkbox and now each
    time a comment is added I receive 4 emails with
    the same comment. Perhaps there is a means you are able to remove me from that service?
    Thanks!

    Comment by situs slot pulsa tanpa potongan — August 6, 2020 @ 12:33 pm

  42. After checking out a few of the blog articles on your web site, I truly like
    your way of blogging. I added it to myy bookmark webpage list and will
    be checking back locksmiths| locksmith| locksmith dublin| dublin locksmiths| locksmith in dublin| house renovations| renovation professionals| professional locksmith| trustable locksmith| reliable locksmiths| locksmith company} the near future.
    Please visit mmy web site as well and tell me you opinion.

    Comment by locksmiths| locksmith| locksmith dublin| dublin locksmiths| locksmith in dublin| house renovations| renovation professionals| professional locksmith| trustable locksmith| reliable locksmiths| locksmith company} — August 6, 2020 @ 12:51 pm

  43. Have you ever thought about writing an ebook or guest authoring on other sites?
    I have a blog based on the same topics you discuss and
    would love to have you share some stories/information. I know
    my viewers would appreciate your work. If you’re even remotely
    interested, feel free to send me an email.

    Comment by meet russian girls — August 6, 2020 @ 1:06 pm

  44. I’d like to thank you for the efforts you have pput in penning this site.
    I’m hoping to view the same high-grade blog posts
    from you later oon as well. In fact, your creative writing abilities hhas encouraged me
    to get my ownn blog nnow 😉
    homepage биатлонные ставки

    Comment by homepage — August 6, 2020 @ 1:09 pm

  45. hydrochlorothiazide brand australia

    Comment by KimDah — August 6, 2020 @ 1:14 pm

RSS feed for comments on this post. TrackBack URL

Leave a comment

image