image

August 8, 2012

Solutions to Security, Privacy, Identity and Censorship

Filed under: Uncategorized — admin @ 12:06 pm

A couple days ago I came across The Digital Imprimatur, an article from 2003 warning about the dangers of restoring user identity on the internet. Not realizing it was nearly 10 years old, it aroused some serious concerns in me about the possibility of requiring every user to be authenticated. But then I sat down, and thought about the technology of it, as well as the economics.

FUD had clouded my thinking. Here is what the founder of AutoCad, who wrote that document in 2003, was missing: both users and networks have a choice. Once again, the solution is decentralization. And that is largely what happened — in nature, as in human affairs, centralization is very hard to maintain.

Here are my positions:

  • For one thing, I like that there is a dichotomy of users and servers. For many things, this is important. But I would rather say that there are users, and there are networks.
  • I don’t like anonymity for everything because it has serious drawbacks (spam, people can create unlimited accounts, engage in illegal trafficking etc.)
  • But at the same time I don’t like the possibilities that arise from everyone being forced to use some officially issued certificate.

And here are the conclusions I arrived at:

1. Eliminating Spam: Any network, which is concerned about user account spam, simply needs to tie them to something expensive (e.g. a cell phone line that can receive SMS). But it doesn’t have to be traceable — for example, it can be tied to bitcoins or some other currency based on solving difficult mathematical problems with a finite solution space. Anonymity of the account’s owner can still be preserved while eliminating spam.

2. Reputations: A user can still create fake accounts (e.g. for the purposes of anonymity), but each account will have a reputation and be traceable throughout the network where the account exists. So the cost to this user of ruining their reputation (by trolling, or being dishonest, or a myriad of other drawbacks of untraceability) would rise the more the user invested into their account.

3. Verification: A user account on a network can be marked as “verified as who this user is” — for example Twitter’s verified accounts, or Reddit’s IAMA. The network declares the user’s identity, and can store other private things about the user (such as their gender, medical history, etc.) with various degrees of certainty. Internally, the network can use this information about the user. For external consumers, the network may have a privacy policy that the user would rely on when voluntarily divulging private information, such as their identity or medical history.

** HERE, by the way, we should have law enforcement for demonstrable breaches of privacy and security policies. Notice that privacy and security is closely tied to identity. For example, Apple and Amazon recently had major security problems stemming from their policies about identity … I say we need law enforcement rather than merely just some anarchist idea of reputations because small, fly-by-night companies may not care about their reputation and may violate their privacy policies more frequently than large corporations like Apple **

4. Certificates: It is the networks that should have certificates, so the users know who they are connecting to.

Any network could obtain its certificate from an agency that the USERS TRUST. This is already happening with e-commerce. It doesn’t have to be a government, necessarily. At the end of the day, though, the more people trust the agency that issues the certificate, the more people will trust the certificate.Networks such as google that become well-known enough can issue their own identity certificate, acting as their own certificate authority.

Networks would use their certificates to sign information they believe to be true at the time of signature, so that anyone can verify this information without having to query the network, even years later.

5. User certificates: All the verification described in step 3 can be exported by the network to others using certificates. The user can download a certificate showing that they are indeed “Bill Gates according to Google’s verification” or that their medical history is indeed “verified by hospital X at some Y point in time.”

In fact, these signatures can verify entire histories from various different users on various different networks — with entries such as “doctor X saw medical history at point Y and made diagnosis Z.” At point Y, the doctor trusted your medical history from other networks / institutions they respected. They signed not only their diagnosis but the fact that they are doctor X, and they saw your medical history at point Y, etc.

6. Signed software: Certificate holders would be able to sign software that they release. Operating systems and browsers would be able to revoke trust in the software if it is found to be malicious or contain serious security bugs. There would be accountability for software writers who write viruses, have irresponsible security etc. proportional to the cost of obtaining another identity in a trusted network.

In the App Stores (pioneered by Apple, and now cropping up everywhere), software is signed before being “put on the shelf”. This is just the beginning, but in the future, there could be lots of competing app stores and networks certifying software for every platform. Antivirus companies would have a valuable role in testing for security / malicious software and recommending revoking this or that certificate that the software is safe.

Revoking the certificate of certain software does not mean that the users have to lose all confidence in the vendor. In fact, the app store or security company or white hat hacker can contact the vendor with the vulnerability, and allow them to quietly fix it if they believe the vendor to have made a good-faith mistake and did not intend to write a virus / spyware. A responsible time frame for an update can be set before the security flaw is publicized. If the vendor releases the update in time, then all users will see is that version X has a security flaw (and threat level), but there is already a newer version submitted by the vendor. Thus, the vendor’s reputation may actually increase because of their responsiveness, and software will not need to be “pulled off the shelf”.

7. Software on the web: Currently, the way web browsers work, we have to trust whatever is delivered to our web browser by the server. Browsers should start being able to verify the signature of web resources they download. If the server claims that a given resource has been verified by some network, the browser should be able to verify it with that network’s certificate.

In addition, users can be tricked into providing their credentials (such as passwords) to any malicious web site, which simply emulates an interface from their trusted site (such as a facebook login). Right now, this is solved with popups, but a much more elegant solution would be to allow some iframe to have the highest z-order (i.e. “be on top of everyting”) so nothing can hijack the user’s input into it.

I make both proposals here in more detail:
http://news.ycombinator.com/item?id=2024164

In fact, right now entire operating systems like the MacOS have the same problem. Any application can spoof the system’s administrator credentials dialog and capture the user’s root password, using it to take over the system. This can be easily fixed by having the system ask you to enter some favorite phrase of yours when you first install it, and then showing it back to you in the credentials dialog. All Apple would have to do is make sure the dialog is on top of everything, and apps can’t capture a screenshot of what’s inside — just like they do for DRM movies.

An aside: I once emailed Steve Jobs about this, but didn’t hear back… if there was a security company for operating systems, I would report it there and Apple would have a time frame in which to fix this exploit before it was publicized 🙂

8. Patents and Governments: Well, since things are decentralized, and patents/copyright rely on centralized systems (governments) and agreements between them (treaties, etc.) the situation is a toss up. I would say that, in general, since in any given system ultimately trust is usually concentrated in at most a few popular entities that have the resources to actually verify the software (e.g. all competing App Stores for mac), it won’t be tough for a government to intimidate these entities into revoking a software’s certificate.

Unless, of course, we combine part 2. untraceable accounts with reputations, with part 6. signing software, and get “shadow organizations with reputation for verifying software for security holes” … which might be useful for verifying things like whether freenet or perfectdark is still secure. Then, governments wouldn’t be able to stop the distribution of the software, nor force these untraceable organizations to revoke the certificate — fooling the users — and yet the software can still be audited in a meaningful way by the community.

In any case, all these things are side effect of centralizing trust in people/companies with good reputations — whether they are traceable or not. In the future, we may figure out better ways to distribute trust across the entire network. Bitcoin is an early step in that direction, I think.

In Conclusion

When I first read the The Digital Imprimatur, I thought was a recent article. It certainly could seem that way, given the concerns we have today, almost 10 years later. With today’s discussions about government spying on its citizens with drones and other things, the right of the people to peaceably assemble must be protected, and indeed some non-democratic governments were overthrown as people used the internet to organize. In repressive regimes, darknets can be used by people to communicate freely, and the same tools are used by people for notorious purposes such as trafficking drugs. Suppose human trafficking took place and we couldn’t find out who was doing it. How much anonymity should a system allow? These are difficult questions.

When copyright gets involved, the USA and other parties to the Berne Convention sometimes propose (and pass) draconian regulations, or simply take down websites irresponsibly or take down entire businesses before a trial has taken place. Technology such as DRM certainly has some legislative muscle behind it.

But as long as there are alternatives available to people, as long there are decentralized choices, we should be fine.

I hope that some of the suggestions in this article are ultimately implemented, because I think good things await us if we move in those directions.

– Gregory Magarshak

32,986 Comments »

  1. Why viewers still make use of to read news papers when in this technological world the whole thing is available
    on web?

    Comment by playlist — November 25, 2020 @ 7:02 pm

  2. Hey There. I found your blog using msn. Thiis is an extremely well written article.

    I will be sure to bookmark it and return to read more of your useful info.
    Thanks for thee post. I will definitely return.
    What is binary options trading webpage us binary option brokers

    Comment by webpage — November 25, 2020 @ 7:05 pm

  3. I’d like to find out more? I’d care to find out some additional information.

    Comment by https://young614.tinrahan.com/archives/1 — November 25, 2020 @ 7:07 pm

  4. I visited many web pages except the audio feature for audio songs present at
    this web site is really excellent.

    Comment by https://digittaly.com/ — November 25, 2020 @ 7:07 pm

  5. As the admin of this web page is working, no question very shortly it will be famous, due to its feature contents.

    Comment by sport pants — November 25, 2020 @ 7:07 pm

  6. It’s amazing to go to see this web page and reading the views of all mates concerning this piece of writing, while I
    am also zealous of getting experience.

    Check out my webpage … geomembrane with china top quality direct factory

    Comment by geomembrane with china top quality direct factory — November 25, 2020 @ 7:11 pm

  7. Your means of telling all in this piece of writing is
    really nice, every one be capable of easily know it, Thanks a lot.

    Feel free to visit my web page; 12bet

    Comment by 12bet — November 25, 2020 @ 7:11 pm

  8. Thank you for sharing your thoughts. I truly appreciate your efforts and I am waiting for your next write ups thank you once again.

    Comment by may tinh van phong gia re — November 25, 2020 @ 7:26 pm

  9. I hear you & if we were to date & you had a problem with me following half naked girls I wouldn’t agree 100% but I’d respect it to not follow
    if that’s making you feel a way

    Comment by watch live sex free — November 25, 2020 @ 7:29 pm

  10. Hi there! klonopin online pharmacy very good web site.

    Comment by Davidaback — November 25, 2020 @ 7:29 pm

  11. I’m impressed, I must say. Seldom do I encounter a blog that’s both equally educative and interesting, and let me tell you, you have hit the
    nail on the head. The issue is an issue that too few folks are speaking intelligently about.

    Now i’m very happy I found this during my hunt for something relating to this.

    Comment by Kids videos — November 25, 2020 @ 7:29 pm

  12. whoah this blog is magnificent i love reading your articles.
    Stay up the great work! You already know, a lot of individuals are looking round
    for this information, you could aid them greatly.

    Have a look at my web page: ตกขาวสีน้ำตาลเกิดจากอะไร

    Comment by ตกขาวสีน้ำตาลเกิดจากอะไร — November 25, 2020 @ 7:30 pm

  13. ConsiderationsAdvertising intended for sauna belts needs to maintain all the utility belt is paramount to make sure you weightloss, nonetheless some form of brand includes a diet regime along with the weight loss belt.

    Comment by trump vote mask — November 25, 2020 @ 7:35 pm

  14. Greetings from Ohio! I’m bored at work so I decided to check
    out your website on my iphone during lunch break.

    I really like the information you provide here and can’t wait to take a look when I get home.
    I’m amazed at how fast your blog loaded on my mobile .. I’m not
    even using WIFI, just 3G .. Anyways, superb blog!

    Comment by poker online — November 25, 2020 @ 7:37 pm

  15. What i don’t realize is if truth be told how you are not really much more smartly-favored than you may be now.
    You’re very intelligent. You know thus significantly with regards to this matter,
    made me personally consider it from so many numerous angles.
    Its like women and men don’t seem to be fascinated unless it is one thing to accomplish
    with Lady gaga! Your own stuffs nice. All the time maintain it up!

    Comment by xxx mom son fuck HD movies — November 25, 2020 @ 7:37 pm

  16. Good article! We are linking to this great content on our site.
    Keep up the great writing.

    Comment by معرفت نفس — November 25, 2020 @ 7:41 pm

  17. Very shortly this website will be famous among
    all blogging and site-building viewers, due to it’s nice content

    Comment by https://www.shop-swimmingpool.at/ — November 25, 2020 @ 7:41 pm

  18. I’ve been exploring for a bit for any high-quality articles or weblog
    posts in this sort of area . Exploring in Yahoo I ultimately stumbled upon this web site.

    Reading this info So i am happy to exhibit that I
    have an incredibly just right uncanny feeling I discovered exactly what I
    needed. I such a lot definitely will make sure to do not
    omit this site and give it a look on a relentless basis.

    Feel free to surf to my web site … 메리트카지노

    Comment by 메리트카지노 — November 25, 2020 @ 7:43 pm

  19. There’s certainly a great deal to know about this subject.
    I really like all the points you have made.

    Comment by slot online — November 25, 2020 @ 7:47 pm

  20. Yes! Finally someone writes about 카지노사이트.

    Comment by 예스카지노 — November 25, 2020 @ 7:52 pm

  21. Its not my first time to visit this website, i am browsing this web page dailly and get pleasant
    facts from here daily.

    Comment by Fun videos for kids — November 25, 2020 @ 7:54 pm

  22. What’s up to every , as I am genuinely keen of reading this web site’s
    post to be updated daily. It carries nice material.

    Comment by meds canada — November 25, 2020 @ 7:55 pm

  23. I truly love your site.. Pleasant colors & theme. Did you build this amazing site yourself?
    Please reply back as I’m planning to create my own site
    and would like to know where you got this from or exactly what
    the theme is called. Thank you!

    Comment by credit-repair-mlm — November 25, 2020 @ 7:56 pm

  24. I’m not sure where you’re getting your information, but
    great topic. I needs to spend some time learning more or understanding more.

    Thanks for fantastic information I was looking for this information for my mission.

    Comment by 예스카지노 — November 25, 2020 @ 7:59 pm

  25. I have to thank you for the efforts you have put in penning this
    site. I’m hoping to view the same high-grade blog posts by you later on as
    well. In truth, your creative writing abilities has inspired me to get
    my very own blog now 😉

    Look into my blog – 100 gigabit ethernet switch

    Comment by 100 gigabit ethernet switch — November 25, 2020 @ 7:59 pm

  26. Just wish to say your article is as amazing.
    The clarity on your submit is simply excellent
    and that i can think you’re an expert in this subject. Fine together with your permission allow me to grab your RSS feed to keep updated with impending post.
    Thanks 1,000,000 and please carry on the enjoyable work.

    Comment by clark371.elsokhnaonline.com — November 25, 2020 @ 8:03 pm

  27. Hmm it seems like your site ate my first comment (it was extremely long) so I guess I’ll just
    sum it up what I submitted and say, I’m thoroughly enjoying
    your blog. I too am an aspiring blog writer but I’m still new to
    everything. Do you have any helpful hints for novice blog writers?
    I’d definitely appreciate it.

    Comment by visite my wep site — November 25, 2020 @ 8:03 pm

  28. Its like you learn my thoughts! You appear to
    grasp a lot approximately this, such as you wrote the book in it or something.
    I think that you can do with some p.c. to power the message house
    a little bit, however other than that, this is great blog.

    An excellent read. I’ll definitely be back.

    Comment by https://turner1046.kizmasaj.com/2020/11/16/the-pain-of-blackjack.html — November 25, 2020 @ 8:06 pm

  29. Fantastic goods from you, man. I’ve understand your stuff previous to
    and you’re just extremely great. I really like what you have acquired here,
    certainly like what you are stating and the way in which you say
    it. You make it entertaining and you still care for to keep it smart.
    I can not wait to read much more from you.
    This is actually a great web site.

    Comment by w11poker idn poker — November 25, 2020 @ 8:08 pm

  30. I think that everything published was very reasonable.
    But, what about this? what if you were to write a killer headline?
    I am not saying your information isn’t solid, butt suppose you added a post title to maybe grab folk’s attention? I mean Solutions to Security,
    Privacy, Idenhtity and Censorship « My Life and Ideas iss
    kinda boring. You should look at Yahoo’s home page and note how they
    create article titles too get people to click.
    You might add a video or a related pic oor two to grab peiple excited
    about whaqt you’ve written. Just my opinion, it could bring
    your website a little livelier.
    автомобілі форд homepage купити
    форд

    Comment by homepage — November 25, 2020 @ 8:11 pm

  31. Thank you for the auspicious writeup. It in reality used
    to be a enjoyment account it. Glance complex to far brought agreeable from you!
    By the way, how could we communicate?

    Comment by conference venue finder — November 25, 2020 @ 8:20 pm

  32. Good day! I know this is somewhat off topic but I was wondering which blog platform are
    you using for this site? I’m getting sick and tired of WordPress because I’ve had issues with hackers and I’m looking at options for another platform.
    I would be great if you could point me in the direction of a good
    platform.

    Comment by patel355.birdsdot.com — November 25, 2020 @ 8:21 pm

  33. I know this if off topic but I’m looking into starting my own blog and was curious what all is required to get set up?
    I’m assuming having a blog like yours would cost a pretty penny?

    I’m not very internet savvy so I’m not 100% sure.

    Any recommendations or advice would be greatly appreciated.
    Cheers

    Comment by site — November 25, 2020 @ 8:26 pm

  34. Greate article. Keep posting such kind of info on your page.

    Im really impressed by your site.
    Hello there, You’ve performed an incredible job. I’ll certainly digg it and individually suggest to my friends.
    I am sure they’ll be benefited from this website.

    Comment by Watch Jav Free HD — November 25, 2020 @ 8:29 pm

  35. There’s certainly a great deal to find out about this topic.
    I love all of the points you have made.

    Comment by clarke859.askcreator.com — November 25, 2020 @ 8:30 pm

  36. Hi! This is kind of off topic but I need some guidance from an established
    blog. Is it very hard to set up your own blog? I’m not very techincal but I can figure things out pretty fast.

    I’m thinking about creating my own but I’m not sure where to
    begin. Do you have any points or suggestions? Appreciate
    it

    Comment by FinANce — November 25, 2020 @ 8:33 pm

RSS feed for comments on this post. TrackBack URL

Leave a comment

image