[cryptography] LeastAuthority.com announces PRISM-proof storage service

Eugen Leitl eugen at leitl.org
Tue Aug 20 09:45:05 PDT 2013 

----- Forwarded message from ianG <iang at iang.org> -----

Date: Sat, 17 Aug 2013 11:52:58 +0300
From: ianG <iang at iang.org>
To: cryptography at randombit.net
Subject: Re: [cryptography] LeastAuthority.com announces PRISM-proof storage service
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:17.0) Gecko/20130801 Thunderbird/17.0.8

On 16/08/13 22:11 PM, zooko wrote:
> On Tue, Aug 13, 2013 at 03:16:33PM -0500, Nico Williams wrote:
>> 
>> Nothing really gets anyone past the enormous supply of zero-day vulns in their complete stacks.  In the end I assume there's no technological PRISM workarounds.
> 
> I agree that compromise of the client is relevant. My current belief is that
> nobody is doing this on a mass scale, pwning entire populations at once, and
> that if they do, we will find out about it.
> 
> My goal with the S4 product is not primarily to help people who are being
> targeted by their enemies, but to increase the cost of indiscriminately
> surveilling entire populations.
> 
> Now maybe it was a mistake to label it as "PRISM-Proof" in our press release
> and media interviews! I said that because to me "PRISM" means mass surveillance
> of innocents. Perhaps to other people it doesn't mean that. Oops!


My understanding of PRISM is that it is a voluntary & secret
arrangement between the supplier and the collector (NSA) to provide
direct access to all information.

By 'voluntary' I mean that the supplier hands over the access, it
isn't taken in an espionage or hacker sense, or leaked by an insider.
I include in this various techniques of court-inspired voluntarianism
as suggested by recent FISA theories [0].

I suspect it is fair to say that something is PRISM-proof if:

  a) the system lacks the capability to provide access
  b) the operator lacks the capacity to enter into the voluntary
arrangement, or
  c) the operator lacks the capacity to keep the arrangement (b) secret

The principle here seems to be that if the information is encrypted on
the server side without the keys being held or accessible by the
supplier, then (a) is met [1].

Encryption-sans-keys is an approach that is championed by Tahoe-LAFS
and Silent Circle.  Therefore I think it is reasonable in a marketing
sense to claim it is PRISM-proof, as long as that claim is explained
in more detail for those who wish to research.

In this context, one must market ones product, and one must use simple
labels to achieve this.  Otherwise the product doesn't get out there,
and nobody is benefited.



iang


[0] E.g., the lavabit supplier can be considered to have not
volunteered the info, and google can be considered to have not
volunteered to the Chinese government.
[1]  In contrast, if an operator is offshore it would meet (b) and if
an operator was some sort of open source distributed org where
everyone saw where the traffic headed, it would lack (c).




> Regards,
> 
> Zooko
> 
> _______________________________________________
> cryptography mailing list
> cryptography at randombit.net
> http://lists.randombit.net/mailman/listinfo/cryptography
> 

_______________________________________________
cryptography mailing list
cryptography at randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5

More information about the cypherpunks mailing list