NSLs, gag-orders, code-changes, coerced backdoors - any tech response? (Re: Lavabit and End-point Security)
Lodewijk andré de la porte
l at odewijk.nl
Wed Aug 21 04:20:53 PDT 2013
Torrents show. Bitcoin shows.
Common protocol, many clients, graceful as possible failures, distributed
everything.
Else you'll always have a centralized something that can get broken.
The alternative answer is that you're dealing with two problems. Political
problems, from gag-order-ish affairs to licenses to prevent you from doing
it, and operational problems, the implanted code, the coerced backdoor.
Political problems call for political solutions. Distributing everything is
an approach to evade them. Just like we can write code we can write a legal
structure for our entities. Mega is doing just that. Put the right thing
in the right country, evade certain punishable things but deal with their
use cases. Basically you're looking at a system of laws, and you're
programming a way to not be subject to them. You musn't forget that laws
move, however slowly. (like dealing with changing APIs)
Operational problems are historically dealt with by controlling the people
working on the project. You should get those with iron loyalty and
confidence in the greater good you're doing. That's nearly impossible to be
sure about and NSL-type-things make it excruciatingly hard for them. Then
layering, rounds of approval, people approving in different nations, etc.
Which is a combined political and physical means of dealing with the
problem.
I'm pretty sure that ATM it is unfeasible to produce code that doesn't
contain backdoors. Formal proofs are touchy and hard to read. Code gets
complicated and large. Backdoors are elaborate and sneaky. But the
political problems can be dealt with. And minimizing the code that can
contain backdoors is also a good idea.
You could also go for the never-done-in-production testing method where you
have two (or more) distinct implementations of the same thing, and you see
if the results are totally correct. That way someone would have to hide two
backdoors, for two different programs, in the same payload without breaking
the program the backdoor is not meant for.
There's ways. It's a lot of work.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 2326 bytes
Desc: not available
URL: <http://lists.cpunks.org/pipermail/cypherpunks/attachments/20130821/4302aa23/attachment-0001.txt>
More information about the cypherpunks
mailing list