CryptoSeal shutters, ala: LavaBit
dan at geer.org
dan at geer.org
Tue Oct 22 03:37:29 PDT 2013
My biases, such as they are:
The topmost aim of security design is to choose tolerable failure modes.
The topmost aim of security engineering is to have no silent failures.
A state of security is achieved when there are no unmitigatable surprises.
That said, the challenge here is to pick what are the tolerable
failure modes, to ensure that when they occur that they are neither
silent nor silenceable, and to have mitigations in hand against
that day. Easier said than done, of course. Would that it were
possible for one lone wolf to have a flash of brilliance leading
to compact satisfaction of these needs, but I doubt that possibility.
YMMV,
--dan
More information about the cypherpunks
mailing list