Loading ...
Sorry, an error occurred while loading the content.

6201Re: [decentralization] decentralized recognizability

Expand Messages
  • Todd Boyle
    Nov 6, 2002
    • 0 Attachment
      At 08:57 AM 11/6/2002, Lucas Gonze wrote:
      >Miles Sabin wrote:
      > > My worry is that it isn't really all that much better than nothing.
      >
      >Military-grade security sometimes weakens actual security. Are you as
      >likely to proofread a textual key as to confirm the basic shape of a
      >squiggle? It may be that a slacker MITM attack is more than enough in
      >real life.

      IMO there will not be any user-intervention in whatever emerges as the
      solution, regardless whether it is Passport or something decentralized.

      To reach very broad adoption, security and authentication must be so
      reliable that ordinary money transactions never fail. That is a lot
      less than military grade. For example it might be based on mere
      economics of computational power, or my suggestion it be based on
      community reputation frameworks.

      The successful security framework will need to reach nearly universal
      adoption. There is a large fraction of the population that is so
      irrational about money that they are unable to make rational choices,
      and lose confidence in "new providers" too easily.

      I'm just going to recite three obvious things (you can skip:)

      1. Some of today's leading companies in financial services, software,
      telecommunicatinos and media will be harmed financially by any
      devolution of security and reputation out of central institutions.

      2. The power of government will also be affected i.e. some effects on
      the ability to collect taxes, and surveil communications would result if
      freedoms we have in real space are allowed over distances. e.g. paper
      cash, private conversations.

      3. Certain actors in those sectors, work actively to undermine privacy
      and security over networks. They fill the airwaves with FUD about
      hackers, stolen money, drugs, laundering, terrorists, etc. to protect
      the existing banking system, and actively undermine the usefulness
      of networks, fill them with SPAM and undermine the security and
      sovereignty of the user in many computing, network and radio
      hardware components.

      I've come to conclude there can never be adequate security on user-
      programmable PCs or hand-helds. Identity as well as secure
      communications will have to come from a device *owned by the user*,
      probably including at least a PIN pad and screen within the trusted
      device. Users will quickly learn that such a device contains not
      only a mere digital ID, but allows them to accrue digital reputation
      which is quite valuable, financially. As any valuable thing, they
      will positively safeguard it. Accordingly, what is missing is
      the intellectual work of developing P2P reputation frameworks,
      in coordination with design of the handheld devices. The semiconductor
      industry will certainly produce the thing if there's a market.

      The basic use case is sending a screenful of data (i.e. a contract)
      into the screen of the device for signature, as described in the
      MeT Peer to peer scenarios (ignore the telco "operator" scenarios.)
      http://mobiletransaction.org/documents.html The consortium spent
      megabucks, on UI standards for use of the screen on the TD so that
      the user would recognize the "Trusted Device" mode when it was
      presented by different manufacturers.

      If PCs, phones, palms etc. are ever to be secure their content must be
      flowed thru a VPN or something, controlled by the user. How this is
      ever going to happen is beyond my expertise. I would like to see the
      handheld trusted device have two ports: LAN and WAN, for signing,
      encryption etc. and this has to be fairly idiot proof. As with the
      TD, the private keys would be created and managed in a security element
      and private keys would never leave the handheld device... I had fun
      with this: http://www.gldialtone.com/Hippocrit.gif

      Again, I don't know what the end solution will be but it won't be some
      clever new software for the PC. It will be built into devices and it
      will be preceded by a very big discussion about reputation frameworks,
      and a formal architecture discussion including UML for software and
      hardware.

      None of those has begun yet,

      Todd
    • Show all 17 messages in this topic