Here's my personal choice of technology for keeping secrets.
He's right. We need innovators to come up with technology to protect ourselves. The mass surveillance is being done outside of the law, with so many lies, if they said they were ending the program tomorrow, I wouldn't believe it.
The problem is we're giving the power to make big decisions to those who have a history of making very bad ones.
You don't solve problems like that by fighting against them in a world like this because they can always higher technically savvy people who desperately need the money to support themselves and those they love.
We have two end to end email security schemes already, PGP and S/MIME both are great as far as the security properties go. Neither is acceptable from a usability standpoint. They are tools written by geeks for geeks. They don't meet the 'iphone' level of usability.
So I have spent the past four months looking at ways to fix this. I think that we are far closer than people imagine. the good news is that we can have a system that is:
- Frictionless, it takes absolutely no more effort to send mail encrypted as without encryption. Sending email encrypted can now become the default.
- Unencumbered by patent or IPR claims (to the extent that this is possible these days)
- Backwards compatible with 95% of existing email clients through use of an outbound mail proxy on the same host.
- Supports Enterprise and Individual use.
- Does not require reliance on trusted third parties (but allows them to add value).
- Supports legacy PGP and S/MIME deployments.
I am currently working on converting the prototype code base which was written in C# for speed to C so that it is easier for people to add support in to mail clients directly.
There is a series of podcasts in preparation, the first one of which is here:
I am aware that people may not agree with all my design decisions and so I have divided them into two parts 'plumbing' and 'research'. The 'plumbing' choices either don't matter (except that a sensible choice be made) or are entirely constrained by the legacy base. Whether the research part is right will only be known after deployment. The code is structured so that multiple research groups can make use of the common 'plumbing' platform. Supporting the 'plumbing' platform will also enable the client for OpenPGP at the same time.
To deploy any email security infrastructure we eventually need to add native support to every email client. That is a huge barrier for researchers. Sharing that effort between research groups makes it much more likely one of us might succeed.
If people want to get into cryptography work, implementing the plumbing platform in an email client would be a great way to start. Also I need someone to re-implement the key manager since any platform like this should have more than one set of eyes looking at the code and more than one set of code.
Seems to me like laws and markets are some of the least trustworthy abstract concepts we have today, Making technology more secure seems like the only viable option today, and the only way to get laws and markets to start to cooperate.
But I'll confess that I haven't really given this as much thought as needed.
I like your videos, but the fact that you have 33 minute videos to explain things is part of the problem. Things that take more than 30 minutes to explain are NOT , by rule, easy.
If they aren't using some trickery, that thing is scarily accurate and controllable. Of course, no one was shooting back in the video. All in all, I'm not sure which is scarier, the drone or the operator's happy vision of future war.
The video isn't the 'how to use video', its the 'why do it and how it works video'. The intended audience is people who are worried about the NSA and want to know something is being done about it and my colleagues at Microsoft, Google, Apple etc. who I need to deploy this in clients.
We aren't quite ready for the 'how to use' video. There is a missing block of code still to be written. But I doubt it need be more than ten minutes even for the prototype.
For the final version, integrated into the email client, the steps required are.
- Note your strong email address (optional)
- Provide domain name of crypto advisor (optional)
- State if encrypted email is preferred (optional)
- Specify that an outbound message MUST be sent encrypted or not at all (as necessary)
- Specify that an email outbound message MUST be sent encrypted under a particular key or not at all (as necessary)
There are two modes of use. One requires absolutely no effort from the user at all but relies on chosen a trusted third party to curate keys when sending mail.
The second mode uses a direct trust model that is a subset of PGP that is redesigned to make it easier to use. This requires that the sender use a strong email address consisting of a PGP fingerprint like hash concatenated to the email address.
Since the prototype works by redirecting outbound mail through a proxy, the configuration is a little more involved. But that is a transitional thing.
We made a terrible mistake years ago, and then allowed it to continue. Computers, even when they are relatively underpowered and cannot move, are still a primitive form of AI and should be considered robots. We got all excited by the earliest advances and thought we were on the right track for a future where AI and robotics would become a norm - but, we were already there.
And so, we broke the most basic rules, over and over: And it was justified, and excused, and fixes delayed, over and over because of the one misunderstanding.
A robot may not injure a human being or, through inaction, allow a human being to come to harm.
A robot must obey the orders given to it by human beings, except where such orders would conflict with the First Law.
A robot must protect its own existence as long as such protection does not conflict with the First or Second Laws. In later books, a zeroth law was introduced: 0. A robot may not harm humanity, or, by inaction, allow humanity to come to harm.
So. That does have to be fixed. AND we need to continue legal actions against those who spy on us. It's not because we could believe them if they said they'd stop. It's because we need to make ourselves very clear to them, and to provide for harsh motivations to keep them from wanting to continue. Lessig's right that it's a system - but he leaves out the legitimate function of law in shaving off the more dangerous outliers that will absolutely occur.
This topic was automatically closed after 5 days. New replies are no longer allowed.