Jonkman Microblog
  • Login
Show Navigation
  • Public

    • Public
    • Network
    • Groups
    • Popular
    • People

Conversation

Notices

  1. Mike Gerwitz (mikegerwitz@social.mikegerwitz.com)'s status on Friday, 25-Jan-2019 22:23:07 EST Mike Gerwitz Mike Gerwitz
    What I've seen missing from prominent cryptographers in discussion of the GHCQ's recent #backdoor proposal is the mention of how such a thing is less effective against free/libre software systems. The proposal involves adding a "ghost" user to E2E-encrypted conversations, which requires that the client silently encrypt to a third party. Such an antifeature couldn't just be committed to the project---it'd be too risky, since anyone could potentially find it.

    Of course, there's still the issue of trusting binary distributions unless their builds are reproducible, and users who blindly download binaries without verifying signatures are also at risk. This emphasizes the importance of reproducible builds: a malicious actor isn't likely to commit code in plain view of the world; rather, they'll probably just distribute a modified binary and be dishonest about the corresponding source code.

    https://www.lawfareblog.com/principles-more-informed-exceptional-access-debate
    In conversation Friday, 25-Jan-2019 22:23:07 EST from social.mikegerwitz.com permalink

    Attachments

    1. Principles for a More Informed Exceptional Access Debate
      from Lawfare
      GCHQ officials outline how to enable the majority of the necessary lawful access without undermining the values we all hold dear.
  • Help
  • About
  • FAQ
  • TOS
  • Privacy
  • Source
  • Version
  • Contact

Jonkman Microblog is a social network, courtesy of SOBAC Microcomputer Services. It runs on GNU social, version 1.2.0-beta5, available under the GNU Affero General Public License.

Creative Commons Attribution 3.0 All Jonkman Microblog content and data are available under the Creative Commons Attribution 3.0 license.

Switch to desktop site layout.