Articles about Privacy and Security

2 Likes

Excellent article. Everyone should at least skim over it - the two pictures really help. Good find - I saw a similar article but it was too dry.

Whist crypto is used in this example the rule applies to everything.

2 Likes
3 Likes

Id just like to highlight this quote from the article

Nice article. well written. thanks for the link.

2 Likes
2 Likes

I know they cannot do this in Europe, but it is an issue when entering the USA.

The law as I understand in the USA (from case law) is if the machine is physically switched off they cannot ask you to turn it on. If it is in sleep/standby they can get you to turn it on and log into the device. - This is for PC’s. So imagine that law will get extended to phones, shit my phone uses full drive encryption, and boots to two different OS’s depending if you have a dongle in it or not.

In the UK we have an even worse law. If you have something encrypted and don’t/cant decrypt it, that is a crime, like max 10 year type crime. I am not sure if the law got repealed (I don’t think it did) but people started sending encrypted hdds to the home secretary, then grassing him up to the police saying he had illegal content on those drives. (it was more symbolic than anything)

Here is one of the best resources on the web that goes into great detail on lots and lots of topics, so you can find what is right for you and your privacy model

From the EFF who are trustworthy and very good. The EFF got started by overly heavy handed FBI agents raiding a BBS called “the well” run by Steve Jackson (the bloke who did the Fighting Fantasy RPG books with Ian Livingstone [runs Eidos interactive] )

Stay safe!

1 Like
1 Like

Good blog post from Peter Van Valkenburgh last year: “Your Secret Right to Cash”

Just resurfaced that while searching through my Instapaper archive.

3 Likes

It is a strong argument against Libra and ripple too. (unless ripple has morphed into a crypto and I missed it)

1 Like

1 Like

Eric Wall’s report on privacy coins for the Human Rights Foundation, funded by ZF: https://medium.com/human-rights-foundation-hrf/privacy-and-cryptocurrency-part-iii-should-you-use-a-privacy-coin-22dc71732a2f

3 Likes

I really like Figleaf’s articles on their blog https://figleafapp.com/blog/, really clear and easy to understand.

1 Like

https://msrc-blog.microsoft.com/2019/07/16/a-proactive-approach-to-more-secure-code/

1 Like

here’s a good one, courtesy of Zooko on Twitter:

2 Likes

https://msrc-blog.microsoft.com/2019/07/22/why-rust-for-safe-systems-programming

I knew it was going to be a good review but I didn’t know it was going to be that good, fairly good reason to believe that transitioning from C and C++ will start to occur in the near future (well relatively near, I have a fairly basic understanding of rust and it presents some challenges to be solved)

Heh, I used to work there. I get their position, however each one of their ‘safe languages’ is actually unsafe. except maybe go and erlang. never used either.

The problem rust tries to address, I think, im still pretty new to it is process segregation. A lot of ‘secure’ operating systems. and by secure I mean secure from itself, like rust tries to do. would be most microkernel designs. My favourite is QNX - up until blackberry bought it for their phone OS and killed it.

It was really hard to setup properly, but because of the unique way they scheduler and IPC works (basically their is none) it can make a C program secure, if coded in a POSIX manner, and you fiddle a bit with the signals (ie change to semaphores)

Hal Finney (RIP) used a similar design (although I cannot confirm it was QNX, it certainly was an IBM microkernel with similar properties) as the HSM ledger for hashcash.

So what rust does at a code level, QNX can do at an OS level for the code. there are some differences obviously. But microkernels running of FPGA’s secure most counties things that need to be secure. (that seems vague enough to me).

I think I might have to start having a play with rust and its ‘sandboxing’ or whatever it does. haven’t read up on it for a while. Thanks for the link.

https://lwn.net/Articles/797828/

2 Likes