thesmokingman @ thesmokingman @programming.dev

Posts

1

Comments

630

Joined

2 yr. ago

I think you’re missing “security fundamentals.”

Yeah I guess I missed the part where security fundamentals weren’t supposed to be a part of a secure product. Do you mind explaining how a product centered on trust can be developed without trust? I think that would really help me understand why you think repeating the word “beta” allows a security-focused company to sidestep normal foundational components.

Beta doesn’t negate security fundamentals ¯(ツ)/¯

Untestable security claims for sensitive information are useless. I’m a huge fan of Proton and I’m excited to test this but only once the blockchain is public. Until then there is no way to verify the trust so there is no trust.

If you disagree, I might have something for you. I’ve got the strongest financial encryption known to man on top of the best transit system ever that makes it super easy to do stuff. It’s all based on blockchain, of course. Just give me your credit card info and bank details. It’s in beta so I won’t let you audit it, but unless you’re shilling you don’t have a problem with that.

It doesn’t matter what the tech is, if you can’t audit it, you can’t trust it.

Also a single private blockchain owner is just a blackbox data store, not a blockchain. I’ve already explained how it’s vulnerable to very simple attacks, much less the complicated attacks that will be thrown at something like this.

Hey I’ve got a new scheme to validate the identity of someone for a very sensitive conversation. You wanna use it? Trust me, it’s secure.

I feel like you don’t understand the difference between a product roadmap and security fundamentals.

You don’t understand basic trust relationships. I don’t really care about your opinion. I already called out that your blind trust in beta software conflicts with my security fundamentals so we’re at an impasse. Once you understand why validation is important or can show why a critical component of trust architecture is somehow not necessary, I’d be happy to be happy to reconsider your opinion.

Your only response to valid criticism about the lack of verification is pointing to the state of development as if that magically washes away all of the criticism. It doesn’t.

While I do have many tinfoil hats, basic fucking trust measures do not require me to pull them out. This is cryptography 101 shit not anything complicated.

I still don't see why that matters.

Put differently, I've got a revolutionary new financial encryption system. It can safely act as the middleware between you and any vendor. You can trust me with your credit card numbers because of my years experience and industry clout. You can't see my system and I won't do a PCI audit because it's in beta. You can totally trust me though.

A fork assumes the old chain continues to exist instead of being completely replaced. Without insight into the chain, which is we can’t have until it’s public, you can’t make any guarantees of immutability.

… which gives a timing attack and the ability for bad actors to impersonate someone. I agree with you that, once public, this is a good idea. You cannot convince me that this is a good idea if done privately because there is no way to trust but verify, especially in the highly sensitive contexts they want trust in.

If it’s not public, I won’t trust it. You trust it blindly because it’s in beta. We’re not going to come to an agreement over these mutually exclusive positions.

Just because a blockchain is “private” doesn’t make it suddenly changeable

This is patently false. All blockchains are changeable with enough consensus. See something like this article.

Did we read the same article? Emphasis mine.

Yen said Proton might move the feature to a public blockchain

I’m not interested until it’s public. Additionally, building out the chain then dropping it to rebuild a new public one is rewriting history, which violates the whole “immutable” part of “immutable ledger.”

But it’s not public. It’s a private blockchain. The immutable ledger aspect only matters if everyone can see the ledger. Otherwise we take at face value all of the things you said. Assume they run one node and that one node is compromised by a malicious actor. The system fails. Extend it to a limited number of nodes all controlled by SREs and assume an SRE is compromised (this kind of spearphishing is very common). The system fails again.

Sure, you can creatively figure out a way to manage the risks I’ve mentioned and others I haven’t thought of. The core issue, that it’s not public, still remains. If I’m supposed to trust Proton telling me the person I’m emailing is not the NSA pretending to be that person (as the Proton CEO suggested), I need to trust their verification system.

The shit I’m getting is for my federal voting stance, not my local or state voting stance.

Complacency and support are the same thing at a political level. Doing nothing is a an explicit choice. The party doesn’t care about labor or anyone that isn’t a capitalist. Manchin and Sinema are great examples. They haven’t faced any consequences nor will they.

Harvard Business Review does the same thing. It’s really funny. One issue will have pro-executive+commercial real estate talking points (not backed up by data, just feelings) and then they’ll drop an online article or two talking about the power of remote work supported by actual data.

The big issue here is that the Biden administration is attempting to play by some old rules the Trump administration and current Republicans ignore. Sure. They’re pushing policy. Where’s the daily executive order undoing something or adding something? Where are the test cases constantly being pushed up like the right is doing? Where is the constant rhetoric to combat the vitriol? Where is the tit-for-tat removal of federal support for states fucking with people? Sure, lots of it will get thrown out. Some of it sticks, though, like blocking Garland’s nomination, and then seven years later you have people on the internet saying the Biden administration, doing fuck all novel, is actually trying to make a stand.

If you’re telling me I have one choice to avoid tyranny, that’s tyranny. There is no more democracy. The game is over. We lost. Why continue to do the same shit over and over expecting a different result? Why delay the inevitable?

If I vote Trump, I am supporting fascism. Not going to argue for anyone doing that; no positives in that camp.

If I vote for Biden, I give explicit support to attacks on labor, a complete lack of response to the attacks on everyone that Trump did, and prop up a party so supportive of our current Gilded Age you can’t talk shitty wealth policy without mentioning Democratic tech worship. War crimes, genocide, and surveillance were issues I’ve had with the party for years and Biden just continued them with a smile.

If I vote 3rd party, there’s a small chance something positive could happen. Worst case scenario it’s like I didn’t vote at all, but at least I didn’t vote to support fascism or billionaire ownership of common resources.

I have this debate a lot. If there’s only one choice in a two-party system, we don’t have a choice or a democracy. Call me all the names you want; I won’t vote for someone that thinks the way that Biden or Trump does about labor or foreign relations.

Oh really? What has Biden done to reverse any of the Trump policies? What laws have been enacted that enshrine protections? What is Biden doing to prevent the removal of said groups from schools and the stripping of their protections? What is his party doing to support and protect?

You’re so focused on the vitriol from one side you’re ignoring the complacency and damn near explicit support from the other side. Just because one side doesn’t say mean things doesn’t mean they don’t allow bad shit to happen.

What, exactly, has Biden done to reverse anything Trump did? What, exactly, has his party done to reverse the changes made? Where’s the rhetoric condemning Trump? Where’s the sense of urgency to reverse course?

You’re not giving me any choices here ergo I’m choosing another option. If that means I’m supporting “the bad” then the experiment has failed and we’re just circling the drain. I can choose to actively support circling the drain or I can try something new. I’m not going to play the old game because it’s already lost.