Blog‎ > ‎

Integration, Trust, Cypherpunks, Entropy, Confidential, DHT, Reputation, Identities, Monitoring, Signatures

posted Jan 29, 2016, 8:08 AM by Sami Lehtinen   [ updated Jan 29, 2016, 8:09 AM ]
  • The usual integration stuff, table renames, missing access rights, constant tuning of message structures. Such a joy, but we'll get the job done. References to data which is actually missing.
  • I've considered these reputation and trust issues many times when doing some some deals. My personal risk rating was directly what I'm worth as a partner to the counter party. If I know I'm a valuable contact, they've got a less interest to screw me. That also means that if I start from zero trust it means that I'm going to have several iterations with growing trade amount, just like TCP window scaling works. ;) If there's any problem, then I'll just step down the deal and retry. I'm always ready to accept risk of packet loss.
  • So much discussion about intelligence agencies, OpSec, corporate and enterprise security as well as small underground groups, secure / dead drops, and so on. We're living interesting times. Does NSA know who Satoshi is? Are underground cypherpunks everywhere?
  • Does revealing your password length make password less secure? Of course it does, but just a very little. If I tell that I prefer to use 32 character random password, will it make you able to crack it? Well, you can always try it. Just good luck figuring out: C+MRVubmZ^_p#rYZAcNb55LDdPd@W字Zb - Yeah, does that make you think I'll prefer Chinese with Unicode point words? Maybe, maybe not. Unicode is huge space, what I'm I'm using a random code point? Just think about it. Actually battery correct stable horse can be presented in much more compact format. 電池正確穩定的馬 - Yep, that's only 8 characters long, but got at least the same amount of entropy in it.
  • You know, even if I post a lot of stuff. I've never leaked anything which is considered to be confidential. I've also reminding people and colleagues about OpSec and privacy all the time. As well as many of my posts are intentionally very vagues or ambiguous on purpose. Even if my stuff seems pretty random at times, I'm still maintaining high professional ethics. Confidential is confidential and trues secrets I really don't know anything about, I guess I've forgotten. Usually I'll decide right at the time, I've never heard about it. I just seems that I can't really recall any of such occasions. I'm loyal to contracts that I've made, as well as I'll also highly value any agreements I'm agreed to even if not documented, I like to be respected. Does that make a person a threat or asset? That's a great question? I really really don't know answer to that. Maybe someone does?
  • Long discussions about what is DHT and what it requires? Does DHT require a 'network support'? AFAIK it doesn't. I think it's enough that the network NODES do support DHT, there's not requirement for the network, except as it being able to 'address the nodes and route traffic'.
  • I've considered these reputation and trust issues many times when doing some untrusted deals with more or less anonymous counter parties. My personal risk rating was directly comparable to what I'm worth as a partner to the counter party. If I know I'm a valuable contact, they've got a less interest to screw me. If I start from zero trust, then I'm going just to have a several iterations with growing trade value, just like TCP window scaling works. If there's any problem, then I'll just step down the trade value and retry. I'm always ready to accept the risk of packet loss.
  • It's a good idea to rotate pseudonymous identities. Even if it leads to loss of earned reputation. That's worth of it, if you want to maintain reasonable privacy.
  • NSA's bulk data collection is the key here. They might not know now which data will be important in year. If you collect all data, you'll be able to dig through it later.
  • I also think that intelligence agencies got a secondary problem. They're very eager to keep their capability secret. Which means a lot of data which they collect can't be actually used. Actually it's quite funny to see targeted raids / checks to fail. Because it seems that they might not had enough data after all. I've been in that kind of situation a few times personally. Where it has been clear that they've got some data on me, but then they've done targeted check (attack) and found nothing. They've known that if they would have had enough (all) data. But what about double construction?
  • During wars it was quite common that they could have had information about coming devastating attack, but if they would have acted on it, it could have endangered the intelligence resources / capability / contacts / sources, which meant that the couldn't make any warning about the incoming attack.
  • Finland is trying to pass legalization for 'pervasive Internet monitoring' of course based on the current EU security crisis. Well, the sad thing is that it probably would not work on a certain group of threats, where the people are extremely intelligence and forensics aware.
  • When rotating identities I'm making sure that I can't reuse the old identity even if I wanted to. Why? Well, in that case I can't be tricked to reveal my-self. It's gone and gone for good. Whatever might be lost with it, is acceptable. If required, I could maybe generate new key pair and send the new key signed with the old key. But that's only with very rare cases. When communicating about certain things I always maintain strong pseudonymous identity or identities / contact. I can at any point prove it's me, if I just want to. But I prefer staying pseudonymous. Some people claimed it's stupid to post signed messages. But the reason for posting signed messages is not that they can verify the signature. The point is that I can easily prove that I posted the messages, if I just want to do so.