[cryptography] Finally! Hyperledger is a trust N out of a selected M ledger system!
http://hyperledger.com/ With this nifty little tool one can manage pools that validate transactions. So instead of a consortium of anonymous miners motivated exclusively by profit you can trust a consortium selected according to a predefined procedure. Then if you trust the procedure, you can probably trust the consortium. With the trust problem solved you are very likely to be able to happily use money as you should. Fizz-bang Bitcoin is much less unique and useful. People will have a cheaper alternative that seems like it's just as good and more usable. Problem is that consortia are never good enough. There's always too big an opponent that can take down too much of a consortium. Bitcoin is a tease stronger than that. But much more expensive. I don't think it will take off though, there doesn't seem to be an early adopter advantage. Thoughts? ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
[cryptography] Silent Circle Takes on Phones, Skype, Telecoms
https://blog.silentcircle.com/why-are-we-competing-with-phone-makers-skype-and-telecom-carriers-all-in-the-same-week/ ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] Silent Circle Takes on Phones, Skype, Telecoms
On 7/10/2014 4:39 PM, John Young wrote: https://blog.silentcircle.com/why-are-we-competing-with-phone-makers-skype-and-telecom-carriers-all-in-the-same-week/ ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography The problem is, this will never really hit the mainstream. When or if it does, I might feel better about it. I remain suspicious. -- Kevin ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] Silent Circle Takes on Phones, Skype, Telecoms
This is the comsec dilemma. If a product or system becomes mainstream it is more likely to be overtly and/or covertly compromised. If marginal it is likely to be used by few and consequently not well tested against overt and/or covert faults and compromise, may go out of of business, or aquired by I-Q-Tel compromisers and reconfigured for wildly popular use by those who care squat about really, really secure comsec. Still, this is a period when NSA-proof has decent value as a marketing campaign. When snake oil is not considered to be bad business after all. When promises abound to take back the Internet are flowering under bountiful manure of comsec reputation cultivators. When comsec standards committees are diligently cleaning out the stables of excess manure accumulated since comsec escaped from lifetime security of secrecy mokus, braying like asses this time comsec will be pure and honest, no shit. Damn kids don't understand openness is a disease to be medicated by exposure to working inside and outside the shithouse, lying about scuzzy comsec as a way of life. Otherwise accept working forever as a minimally funded volunteer with dignity and self-respect, praised for self-sacrifice, be whispered about as if an insane idealist who could never adjust to reality of stinking like a sewer, accumulating bespoken suits tailored of finest dookie as if Silk Road weave. Silent Circle is on its way, stand back, the odor is finest perfume. At 05:45 PM 7/10/2014, you wrote: On 7/10/2014 4:39 PM, John Young wrote: https://blog.silentcircle.com/why-are-we-competing-with-phone-makers-skype-and-telecom-carriers-all-in-the-same-week/ ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography The problem is, this will never really hit the mainstream. When or if it does, I might feel better about it. I remain suspicious. -- Kevin ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] Silent Circle Takes on Phones, Skype, Telecoms
On 10 July 2014 22:39:01 CEST, John Young j...@pipeline.com wrote: https://blog.silentcircle.com/why-are-we-competing-with-phone-makers-skype-and-telecom-carriers-all-in-the-same-week/ I think a lot of the stuff Silent Circle is doing looks great; but I think we need a real open OS (perhaps built on replicant?) for this to be truly useful. As far as I can tell no code for PrivatOS has been made available yet? Some discussion at lwn this February: http://lwn.net/Articles/581085/ As for encrypted calls to the pstn: I suppose this means the call is secure to the phone switch of the receiver (at best) and subject to ordinary wire-taps after that? So calling a source that is watched combines a false sense of security with an an (almost) traditional level of risk? More technical details would ne helpful. -eirik ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] Silent Circle Takes on Phones, Skype, Telecoms
On Thu, Jul 10, 2014 at 4:45 PM, John Young j...@pipeline.com wrote: This is the comsec dilemma. If a product or system becomes mainstream it is more likely to be overtly and/or covertly compromised. This is why it's important the client is open source, the binaries are reproducible, and the encryption is end-to-end. Silent Circle is halfway there: most of the source code is available, but last I heard not all the pieces were there and people weren't able to build it (perhaps that changed?) Clearly OpenSSL is a great demonstration that many eyes don't make bug(door?)s shallow, but if the source is available, it's certainly something that can be used to build trust in a system. ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] Silent Circle Takes on Phones, Skype, Telecoms
On Thu, Jul 10, 2014 at 10:52 PM, Tony Arcieri basc...@gmail.com wrote: On Thu, Jul 10, 2014 at 4:45 PM, John Young j...@pipeline.com wrote: This is the comsec dilemma. If a product or system becomes mainstream it is more likely to be overtly and/or covertly compromised. I don't find this a dilemma - I don't use immature projects because they haven't had time prove themselves and get stress tested. I like the idea of LibreSSL but won't use it for at least 3 years (if it gains traction). Clearly OpenSSL is a great demonstration that many eyes don't make bug(door?)s shallow, but if the source is available, it's certainly something that can be used to build trust in a system. I don't think that's a good example at all. I think OpenSSL's issue is feature bloat without enough time for code audits. ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
