On 29/08/13 at 11:54pm, zooko wrote:
The Least-Authority Filesystem does all of the above. We have some pretty good
docs:
https://tahoe-lafs.org/trac/tahoe-lafs/browser/trunk/docs/about.rst
http://code.google.com/p/nilestore/wiki/TahoeLAFSBasics
A naive comment.
In his first email Zooko states:
S4 offers “*verifiable* end-to-end security” because all of the source
code that makes up the Simple Secure Storage Service is published for
everyone to see
A suspicious user may wonder, how can he be sure that the service
indeed uses the
Considering that it's designed to not trust the servers in the first
place (just your gateway, which often will be part of your own client
or otherwise run locally), it's not all too hard. If you've verified
the client, then you can be sure your data is secure.
2013/8/29 Nikos Fotiou
On 29/08/13 at 03:09pm, Nikos Fotiou wrote:
A suspicious user may wonder, how can he be sure that the service
indeed uses the provided source code. IMHO, end-to-end security can be
really verifiable--from the user perspective--if it can be attested by
examining only the source code of the
On Thu, Aug 29, 2013 at 02:44:37PM +0200, danimoth wrote:
On 29/08/13 at 03:09pm, Nikos Fotiou wrote:
A suspicious user may wonder, how can he be sure that the service
indeed uses the provided source code. IMHO, end-to-end security can be
really verifiable--from the user perspective--if it
On 16/08/13 22:11 PM, zooko wrote:
On Tue, Aug 13, 2013 at 03:16:33PM -0500, Nico Williams wrote:
Nothing really gets anyone past the enormous supply of zero-day vulns in their
complete stacks. In the end I assume there's no technological PRISM
workarounds.
I agree that compromise of the
On Thu, 15 Aug 2013 13:11, wasabe...@gmail.com said:
To: and From: headers leak the emails/identity of communicating parties,
but it's not the only place that happens. I've never used PGP but I've used
OpenPGP allows sending messages without information on the used keys
(e.g. gpg
On Tue, Aug 13, 2013 at 03:16:33PM -0500, Nico Williams wrote:
Nothing really gets anyone past the enormous supply of zero-day vulns in
their complete stacks. In the end I assume there's no technological PRISM
workarounds.
I agree that compromise of the client is relevant. My current
On Tue, Aug 13, 2013 at 01:52:38PM -0500, Nicolai wrote:
Zooko: Congrats on the service. I'm wondering if you could mention on the
site which primitives are used client-side. All I see is that combinations
of sftp and ssl are used for data-in-flight.
Thanks!
I'm not sure what your
On Fri, Aug 16, 2013 at 2:11 PM, zooko zo...@zooko.com wrote:
On Tue, Aug 13, 2013 at 03:16:33PM -0500, Nico Williams wrote:
Nothing really gets anyone past the enormous supply of zero-day vulns in
their complete stacks. In the end I assume there's no technological PRISM
workarounds.
I
Yeah. It's also worth pointing out that it is more or less impractical
to secure email. The result is paper-success-reality-fail. This has
been an observation for a long time. For recent evidence see Silent
Circle's decision to drop their secured email offering. I would say it
is mostly
On Wed, Aug 14, 2013 at 09:47:09AM +1000, James A. Donald wrote:
On 2013-08-14 6:10 AM, Nico Williams wrote:
- it's really not easy to defeat the PRISMs. the problem is
*political* more than technological.
For a human to read all communications would be an impossible burden.
We're
Dear people of the cryptography@randombit.net mailing list:
For obvious reasons, the time has come to push hard on *verifiable*
end-to-end encryption. Here's our first attempt. We intend to bring
more!
We welcome criticism, suggestions, and requests.
Regards,
Zooko Wilcox-O'Hearn
Founder,
Super! I think a commercial operator is an essential step forward.
Q: do you have some sense of how long the accesses take? E.g., I'm at
the end of a long ping, will I expect the actions to take ms, s, or ks?
iang
On 13/08/13 18:56 PM, Zooko Wilcox-OHearn wrote:
Dear people of the
On 8/13/13 11:02 AM, ianG wrote:
Super! I think a commercial operator is an essential step forward.
How so? Centralization via commercial operators doesn't seem to have
helped in the email space lately.
Peter
--
Peter Saint-Andre
https://stpeter.im/
On Tue, Aug 13, 2013 at 5:16 PM, Peter Saint-Andre stpe...@stpeter.im wrote:
On 8/13/13 11:02 AM, ianG wrote:
Super! I think a commercial operator is an essential step forward.
How so? Centralization via commercial operators doesn't seem to have helped
in the email space lately.
It helps
On 8/13/13 12:53 PM, ianG wrote:
On 13/08/13 20:16 PM, Peter Saint-Andre wrote:
On 8/13/13 11:02 AM, ianG wrote:
Super! I think a commercial operator is an essential step forward.
How so? Centralization via commercial operators doesn't seem to have
helped in the email space lately.
On Tue, Aug 13, 2013 at 12:02 PM, ianG i...@iang.org wrote:
Super! I think a commercial operator is an essential step forward.
A few points:
- if only you access your own files then there's much less interest
for a government in your files: they might contain evidence of crimes
and
On Tue, Aug 13, 2013 at 2:09 PM, Peter Saint-Andre stpe...@stpeter.im wrote:
Although presumably there would be value in shutting down a
privacy-protecting service just so that people can't benefit from it any
longer. When the assumption is that everything must be public, any
service that
On Tue, Aug 13, 2013 at 01:09:15PM -0600, Peter Saint-Andre wrote:
On 8/13/13 12:53 PM, ianG wrote:
On 13/08/13 20:16 PM, Peter Saint-Andre wrote:
On 8/13/13 11:02 AM, ianG wrote:
Super! I think a commercial operator is an essential step forward.
How so? Centralization via commercial
On 2013-08-14 6:10 AM, Nico Williams wrote:
- it's really not easy to defeat the PRISMs. the problem is
*political* more than technological.
For a human to read all communications would be an impossible burden.
Instead, apply the following algorithm. Identify people of interest.
Read
21 matches
Mail list logo