Hi folks, Apologies for abusing the word "trust" some more, but I don't know what other word to use. Feedback would be lovely. Sorry for the cross-post.
So, one of the goals folks worked out during FOSDEM was that each FreedomBox package should be able to explain to the user in a straightforward way (1) who the user is trusting, (2) for what purpose, (3) how that trust can be abused, and why such abuse would be bad for me (4). For example, with DNS requests (2), I trust my router, my ISP, my DNS host (possibly Google, if I use 4.4.4.4), and (if I'm unlucky) anywhere in-between (1). Each of them can view the DNS requests I make and tamper with the responses (3), causing me to visit a fraudulent bank website, for example (4). They could also record these requests permanently (3) allowing them to track (4) and advertise (4) relative to my movements. Other harms based on that stored data are also imaginable, but perhaps too unlikely, in the average case, to be worth mentioning. Similar profiles can be drawn up for other services, such as Jabber, where an attacker can fake my buddy list and my buddies' conversations, and so forth. What are generic attacks that are service independent that would be widely useful here? I'm thinking: - Can Learn (Profile) - Can Influence (Lie) What others would we need to cover all our (generic) bases? The important bit is to list out the attack surfaces and explanations, on a per service basis. Would it be possible to include generic explanations that can apply between services that cover the same purposes? How would we organize this, at a framework level? I appreciate your thoughts and your time, Nick
-- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at [email protected] or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
