On Tue, Apr 22, 2014 at 11:47 AM, Caspar Bowden (lists) <[email protected]> wrote: > > TAHOE is also cool, but doesn't claim to provide confidentiality. A TAHOE > service provider would have no choice but to round-up/backdoor the necessary > keys under existing US (FISA/PATRIOT) or UK (RIPA Pt.3) legislation [or > Indian IT Acts etc. etc.]
Oh, by the way, this part was incorrect. An example of a Tahoe-LAFS service provider is my company, https://LeastAuthority.com. LeastAuthority.com does not have any ability to acquire our customers's keys, nor to backdoor our customers. I wouldn't be surprised if we are the only cloud storage company in existence that can defensibly make such a strong claim. By the way, here's a rhetorical technique that I think is useful: Change the hypothetical attacker, the one who who might compel a service provider to betray its customers, from the government to the mafia. What if a service provider has customers who are blogger activists who are campaigning against Mexican drug cartels? What if an infamously violent mafia organization, such as the Zetas Cartel, contact the service provider and tell the provider that if they fail to cooperate, that their family members will be tortured and murdered? As far as the technical mechanisms go, these two stories have approximately the same consequences. Whether the attacker is an oppressive national government or a murderous mafia, the critical technical questions have to do with what powers the service-provider has which it can wield to deliver its hapless customers to the attacker. Anyway, when we designed the LeastAuthority.com architecture, we used the "Zetas Vs. Bloggers" story as our guiding story. That's why the result is (I suspect) stronger against that sort of threat than any other comparable service. Regards, Zooko Wilcox-O'Hearn Founder, CEO, and Customer Support Rep https://LeastAuthority.com Freedom matters. -- Liberationtech is public & archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at [email protected].
