Send Link mailing list submissions to
[email protected]
To subscribe or unsubscribe via the World Wide Web, visit
https://mailman.anu.edu.au/mailman/listinfo/link
or, via email, send a message with subject or body 'help' to
[email protected]
You can reach the person managing the list at
[email protected]
When replying, please edit your Subject line so it is more specific
than "Re: Contents of Link digest..."
Today's Topics:
1. Re: email oligopolies (David)
2. 2026 Predictions (Marghanita da Cruz)
3. Signal creator Moxie Marlinspike wants to do for AI what he
did for messaging (Kim Holburn)
----------------------------------------------------------------------
Message: 1
Date: Tue, 13 Jan 2026 12:41:08 +1100
From: David <[email protected]>
To: [email protected]
Subject: Re: [LINK] email oligopolies
Message-ID: <6857736.MDQidcC6GM@ulysses>
Content-Type: text/plain; charset="us-ascii"
On Tuesday, 13 January 2026 08:28:29 AEDT Tom Worthington wrote:
> At one stage I was collecting digital IDs like postage stamps. I had one from
> the Post Office, one from the Australian Government and others from assorted
> organizations. None of them actually worked.
Yep, that supports my argument for a PKI server which is set up and run
explicitly for that purpose, not as an adjunct to some government department's
primary responsibility or the profitability of a private company, offshore or
not.
>> ... Government-run (therefore trusted) server ...
> The Donald J. Trump Trusted Server?
Quite so, but when things get to that stage it's a different story entirely!
And that brings us full circle back to Marghanita's call for predictions as to
2026: I predict IT&C technological developments will have little to do with it.
Will China take over Taiwan? Will Russia become desperate enough to use
strategic nuclear weapons in Ukraine? Will NATO / China / U.S. then get
involved? Will the White House continue its current volatile course? Will a
decent chunk of Antarctic ice slide into the ocean causing a 3-metre rise in
sea-levels? Most people don't realise (a) how vulnerable much of our global
Internet-based "services" really are and (b) how little they would be missed
after a few months.
> I have been singing my email because some email servers seem to think it
> makes my messages more trustworthy.
In the current world, singing is about all we can do (:-)) But what an
exciting time the next few years will be...
_DavidL_
------------------------------
Message: 2
Date: Tue, 13 Jan 2026 14:04:17 +1100
From: Marghanita da Cruz <[email protected]>
To: [email protected]
Subject: [LINK] 2026 Predictions
Message-ID: <[email protected]>
Content-Type: text/plain; charset=UTF-8; format=flowed
I was only calling for IT&T predictions.
I am hoping for Water views but don't predict this will happen as early
as 2026. But world may go nuclear as argument to fix man made climate
change.
Perhaps "There will Come Soft Rain" by Sarah Tisdale (1884 ?1933) is an
appropriate poem https://www.youtube.com/watch?v=XB3vXrPjNWM
or
So, this is Christmas by John Lennon (from 1971)
https://www.youtube.com/watch?v=7tSuREVliWM
Marghanita
On 1/13/26 12:41, David wrote:
> Quite so, but when things get to that stage it's a different story entirely!
> And that brings us full circle back to Marghanita's call for predictions as
> to 2026: I predict IT&C technological developments will have little to do
> with it.
>
> Will China take over Taiwan? Will Russia become desperate enough to use
> strategic nuclear weapons in Ukraine? Will NATO / China / U.S. then get
> involved? Will the White House continue its current volatile course? Will a
> decent chunk of Antarctic ice slide into the ocean causing a 3-metre rise in
> sea-levels? Most people don't realise (a) how vulnerable much of our global
> Internet-based "services" really are and (b) how little they would be missed
> after a few months.
--
Marghanita da Cruz
Telephone: 0414-869202
Email: [email protected]
Website: http://ramin.com.au
------------------------------
Message: 3
Date: Wed, 14 Jan 2026 09:00:13 +1100
From: Kim Holburn <[email protected]>
To: Link mailing list <[email protected]>
Subject: [LINK] Signal creator Moxie Marlinspike wants to do for AI
what he did for messaging
Message-ID: <[email protected]>
Content-Type: text/plain; charset=UTF-8; format=flowed
Do we really need more AIs?
https://arstechnica.com/security/2026/01/signal-creator-moxie-marlinspike-wants-to-do-for-ai-what-he-did-for-messaging/
Introducing Confer, an end-to-end AI assistant that just works.
Moxie Marlinspike?the pseudonym of an engineer who set a new standard for
private messaging with the creation of the Signal
Messenger?is now aiming to revolutionize AI chatbots in a similar way.
His latest brainchild is Confer, an open source AI assistant that provides
strong assurances that user data is unreadable to the
platform operator, hackers, law enforcement, or any other party other than
account holders. The service?including its large language
models and back-end components?runs entirely on open source software that users
can cryptographically verify is in place.
Data and conversations originating from users and the resulting responses from
the LLMs are encrypted in a trusted execution
environment (TEE) that prevents even server administrators from peeking at or
tampering with them. Conversations are stored by
Confer in the same encrypted form, which uses a key that remains securely on
users? devices.
Like Signal, the under-the-hood workings of Confer are elegant in their design
and simplicity. Signal was the first end-user privacy
tool that made using it a snap. Prior to that, using PGP email or other options
to establish encrypted channels between two users
was a cumbersome process that was easy to botch. Signal broke that mold. Key
management was no longer a task users had to worry
about. Signal was designed to prevent even the platform operators from peering
into messages or identifying users? real-world
identities.
?Inherent data collectors?
All major platforms are required to turn over user data to law enforcement or
private parties in a lawsuit when either provides a
valid subpoena. Even when users opt out of having their data stored long term,
parties to a lawsuit can compel the platform to store
it, as the world learned last May when a court ordered OpenAI to preserve all
ChatGPT users? logs?including deleted chats and
sensitive chats logged through its API business offering. Sam Altman, CEO of
OpenAI, has said such rulings mean even psychotherapy
sessions on the platform may not stay private. Another carve out to opting out:
AI platforms like Google Gemini may have humans read
chats.
Data privacy expert Em (she keeps her last name off the Internet) called AI
assistants the ?archnemesis? of data privacy because
their utility relies on assembling massive amounts of data from myriad sources,
including individuals.
?AI models are inherent data collectors,? she told Ars. ?They rely on large
data collection for training, improvements, operations,
and customizations. More often than not, this data is collected without clear
and informed consent (from unknowing training subjects
or from platform users), and is sent to and accessed by a private company with
many incentives to share and monetize this data.?
The lack of user-control is especially problematic given the nature of LLM
interactions, Marlinspike says. Users often treat
dialogue as an intimate conversation. Users share their thoughts, fears,
transgressions, business dealings, and deepest, darkest
secrets as if AI assistants are trusted confidants or personal journals. The
interactions are fundamentally different from
traditional web search queries, which usually adhere to a transactional model
of keywords in and links out.
He likens AI use to confessing into a ?data lake.?
Awaking from the nightmare that is today?s AI landscape
In response, Marlinspike has developed and is now trialing Confer. In much the
way Signal uses encryption to make messages readable
only to parties participating in a conversation, Confer protects user prompts,
AI responses, and all data included in them. And just
like Signal, there?s no way to tie individual users to their real-world
identity through their email address, IP address, or other
details.
?The character of the interaction is fundamentally different because it?s a
private interaction,? Marlinspike told Ars. ?It?s been
really interesting and encouraging and amazing to hear stories from people who
have used Confer and had life-changing conversations,
in part because they haven?t felt free to include information in those
conversations with sources like ChatGPT or they had insights
using data that they weren?t really free to share with ChatGPT before but can
using an environment like Confer.?
One of the main ingredients of Confer encryption is passkeys. The industry-wide
standard generates a 32-byte encryption keypair
that?s unique to each service a user logs in to. The public key is sent to the
server. The private key is stored only on the user
device, inside protected storage hardware that hackers (even those with
physical access) can?t access. Passkeys provide two-factor
authentication and can be configured to log in to an account with a
fingerprint, face scan (both of which also stay securely on a
device), or a device unlock PIN or passcode.
The private key allows the device to log in to Confer and encrypt all input and
output with encryption that?s widely believed to be
impossible to break. That allows users to store conversations on Confer servers
with confidence that they can?t be read by anyone
other than themselves. The storage allows conversations to sync across other
devices the user owns. The code making this all work is
available for anyone to inspect. It looks like this:
This robust internal engine is fronted by a user interface (shown in the two
images above) that?s deceptively simple. In just two
strokes, a user is logged in, and all previous chats are decrypted. These chats
are then available to any device logged in to the
same account. This way, Confer can sync chats without compromising privacy. The
ample 32 bytes of key material allow the private key
to change regularly, a feature that allows for forward secrecy, meaning that in
the event a key is compromised, an attacker cannot
read previous or future chats.
The other main Confer ingredient is a TEE on the platform servers. TEEs encrypt
all data and code flowing through the server CPU,
protecting them from being read or modified by someone with administrative
access to the machine. The Confer TEE also provides
remote attestation. Remote attestation is a digital certificate sent by the
server that cryptographically verifies that data and
software are running inside the TEE and lists all software running on it.
On Confer, remote attestation allows anyone to reproduce the bit-by-bit outputs
that confirm that the publicly available proxy and
image software?and only that software?is running on the server. To further
verify Confer is running as promised, each release is
digitally signed and published in a transparency log.
Native support for Confer is available in the most recent versions of macOS,
iOS, and Android. On Windows, users must install a
third-party authenticator. Linux support also doesn?t exist, although this
extension bridges that gap.
There are other private LLMs, but none from the big players
Another publicly available LLM offering E2EE is Lumo, provided by Proton, a
European company that?s behind the popular encrypted
email service. It adopts the same encryption engine used by Proton Mail, Drive,
and Calendar. The internals of the engine are
considerably more complicated than Confer because they rely on a series of both
symmetric and asymmetric keys. The end result for
the user is largely the same, however.
Once a user authenticates to their account, Proton says, all conversations,
data, and metadata is encrypted with a symmetrical key
that only the user has. Users can opt to store the encrypted data on Proton
servers for device syncing or have it wiped immediately
after the conversation is finished.
A third LLM provider promising privacy is Venice. It stores all data locally,
meaning on the user device. No data is stored on the
remote server.
Most of the big LLM platforms offer a means for users to exempt their
conversations and data for marketing and training purposes.
But as noted earlier, these promises often come with major carve-outs. Besides
selected review by humans, personal data may still be
used to enforce terms of service or for other internal purposes, even when
users have opted out of default storage.
Given today?s legal landscape?which allows most data stored online to be
obtained with a subpoena?and the regular occurrence of
blockbuster data breaches by hackers, there can be no reasonable expectation
that personal data remains private.
It would be great if big providers offered end-to-end encryption protections,
but there?s currently no indication they plan to do
so. Until then, a handful of smaller alternatives will keep user data out of
the ever-growing data lake.
--
Kim Holburn
IT Network & Security Consultant
+61 404072753
mailto:[email protected] aim://kimholburn
skype://kholburn - PGP Public Key on request
------------------------------
Subject: Digest Footer
_______________________________________________
Link mailing list
[email protected]
https://mailman.anu.edu.au/mailman/listinfo/link
------------------------------
End of Link Digest, Vol 398, Issue 12
*************************************
