Lucky to talk to Ania Piotrowska from Nym as part of my #WeDontSteam #Podcast

Nym promises to be the 'better than #Tor' anonymous network - a bold claim but one she says they don't make lightly.

jamesmullarkey.com/2021/03/the #SurveillanceCapitalism #privacy

@stman what about printing the messages on paper? or passing thru a transformer that displays an easily verifiable artifact?

unused bits as indicated in specs must either be formally-verified to ensure against their use or removed altogether - possibly making for awkward packing or inefficient representation.

@stman I think what you want is to transmit Abstract Syntax Trees, i.e. executable programs. They are only serialized when present in the transmission cables. There are even cryptographic ways for the sender to ensure the program is executed properly. The program's environment is encapsulated or can be swapped with a trusted environment more safely than the joke that are sandboxes today.

It's kinda like sending the image decoder with the image data and metadata. Except these programs can be a lot simpler and more standardized than they are today. We essentially know the breadth of common use cases and can design for that.

@stman @yaaps

This is the project I was remembering and referencing in my post:

microsoft.com/en-us/research/p

An Ironclad App lets a user securely transmit her data to a remote machine with the guarantee that every instruction executed on that machine adheres to a formal abstract specification of the app’s behavior. This does more than eliminate implementation vulnerabilities such as buffer overflows, parsing errors, or data leaks; it tells the user exactly how the app will behave at all times.

Going through the cryptography section of their website and I found some related topics that may be of interest: verifiable computing, homomorphic encryption, Secure Multi-Party Computation and EzPC, Certification of Symbolic Transactions, and Differential Privacy (also under Database Privacy)

This may catch your attention, from the EzPC page:

Secondly, to execute these protocols, one must express the computation at the low-level of circuits comprising of AND and OR gates, which is both highly cumbersome and inefficient.

So there's a lot here that ought to stimulate your imagination. This is what I imagine for the future of computing is that these cryptographic mechanisms are native and used to guarantee privacy of data and computation.

Follow

@theruran @yaaps operator stream, this means that even if you have a fab making your own chips you would personnaly check their integrity directly in the fab itself by analyzing a few random samples, you have no garantee that these IC will not be replaced by backdoored ones when the fab send them to you with logistic operators.

I have been researching several ways to implement on site full integrity checks, but also strategies like redundancy that can somehow, under

@stman @yaaps I like your idea of using LETs to display the self-test process and output. Earlier what I mentioned about printing or displaying an artifact is really a checksum that is easier for humans to visually check. If there are 1000 LETs that display a stable output at the end of the self-test, it can be very easy to miss a few LETs that are not illuminated but which may indicate a drastic difference of the IC behavior. So a checksum is more user-friendly for this purpose, but maybe you are concerned about its implementation correctness, since after all, how do we know the checksum algorithm is correct or can be trusted? What I am imagining is a printed image in the computer user manual of the correct self-test output, that the user can verify at any time by running the self-test.

Sign in to participate in the conversation
Mastodon

Server run by the main developers of the project 🐘 It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!