So a system hacked together by a few clever people is somehow proof against an organization that owns more computer hardware and employs more Ph.D. mathematicians than pretty much anyone else, and has access to most of the fibre through which most of the worlds' IP traffic flows?
Sure. I am also interested in the bridge, the swamp, and helping you deposit those millions into my account, to whom should I post my most intimate personal details?
And just to forestall obvious retorts based on Bitcoin and any and all other brilliant, game changing systems conceived of and implemented by small teams: That such teams can change the game, can occasionally create things sui generis, does not in any way diminish the possibility of a large, well funded, well staffed, and incredibly well resourced organization like the NSA from either having access via a) other channels (all crypto runs on hardware eventually, and all hardware gives out heat and makes noise - even if our ears cannot hear it; learn enough about waste emissions from hardware and you figure out what's going inside - and that's just one vector in the compute channel, let's not forget there are socially engineerable and occasionally corruptible people involved too!) or b) direct attacks on the crypto and other masking technologies themselves, because these guys - the NSA, I mean, keep up :-> - may just know that much.
I've never worked directly in areas that would give me first hand knowledge of any of the above (and I had, I would likely be committing a crime writing this) but I have worked long enough and deeply enough in adjacent areas to have an inkling of just how powerful an adversary (in the technical threat-risk-assessment sense) the NSA is. Or may be.
So to say that your latest weekend project is somehow proof against them? Hmm, I tend to, uh, at least dubiousness ("Well, have you considered this vector, and this combination of catastrophic failures?"), if not directly to outright scoffing ("Mwa ha ha, you're so sweetly naive, have a biscuit").
I tend not to worry about the NSA and others of their ilk because none of my shit is worth enough or is interesting enough to be of value to them. In aggregate? Who knows, good question. I tend not to worry about that either, though, because I'm pretty sure that there are plenty of other more interesting fish. I do worry about the potential erosion of civil liberties, but so long as we have the EFF and Michael Geist, I tend to feel a bit better and worry less.
The math for systems like this is pretty well vetted; considering that DHTs have been used in a number of projects for over a decade, any flaw that the NSA knows about almost certainly would have spilled out into the rest of the world by now. There are theoretical attacks against portions of this -- the 51% attack against the bittorrent protocol for signing IDs -- but in practice, they'd be very very difficult to actually pull off. Yes, a "few people" implemented it, but it's all pieces that have been vetted elsewhere.
The headline is over the top, but the article was pretty levelheaded. From the penultimate paragraph:
"[...] Freitas points out that if someone is monitoring your internet traffic — or mass monitoring internet users — they’d still be able to find your IP address (Freitas suggests those looking for additional protection consider the Tor Project‘s anonmity software)."
The leaks show the NSA had a hard time exploiting the Tor network. It's much more thought-out than this project, but in the beginning it too was just hacked together by a few clever people.
> The leaks show the NSA had a hard time exploiting the Tor network. It's much more thought-out than this project, but in the beginning it too was just hacked together by a few clever people.
At the U.S. Naval Research Laboratory.
(By any measure, most innovation is done by single persons or small teams, but Tor is an interesting example seeing as it was developed by the U.S. government itself.)
Tor started as a student project of Matej Pfajfar at the University of Cambridge. Then Roger Dingledine joined in 2002, then Nick Mathewson, Mike Perry, and many, many others.
The NRL was interested in onion routing and funded the project, as did DARPA, and now the State Department.
Dictators hate seeing the image of their harmonious society shattered by people telling it like it is. China, Iran, etc, block twitter because they let people speak their minds with less fear of retribution. An NSA-proof version means they can't do anything to ensure that everyone toes the party line.
Yes it is. And so is Twister. But the millions who use Twitter to quietly follow people/things could potentially be profiled [1] and labeled ''terrorist™'' by association.
> Twister is designed to prevent other users from knowing (...) who you follow.
Essentially, Twister prevents the NSA from profiling you as an 'undesirable' based on who you follow.
Yes the point of Twitter is to shout out stuff, but if NSA wanted to, it could shut you up permanently, that's why Twister is fighting against censorship, not for your privacy.
When they say NSA proof they are referring to the fact that they cannot insert backdoors easily due to the distributed nature [0] - it's just WIRED spinning the title.
The idea of using a blockchain to verify users seems really clever - it makes the barrier to entry extremely low. I hope we see a thing like this for diaspora so we can have rich social features without facebook. Maybe I am just an optimist
I think they use something like namecoin to store usernames and public keys,and laso increasing the number of registered users from 20 millin in namecoin which is quite limited, and combine it with a distributed dB for message storage and anonymous networking.
Also adding advertising as paymemt for security is smart and I could see it enabling companies in that area.
If it worked, it would become USA's Public Enemy #1 in no time. After all, anything that precludes the NSA from penetrating your sphincter is terrorist's work, right?
It doesn't really matter if Nakamoto really is the NSA (maybe "Satoshi" is the middle name and his first name is even Aaron, making the initials NSA, did anyone ever think of that?!), the protocol is open and any weaknesses or backdoors would eventually be discovered.
So a system hacked together by a few clever people is somehow proof against an organization that owns more computer hardware and employs more Ph.D. mathematicians than pretty much anyone else, and has access to most of the fibre through which most of the worlds' IP traffic flows?
Sure. I am also interested in the bridge, the swamp, and helping you deposit those millions into my account, to whom should I post my most intimate personal details?