Hacker News new | comments | show | ask | jobs | submit login

I haven't read the code or the design, but I'll say:

* To the extent that Diaspora's security depends on Rails, their problem is tenable; Rails (when properly configured, which this project isn't) does a really nice job of making CRUD secure.

* To the extent that Diaspora's security depends on cryptography, we needn't worry about the security of their current design at all, because they have no current design; what they have instead is a "hello world" of cryptography; someone professional (or in academia) will need to design something for them, and then write a paper on it.

I'm worried about their federation strategy: even assuming users A@provider1 and B@provider2 don't have their communications compromised, I have a feeling that Here There Be Dragons around this area, in every fashion I can imagine and many that I can't. At the moment, though, their crypto is academic in that it is like a bank vault door securing a vault where one wall is actually open air and passerby on the street could walk in and take the money. It may or may not be a good door, I don't know, but it is not a good vault.

The Rails bits, yeah, those should be solvable if anyone wants to solve them. I really like Rails for a lot of reasons, and my experience has been that I do less damage with it than I used to do with Java.

The Diaspora crew came to my company and gave a talk. It was pretty boring actually. They ARE NOT interested in cryptography in the first place. The only crypto going on is SSL. Whoopy-doo-dah.

If they wanted to actually solve a problem they could have tried to make this system pseudonymous, with all social graphs, user data and messages encrypted. Oh well.

Would that it were true that there was no crypto going on in Diaspora, but no:


Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact