[liberationtech] Open letter to Phil Zimmermann & Jon Callas of Silent Circle, re: Silent Mail shutdown
Jacob Appelbaum
jacob at appelbaum.net
Fri Aug 16 15:33:23 PDT 2013
Ali-Reza Anghaie:
> I understand we're talking about verifiable builds and software
> distribution but using the Zetas as an example is getting kind of
> ridiculous.
>
The point of using the Zetas is perhaps not clear but I think I
understand well what Zooko means. We've talked about it a few times in
person and I think it isn't always clear upon first read or the first
time someone hears the example.
The Zetas represent something totally different from our personal
relationship with the State - they represent a potentially lawless but
powerful element in global society, one where we probably can't reason
with them and in the end, we won't have a lot of leeway in convincing
them to stop whatever they're planning. So, how does the architecture of
the system hold up when such an adversary is in your threat model? How
can you comply with the Zetas? How might one do so without harming
users? How might you save your own life and hopefully by doing
everything that they want, everyone other than the attacker is satisfied
with your actions and the resulting outcomes?
There are very few systems that accomplish this goal or even try to
tackle this goal.
Distributed, decentralized systems have other issues - though this is
one place where they tend to do well. Centralized systems without
external verifiability tend to fail very badly under threat from such an
adversary.
Yes, the Zetas could go after anyone publishing software. If we walk
through it - if there is only one person who does the publishing, and
only one person who can sign and upload the build, we have most of
today's software. If we have a system where there is an eco system of
providers, software distributer and so on - we have a few of today's
systems.
Which system is more likely to fail and fail silently from the Zeta
threat? Which will fail without notice by anyone, especially an end user?
The centralized system will almost certainly fall first - especially if
it is a small startup.
All the best,
Jacob
More information about the liberationtech
mailing list