[liberationtech] Safe app like Dropbox?
Jacob Appelbaum
jacob at appelbaum.net
Mon Jan 7 16:57:17 PST 2013
Julian Oliver:
> ..on Mon, Jan 07, 2013 at 02:20:28PM -0800, John Adams wrote:
>> On Sun, Jan 6, 2013 at 1:47 PM, Jacob Appelbaum <jacob at appelbaum.net> wrote:
>>
>>> I generally agree that the data should be encrypted, though I think it
>>> should also be authenticated and integrity checked before it is actually
>>> used.
>>>
>>
>> If this level of paranoia is relevant to you, then maintain multiple
>> offline SHA, MD5, and other checksum formats before use.
>>
>> It would be trivial to script this outside of Dropbox's scope.
>>
>>
>>> I also think most disk images are not actually that difficult to brute
>>> force - I was involved in a project to perform FileVault bruteforcing
>>> accelerated by an FPGA a few years ago. With a modern GPU, I think
>>> things are pretty slanted toward the attacker.
>>>
>>
>> Saying that it's possible to break all encryption, all the time, is a
>> non-answer and doesn't address practical uses of cryptography. It also
>> creates an environment of fear for casual users.
>
> Well said! Context is more important than the generalised fear of The
> Vulnerability.
What world wide context are you operating in exactly? How does that
compose with your local context?
> As long as people are entirely dependent on the discreditations of 'security
> experts' they're not making decisions, in local knowledge, for themselves.
> Hence, experts can even put people at greater risk.
>
Dependence on experts is a problem. Dismissal without a reasonable
solution is as big of a problem if not bigger, I think.
> The 'security' of any service, method or protocol is always relative to the
> context it is used within. Crudely put, two friends chatting loudly in a street
> parade may carry less risk of eavesdropping than sending a 4096 bit GPG
> encrypted email from one host on the Internet to another.
>
In a sense, sure. Absent an attacker, lots of stuff is "secure" by some
arbitrary standard. However, I'd say factually checking if something is
practically broken or safe when there is a given threat is rather
straight forward. If you're using RSA with a 512bit modulus, it isn't
secure by our standards today and it won't survive passive
eavesdropping. If an attacker is able to access an account and they do
replace the encrypted file, the attacker likely has a rather soft attack
surface to poke. Similarly, chatting on the street isn't secure, it may
simply be that no one was listening or the attacker didn't reveal that
they were listening.
Contextually I understand that one might feel safer but I think neither
stands up to real scrutiny when there is an attacker. It seems rather
straight forward to ensure that counter measures are taken and that the
underlying technology provides certain assurances.
All the best,
Jacob
More information about the liberationtech
mailing list