[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

CryptoSeal shutters, ala: LavaBit

To: "[email protected]" <[email protected]>
Subject: CryptoSeal shutters, ala: LavaBit
From: [email protected] ([email protected])
Date: Tue, 22 Oct 2013 06:37:29 -0400
In-reply-to: Your message of "Tue, 22 Oct 2013 00:08:29 EDT." <CAFd=HCd9uUBh1_f23XNeDmcMGu0W6bNr+qh80_gkF-2uFZ4gKw@mail.gmail.com>

My biases, such as they are:

The topmost aim of security design is to choose tolerable failure modes.
The topmost aim of security engineering is to have no silent failures.
A state of security is achieved when there are no unmitigatable surprises.

That said, the challenge here is to pick what are the tolerable
failure modes, to ensure that when they occur that they are neither
silent nor silenceable, and to have mitigations in hand against
that day.  Easier said than done, of course.  Would that it were
possible for one lone wolf to have a flash of brilliance leading
to compact satisfaction of these needs, but I doubt that possibility.

YMMV,

--dan

References:
- CryptoSeal shutters, ala: LavaBit
  - From: [email protected] (Kelly John Rose)

Prev by Date: Undernet IPv6 Interop [was: Enigmabox/cjdns]
Next by Date: [liberationtech] Google Unveils Tools to Access Web From Repressive Countries | TIME.com
Previous by thread: CryptoSeal shutters, ala: LavaBit
Next by thread: CryptoSeal shutters, ala: LavaBit
Index(es):
- Date
- Thread