Tips for 3-letter agencies wishing to infiltrate and subvert the SAFE Network project


#1

How have the intelligence community so far behaved in its axiomatic hostility towards this project?

Surely, everyone involved with a modicum of imagination and cynicism, realizes that TPTB must be very wary of this project’s would-be success and the ramifications thereof. Naturally, they have instructed their intelligence organizations to take appropriate measures to both keep abreast of the project’s progress as well as make analyses as to the consequences of such a success.

I am convinced that initial hunches among TPTB as well as solicited reports by the intel gathering will cause (have caused) great alarm. (Does anyone disagree?)

Consequently, there is every reason to believe that the int’l intelligence community is already hard at work with the mandate to derail this project.

Maybe that can’t do it. Maybe every measure has been taken to safeguard the sustainability of this project.

That would be nice.

Maybe, on the other hand, there are chinks in the armor where wedges are being surreptitiously being applied.

Has this been discussed before in a comprehensive way? (Give me some links!)

If we try applying the tried and tested strategy of assuming the role of Devil’s Advocate, let’s assume for the moment that you have been recruited as an expert consultant based on your intimate knowledge of the workings of this community and the way technology is selected and developed, to give first-rate advice on how best to defuse, or at least to the highest possible degree attenuate, the future threats to centralized power posed by SAFE Network.

Remember, insidious and undetectable must be the first rules of engagement!

What would your recommendations be?


#2

TPTB???

Honestly I wonder if they have even heard of it apart from a 10000+ long list of those “crazy” crypto projects out there. If they even know of the project apart from just a name on a list.

Go outside of this forum and for people to even know of this project at this time is very few and very far inbetween.

At this time I would be surprised if they see it any more than another cloud storage system with encryption. Like the others out there.

This doesn’t mean I think it will remain that way, but the practicality of it is that the ABCs do not have the manpower to be watching the 10000+ crypto projects out there that all claim in some way to make the world anonymous, e.g. anon payments which is serious for the ones involved in terrorism. Also to be watching a project that still has not even got past initial testing of a couple of components would mean they would need to be watching so many projects. Which one is going to cause them problems? Which ones should they spend more time watching? At this time we still are just a project being built for 10+ years by a tin pot company making all these seemingly outrageous claims.

Now when it reaches release candidate stage they might be interested, but will they have been worn out by all the time they have been watching and like the kangaroo in the headlights just not see it going live. (That is if they even have it on a watch list)

Personally I am of the above opinion that SAFE is too small, looks too much like a storage project, looks like it can be handled if something comes up later on. In other words the ABCs are not going to “waste” time on a tin pot project that is unlikely to succeed (in their eyes) and is just another encrypted storage project. Also I am of the opinion that they will be caught by the fact the network will be too large by the time they actually investigate the network to be able to do anything. The ABCs have a massive failure rate in their intelligence gathering and we’ve seen a number of examples where they knew of the problem but didn’t act. They are not so all knowing as the governments/novelists/Hollywood would make them out to be. And there are much bigger fish out there than this project to go after.

Even Wickr (the end to end encryption messenger) was not noticed until the announcement at a computer conference. And that is a really important anonymous messaging system. Its the anonymous messaging that would likely interest the ABCs about SAFE rather than storage and its rarely mentioned by the team or the forum.

Anyhow I could be wrong and the ABCs have 10000’s of quality people just watching the crypto projects and the ones watching SAFE are laughing at all I just said. Who knows.

Yes many times. Searching various terms might work. Often it is a side issue being discussed.

The stuff of spy novel writers hey :thinking:

I’d say that what is working against this sort of attack, which by the way would be expensive for an ABC to pull off, is that unlike most infiltration attempts in private circumstances (company or criminal gang) is the openness of the Maidsafe company and how no one person controls the direction of the software apart from the initial goals and design and keeping project on track by David. So the person to subvert is David and even then it would be pretty obvious. Whereas in private companies or criminal gangs is that secrecy allows them so much more easy infiltration and control if they want.

The other is that the code is reviewed along the way and it’d be difficult to subvert the code and the direction of the modules is discussed and reviewed meaning its difficult to subvert that process too.

And to top it off we have people like tfa and mav who trawl through the code from time to time looking for issues that might cause the network to fail.

I’ve worked in small teams doing research & development (one secret) and people get to know each other. Maidsafe is not quite as small as those I was in but still small enough for this intimate knowledge of each other to be known. Those pub sessions reveal a lot :grin:. And since (unlike the projects I was in) everything is open to the world, code included it would be even more difficult than what I experienced.

My experience and opinions obviously.


#3

Very good, neo! You made an excellent case for a tried and tested modus operandi of that community: appeal to ridicule.

I wonder how this community will respond to it.


#4

Never underestimate the “enemy”… understanding the bleeding edge and making use of it ahead of others is large part of what they do but that might also suggest a positive - afterall they work in our name on the back of our taxes for our interests… but I jest.

If they are one step ahead then they probably know better than most that the value of simply data, is not much good for reflecting reality and a return to more human intel is warranted. The future of encrypted cloud space is to be expected, there’s little point in resisting it - as that would suggest an exponential effort going forwards and they would want the simplest effort for maximum effect. If they cannot hobble base fundamental encryption packages (NIST like actions to introduce new for example), then they likely will accept that reality is showing them two fingers and look for alt leverages on what matter to them.

TPTB worry about macroeconomics and natsec above all… and of course covering their own arses… pretty large arses they are :wink:

The upsides to SAFE tech for macro-economy far outweigh the negatives. :+1:


#5

A welcome hackathon. Just another day at the office for the Boyz & Girlz of Troon.


#6

I think there’s an aspect for which people used to working around hackers may not be adequately prepared, viz. social infiltration, That’s a different game altogether.


#7

It’s a two way street… and every challenge helps make what does arise robust. The irony that is often missed is like the Streisand effect… efforts which compound the reality. Aside from the obvious shooting the principal objective in the foot, there are more subtle compounding effects that occur. It’s all good. We have reality on our side; a solution to a problem that people need, can only be frustrated for so long before it wins. TPTB know enough to work with and not against what is right and good for society.


#8

People may laugh, and I think those refuting your idea have already made some interesting points, but I do see where you’re coming from. The things that the government here in the UK did to people in the 80s and 90s who were trying to save the planet does sound like some pretty far fetched spy novel. It would be nice to think that the right way forward for humankind would inevitably win out, but I think history suggests that sadly this doesn’t always happen. It was David Hume who said “It is not contrary to reason to prefer the destruction of the whole world to the scratching of my finger,” and I think the SAFE Network certainly has the potential to scratch a couple of people’s fingers!


#9

They are clumsy and they do make errors - for all their disingenuous denial… but we’re optimistic perhaps because that is the only way to move forward. The more conservative approach to life and progress, doesn’t succeed on so many levels, that chances are that the better solution and approach wins over the one that is less in tune with what reality encourages. Also, I think appealing to their better nature, is not without effect. All organisations are made of individual people and in the same way as the idea that for bad to succeed requires good men to do nothing, the same it true for any organisation - sitting by while the org goes off a cliff is no good and all minor analogies are the same thought… do it right.


#10

I suspect such organizations are large, bureaucratic and have internal wranglings. Maidsafe may have registered (maybe by title) on emerging threats. But Its too early; reality is that the project is non-complete and isn’t be used by anyone other than a handful of development enthusiasts. Not to say it isn’t a problem, but such agencies will invest time and space on matters that move the dial.


#11

Well I do see where you are coming from and do agree that we need to consider what can be done. But presenting my view at this current point in time, I thought had some value and allows others to use those points as springboards as to why my opinion maybe wrong. Also I presented the social infiltration aspect and what obstacles that were needed to be overcome for the ABCs to effectively do anything to the project. But you handwaved those points away as if my points were of no value whatsoever. Thanks for putting me in my place of worthlessness and aiding the ABCs to keep their operations under wrap.


#12

Definitely and my opinion of the situation at this point in time was in no way meant to be a “lets do/consider nothing” scenario. But one where we can not use Hollywood/novel writers scenarios but use reality and the hurdles they need to overcome in order to infiltrate the project. Me thinks my motives/points were misunderstood. Forgive my attempt to provide a counter balance to the conversation.

That might be able to expose malicious code inserted. But doubtful it can detect derailment by social engineering means.

Good point. Whatever the ABCs do it will have to be subtle and not inadvertently advertise the benefits of the SAFE network.

This is where I think the project is at the moment too. It will be interesting to see at what point their view of SAFE will change. Personally I think they will be too late in recognising what SAFE is and its potential to free the world, and be unable to stop it or derail it. Historically they have been too late with most of the new end-to-end encrypted services. Its only after years they now try and subvert them.

Anyhow it seems the OP wasn’t after the reasons why not but what they could do to subvert/divert/destroy the project.


#13

True, I didn’t pursue that, Perhaps the triple question marks in the beginning and the couple of smileys threw me. I think that must have been it. Such items tend to have that effect on me.

OK, you’ve worked on a few research & development projects (one secret), and you get to know people when you all go out for beer every once in a while. And you think that would make it hard for someone to hide their nefarious agenda from the rest of the gang? Well, perhaps that agenda is simply to make analyses of the project’s progress and evolution and submit their reports to their handlers? Perhaps those who receive these reports have access to a full survey of all academic research that has ever been made on why good projects fail? (Perhaps there is a specific discipline inside the social sciences, perhaps where they interact with “business science”, that studies this solely, with professorships and doctoral theses…) Perhaps they possess perspicacious understanding of the various mechanisms that are involved, perhaps very subtle and indirect mechanisms, perhaps involving interpersonal interaction of specifically identified and categorized personality types. Perhaps they have this down to a fairly precise science and know how injecting certain inconspicuous stimuli can cause friction, can cause certain key people to go tired and quit (perhaps even with a public exchange of recriminations, a nice bonus). Just to elaborate on one such possible angle, I’m sure there must be several.

Perhaps they know how making a series of structurally characteristic decisions will invariably cause a project to become drawn-out beyond the endurance-limit of many people?

Those are my immediate thoughts on how a truly intelligent intel community (as opposed to the fumbling, incompetent one you envisage) might attack their derailing task.

And what’s more, speaking of fumbling and incompetent intelligence agencies, should we even use that as a tentative premise for our discussion? I think not. Quite contrarily I must assert that we should clearly reject and rebuke anyone attempting to introduce that as a premise, even a would-be premise. Because it makes us less vigilant, oblivious to facts and events that ought to trigger in us reflection and consideration (not to mention suspicion), and pointed discussion. Who would be the sole beneficiary of a general appraisal of intelligence agencies as oafish, slow-moving, blunt, not really very intelligent at all? Well, the intel community itself, naturally. Cui bono!

Thus, our axiomatic attitude towards infiltration and corruption from actions by malevolent powers (and they could be private also, who destroyed the Occupy movement?) should be one of clear and present danger (by assumption if not evidence).

And, of course, “fumbling and incompetent intelligence agencies” could hardly be expected to distinguish the SAFE Network project from “10000+ crypto projects”…

Are you kidding me?

ARE YOU KIDDING ME???


#14

What do you mean exactly with the ABCs? Is that a synonym for Three-letter Agencies?
TPTB = The Powers That Be, that was easier to find.
Ps: the agressive approach, divide and conquer.


#15

Weell… :blush:

At this point, I would go with trolls.

I would start with sending someone like you to stir up collective paranoia just to test how alert the community is. I would definitely instruct you to go overboard, as to induce a careless attitude and negligence to balance out your overzealous act.

In line with you, another agent would repeatedly explain that it’s either that intelligence agencies don’t care because the entire project is a pipe dream, or they will act by ruining it when the completion is nigh and the launch flickers on the horizon, thus it’s always just a pipe dream anyway.

I would try to sabotage the project financially by attempting to drive the community to implode through paranoia and distrust that would entail a heavy sell-off of the proxy token.

Either way, I would always start with someone who is so overly cautious they would cause the community to ridicule even the slightest notion of this project being on the radar.


#16

Yes, used to be commonly used years ago. Maybe not so much now.


#17

Here is a post from a long time ago that might be useful for this discussion. This would be in the area of subverting the community’s perception of SAFE And yes @Halvor I did get the point of the topic and would have engage further if I wasn’t so dismissed out of hand with handwaving and things like “are you kidding me” well no I was not kidding and have been around the block a number of times. (also look at other projects and see what has happened in them, history is a good teacher that one should not ignore)


#18

Moderators especially need to pay attention to the above. Trust your gut feeling after reading the above. If you get that feeling in every sinew … but think to yourself “just this once I’ll let this poster distrup, to demonstrate what a balanced mod I am” your going to lose.

Get the gavel out. Smack that mole down.

Keep forum membership hoops up,make people do some work for their membership. Doing it once, as a legit user is absolutely ok. Someone creating multiple accounts will bitch and moan as you remove their army one by one.

The following might not be popular here… but we don’t have a SAFEnetwork yet,

Subscribe to and rotate daily an IP block list.

Rotate and block a list of tor exit IPs.

… start a forum on the test net asap so any legit users won’t suffer from above.

If not fully block users, stagger what people can do on the forum from different IPS.

Forbid registration and "read time’s from one set of IPS

Allow reading from all…

Etc…


#19

That is an excellent reference for counteracting one type of project sabotage! In our case, however, that may not be the biggest threat. But all the same, an important reminder.


#20

I think the most obvious way to attack the network would be to attempt to control a large portion of nodes in the network. Tor has already had this problem, where it is believed the NSA controls a good number of exit nodes, possibly even a majority of them.

In the same way, they could disrupt the network, introduce nefarious code, or block consensus with enough control. This project doesn’t have quite the vulnerabilities as something like Tor exit nodes, but maintaining control of enough nodes could certainly introduce issues, especially if they move in early on with little competition.

Thus, I would propose purposefully marketing to these “ABC” agencies across the world once the project hits Beta. Contact them and show them the potential power of the network. Why? Because there is no doubt in my mind that the NSA knows of this project and has a plan for it if it were to come to fruition. They have virtually unlimited resources numbering in the tens of billions of dollars, and possibly hundreds of billions when you bring in inter-department cooperation between the DoD, and DHS (not to mention defense contractors). To assume that they don’t have analysts on staff studying these crypto projects is naive, IMO.

However, there are a lot of other agencies outside the US, none of which come close to having the resources of the NSA. It’s possible, and maybe even likely, that many other international spy agencies are not aware of this project. So, to combat the NSA, make sure all of them are aware of the project and its potential. Make these countries want to invest resources in trying to one up each other to keep any one organization from gaining control of too many nodes. Use their own distrust and competition against them. Thus, governments around the world would end up jockeying for the most nodes and more control, giving the network more resources, and keeping any one power from manipulating the system. It’s a win for the network, and security.