WHAT IF the NSA had full access?

To be perfectly clear, I am NOT saying this is the case, nor am I trying to smear anyone affiliated with this project. I am merely raising this issue for consideration and of course discussion.

TrueCrypt was a respected encryption software organization. Seemingly out of the blue, its anonymous developers announced they were no longer going to maintain their own product. Whether you want to read the public message as a pneumonic device in Latin, to imply the NSA was involved, or you want to argue that a professor’s looming audit ( http://krebsonsecurity.com/2014/05/true-goodbye-using-truecrypt-is-not-secure/ ) scared the developers, either way, this software lifecycle ended prematurely and in a very fishy fashion.

The NSA compromises the very software and hardware that individuals and companies alike come to trust for securing their data against 99.9% of threats. They have many tools at their disposal, as we’ve been learning through Snowden leaks. The most recent revelations are that they have tapped into embedded firmware in Harddrives and SIM cards, giving them full backdoor and undetectable access.

Although a sensitive topic, this needs to be asked, put on the table and considered. What if the NSA compromised the SAFE Network before they even went live? (I want to say ‘before we go live’, but trying to stay objective here.:slight_smile: They might employ hacking, political pressure, public smear campaigns, blackmail, and many other dirty tactics to get their foot in the door.

Imagine millions of users and businesses come to trust the SAFE Network. They find out a year or two after launch that the NSA had unfettered access through an unknown backdoor (via another whistleblower?). How would that affect this system’s public image, how / when / IF users access the system, how YOU see the SAFE Network, Safecoin’s valuation (implosion), etc.?

1 Like

This is exactly why I continually harp on about not only open source but open source and readable. Trucrypt was a fantastic example of incredibly complex open source, which is basically obfuscated code.

We are currently doing a really massive test in the background that leads to significant code simplification, yes tough and I have not made friends in the office this last few weeks, but it’s absolutely critical the system (all of it, build system, modules, tests, benchmarks) including the source code is audit-able with very little effort.

I completely agree with Alex Stepanof when he says instead of rewarding the dev who writes 70,000 lines of code, sack them and get somebody that knows algorithms and understands a strong type system to produce small beautiful code.

People miss this crucial part all the time, Open source when complex is dangerous and should be considered compromised. It’s also not future proof either so will stagnate.

My drive since the turn of this year is to act like a crazed samurai and cut as much complexity as possible to replace it with concise clear code. Very very tough at this stage but the rewards will be incredible and probably invisible as folk just extend it and we get many more core devs than we ever would with a monster code base.

So smaller, clear code means more efficient faster applications that are future proof and audit-able, then we can say we are Open and Safe, Anything else is not acceptable and I will be ferocious when presented with complexity that is not needed, regardless of arguments and squealing, it’s not happening to this project. This is way more important than any ego and to harm it with complexity is worse than an NSA back-door, much much worse.

Very soon everyone will see and feel these benefits, they are significant and will alter this project from slow moving Goliath to very fast moving and nimble project with a mechanism anyone will be able to grab it and test it in a few minutes or so ( a single copy/clone and build, no nonsense). I promise this will happen and is very close to being a reality now. This week is significant for us, I will need to let the team breath for a few days after this push, but it is absolutely correct and vital to security.

18 Likes

I think there are a few too many layers to MaidSafe to be cracked in one fell swoop…

Every file is encrypted split 3 ways and saved in three different places with no relation of the 3 files to one another.

All in all - I am fairly confident that MaidSAFE prevents mass surveillance… An account at a time may be compromised, but that is a totally different set of politics.

From what we know, NSA already has full access to all the alternatives, or we ought to assume they do. So maidsafe certainly won’t give them anything they don’t already have – just adds a bit of complexity.

8 Likes

It’s very likely they do or if not then they’ll find some way to get full access.

It’s really cat and mouse. It’s not absolute. No secret is absolute.

You’d be wrong. It really depends on the lowest layer, the foundation, not how many times you encrypt but whether or not the process of encrypting is secure.

There are many ways to do side channels and compromise the private keys or random number generation.

Even if you do everything right on the software side the hardware is insecure. It’s not really something you can secure completely with good software.

What Maidsafe ultimately does is make it much more expensive for the NSA and others to compromise everyone in dragnet style. On the other hand if the NSA has a reason to focus in on someone then it’s very easy to compromise the private keys through a multitude of side channel attacks. The hardware might not be secure so even if you do everything right it’s going to required trusted platform module or similar hardware based random number generation. Even with that there are side channels but at least with that it’s not going to be cheap.

1 Like

I agree, but you need to eat the elephant one bite at a time and complex code is a huge red flag if you are looking at security. Back doors are easy, even worse zero day exploits not reported but known by some people that use these. I am very sure this has happened a lot recently.

So we make it harder and continue to make it harder. It is a horrendous situation with hardware (even intercepting delivery) and tampering so we need to continue down the road. I am very sure more inroads will come along.

6 Likes

I completely agree with that. I also think if code is easy to read it’s a lot easier to audit.

5 Likes

I hope I’m not adding too much redundancy to the forums in saying this, but I have been concerned about such hardware issues for a long time, and still feel uncertain (but hopeful) about how resilient the SAFE Network will prove to be against state-sponsored hardware/firmware attacks.

Closed-source hardware/firmware with unknown behaviors (which may be specifically designed to suppress technologies like SAFE) seems to be one of the biggest potential threats to the Network. I can imagine a future in which all computers would be legally required to be manufactured and shipped with “Trusted” chips designed to make the SAFE Network infeasible, if not nearly impossible. People making or using computers without such chips would be treated by the law as criminals or terrorists.

It seems to me that the greatest losses of freedom throughout history have come with the support (however misinformed or misguided) of the majority. If propaganda against the SAFE Network is successful in causing the majority of the public to perceive SAFE as an unacceptable enabler of “harmful” or “dangerous” content (e.g. “terrorism”, weapons, child pornography, drugs, piracy, non-consensual publication of private information, etc.), I can imagine the majority supporting government efforts to censor networks like SAFE. The people lose their freedom, and they thank the authorities for taking it away. They are safe from SAFE.

(Which, of course, may also lead one to wonder if the name “SAFE” itself was a pre-emptive attempt to combat such propaganda.)

2 Likes

But that’s the wrong play. They are in the business of duping as many as possible, not running PR campaigns. Despite false negatives, or false positive arguments against NSA programs, the move that fits them best is to conduct business as usual from a public perception, secretly install a backdoor via compromised hardware, unknowingly to the MaidSAFE foundation, and mine user data associated with SAFE clients. This way, users who log in to the SAFE Network thinks it’s fully encrypted and their data obfuscated.

I can see how MaidSAFE is building a reputation for being “unbreakable” before even going into BETA, so this would be NSAs perfect honeypot, IF they can inject a trojan.

1 Like

I use the approach to assume that the NSA can snoop on everything. In practice the NSA can probably not get access to all information, but just to make it easy I make the assumption that they can. :smile:

The Chinese government I think it was, banned the use of Windows 8, or something like that. They probably discovered that data was sent to Microsoft (and from there fat pipelines going directly into the NSA), and when they tested the Intel chipsets they could have discovered hardware key loggers and all kinds of back doors like that, ha ha.