undefined | Better HN

0 pointsnemomarx6mo ago0 comments

At minimum, bad actors inside the government could always use the access mechanism. What's your concept for preventing other bad actors from getting it though?

0 comments

tptacek6mo ago

"What if 'us' is bad" is a separable question from "is NOBUS possible".

I'm not advocating for it, I'm just saying the computer science of this matters, and a lot of people have objections to the concept of NOBUS that are more ideological than empirical.

AnthonyMouse6mo ago

I don't think it's a computer science claim to begin with. To my knowledge nobody has ever broken 256-bit AES, but that's not the part of the system that fails. There are two things that prevent it from working in practice:

The first is that "us" would be something like "governments in the US"; but then that's too big of an organization to sustain as free from compromise. There are tens of thousands of judges in the US, well over a million police and military. All it takes is one of them to be corrupt or incompetent or lazy and the bad guys get to use the skeleton keys to everything in the world, which can unlock secrets worth billions or get people killed. And that's assuming they only compromise the authorization system; if they actually gets the keys it's practically armageddon.

And the second is that it's not just one government. If the UK makes Apple and Google build a system to unlock anybody's secrets, is Australia not going to want access? Is China? Let's suppose we're not going to give access to Russia; can the fallible humans operating this system fend off every attack once the FSB has been ordered to secure access by any mean necessary?

It's a system that combines many points of compromise with an overwhelming incentive for everyone from state-level attackers to organized crime to break in and severe consequences when they do.

Nasrudith6mo ago

The logistics are non-trivial. If you have to be nation-state intelligence level of scale then no, you cannot maintain NOBUS level of secrecy because you have too many people involved. That sounds pretty damn empirical to me. The objections to NOBUS aren't ideological, they are moral by the way. They are literally choosing to keep vulnerabilities in place for others to discover under arrogant assumptions that they will be the only ones who will know.

dragonwriter6mo ago

> The objections to NOBUS aren't ideological, they are moral

“ideological” and “moral”, as bases for objection, mean exactly the same thing, though people will often use “ideological” to mean “based in principles of right and wrong that I don’t agree with” and “moral” or “ethical” to mean “based in principles of right and wrong that I agree with”.

nemomarxOP6mo ago

I think any practical implementation needs to have an "us" that's like "with a valid warrant" or secured on the govt end anyway, right? Otherwise you have to deal with "what if someone in the govt leaks the keys" or "what if someone in the govt is a spy". I consider those outcomes the same as foreign governments getting backdoor access basically.

j / k navigate · click thread line to collapse