On Sunday, March 18, 2018 at 7:47:22 PM UTC-4, Andrew Clausen wrote: > Hi Marek, > > > > > On 18 March 2018 at 23:12, Marek Marczykowski-Górecki > <marm...@invisiblethingslab.com> wrote: > > To be honest, I don't think we need more proofs of freshness there. We > > already have various news headlines (chosen from different countries), > > bitcoin blockchain and now NIST Randomness Beacon. What we might need, > > is timestamps - proof that canaries (or other files there) were > > created at the time included there, not later. > > > > What about including the hashes of all older canaries in the new one? That > way, anyone trying to counterfeit an old canary would have to somehow hide > all of the newer (real) canaries from the victim. > > > Kind regards, > > Andrew
I see your point there, Marek. I'm fine if you guys think we don't need another source for the proofs of freshness (we already have plenty). But, I do like the idea of adding the hash of the previous canary (sort of like blockchain) to make it impossible to counterfeit previous canaries. It still doesn't solve the problem of backdating the latest canary, but sounds like a good security feature. It'll allow us to not have to rely on a single cryptocurrency to prevent counterfeiting (what if in a few years Bitcoin is much weaker or a massive vulnerability is discovered). The primary reason why the warrant canaries exist is to hint at a possibility that a warrant or court order was served to the dev team without breaking any laws. But, let's suppose that eventually a court rules it legal to compel the dev team to counterfeit a canary. The modification of previous canaries shouldn't be of much use to law enforcement, but the creation of fake current canaries is vital for a secret warrant to be carried out. That is why I think that by timestamping canaries, it allows the Qubes dev team to find ways to delay/legally challenge the order long enough that the canary deadline passes. Then, they can cave into the government's demands, thus informing the users and also complying with the government at the same time. This will help a lot if the dev team loses the court case. -- You received this message because you are subscribed to the Google Groups "qubes-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-devel+unsubscr...@googlegroups.com. To post to this group, send email to qubes-devel@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-devel/a3e64e60-9b23-421d-b8d4-6d417bf7b815%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
