Re: [liberationtech] Secure Cloud Computing: Virtualizing the FreedomBox
Hi folks! I'm one of the architects of Tahoe-LAFS, and the founder and CEO of LeastAuthority.com, which sells Tahoe-LAFS products and services. On 22/04/14 14:05, Tom Ritter wrote: I'm pretty sure that TAHOE does provide confidentiality - the keys don't leave your device (more correctly, the gateway running on your device) unless you distribute them. Which you can, you can send the decryption key granting read-capability to anyone, but you don't have to. This is correct. On Tue, Apr 22, 2014 at 12:17 PM, Caspar Bowden (lists) li...@casparbowden.net wrote: It's a storage solution, and therefore not what actually Cloud is about in a business/industry sense, who want Cloud compute power to crunch usefully on encrypted data. I think you're on the right track here, Caspar. People need a lot more than just self-storage in the cloud. There are two dimensions that they need more: 1. sharing; Sharing is a lot different from self-storage. Most cloud storage crypto *cements* the self-storage nature into place, by adding an encryption key, held by the user, that cannot be safely divulged to any other user. Tahoe-LAFS is very different in this way, it doesn't impede sharing. (As Tom Ritter alluded above, sharing is easy in LAFS.) 2. computation; People do need storage, but they get a lot more value from apps. Most cloud storage crypto cements into place the no apps allowed, just data storage nature, but LAFS is at least potentially better: a. You can share your data with a remote server. Suppose you have a collection of data stored in LAFS. It could potentially be a large dataset, it could be heterogeneous in its schemas and storage formats (i.e., it isn't all in one tidy SQL db, but spread out in multiple formats and files). You started storing it in LAFS years ago, and have been incrementally adding to it and maintaining it ever since (i.e., you didn't plan ahead for what's about to happen). Now you decide that one particular subset of it, e.g. one particular SQL db, or one particular folder full of docs, or something, needs to be shared with a remote server so that the server can do something fancy with it. It is easy for you to send that particular server access to that particular folder full of docs, without divulging any of your other data to that server and without divulging *anything* to anyone else other than that server. b. LAFS can be integrated with client-side Javascript, so that all of the storage is encrypted and in-the-cloud, and all of computation is performed in Javascript on the end-point device (i.e. in the browser). I think things like this are the future. Regards, Zooko Wilcox-O'Hearn Founder, CEO, and Customer Support Rep https://LeastAuthority.com Freedom matters. -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Secure Cloud Computing: Virtualizing the FreedomBox
On Tue, Apr 22, 2014 at 11:47 AM, Caspar Bowden (lists) li...@casparbowden.net wrote: TAHOE is also cool, but doesn't claim to provide confidentiality. A TAHOE service provider would have no choice but to round-up/backdoor the necessary keys under existing US (FISA/PATRIOT) or UK (RIPA Pt.3) legislation [or Indian IT Acts etc. etc.] Oh, by the way, this part was incorrect. An example of a Tahoe-LAFS service provider is my company, https://LeastAuthority.com. LeastAuthority.com does not have any ability to acquire our customers's keys, nor to backdoor our customers. I wouldn't be surprised if we are the only cloud storage company in existence that can defensibly make such a strong claim. By the way, here's a rhetorical technique that I think is useful: Change the hypothetical attacker, the one who who might compel a service provider to betray its customers, from the government to the mafia. What if a service provider has customers who are blogger activists who are campaigning against Mexican drug cartels? What if an infamously violent mafia organization, such as the Zetas Cartel, contact the service provider and tell the provider that if they fail to cooperate, that their family members will be tortured and murdered? As far as the technical mechanisms go, these two stories have approximately the same consequences. Whether the attacker is an oppressive national government or a murderous mafia, the critical technical questions have to do with what powers the service-provider has which it can wield to deliver its hapless customers to the attacker. Anyway, when we designed the LeastAuthority.com architecture, we used the Zetas Vs. Bloggers story as our guiding story. That's why the result is (I suspect) stronger against that sort of threat than any other comparable service. Regards, Zooko Wilcox-O'Hearn Founder, CEO, and Customer Support Rep https://LeastAuthority.com Freedom matters. -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Secure Cloud Computing: Virtualizing the FreedomBox
On 24/04/14 19:21, Zooko Wilcox-OHearn wrote: On Tue, Apr 22, 2014 at 11:47 AM, Caspar Bowden (lists) li...@casparbowden.net wrote: TAHOE is also cool, but doesn't claim to provide confidentiality. A TAHOE service provider would have no choice but to round-up/backdoor the necessary keys under existing US (FISA/PATRIOT) or UK (RIPA Pt.3) legislation [or Indian IT Acts etc. etc.] Oh, by the way, this part was incorrect. An example of a Tahoe-LAFS service provider is my company, https://LeastAuthority.com. LeastAuthority.com does not have any ability to acquire our customers's keys, nor to backdoor our customers. This is semantics. If you provide the service to a customer, you can be forced to backdoor http://www.wired.com/2007/11/hushmail-to-war/ (let's define terms Customer, Provider, user, individual data subject if want to continue, else will get ourselves hopelessly confused - or if you point me at the part of the spec you think invulnerable will show you how FISA or RIP can round-up keys) It's in FISA 702 expressly, and as we now know, key disclosure can even be forced under S.215. Not saying this to knock TAHOE, but often in Cloud discussions, people are looking at a conventional threat model - protecting against external attack and insider *un*authorized access. But the new part of the threat model, relevant post-Snowden, is authorized insider access lawfully required by the jurisdiction to which that Cloud is exposed. The UK law RIPA Pt.3 (2000) was even written with extreme (and correct) detail to give powers to round up arbitrary number of key fragments (whether this might be defeated by lots and lots of fragments is debatable) -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Secure Cloud Computing: Virtualizing the FreedomBox
On 24/04/14 19:21, Zooko Wilcox-OHearn wrote: Oh, by the way, this part was incorrect. An example of a Tahoe-LAFS service provider is my company, https://LeastAuthority.com. LeastAuthority.com does not have any ability to acquire our customers's keys, nor to backdoor our customers. On Thu, Apr 24, 2014 at 6:13 PM, Caspar Bowden (lists) li...@casparbowden.net wrote: This is semantics. If you provide the service to a customer, you can be forced to backdoor No, this is wrong. I can understand why you say this, because you've looked at dozens — perhaps hundreds — of services which made claims like those above, and in every case it turned out that the service actually had the technical capability to backdoor its customers. Am I right? The Hushmail case that you cite was an early and famous example, and the recent Lavabit case is an example. But LeastAuthority.com is different from that, for a very specific technical reason. That reason is that not *only* is our operation free from customer plaintext and customer encryption keys, but *also* we don't deliver software to our customers. When new customers sign up at https://LeastAuthority.com, we send them a nice email explaining that now they need to go acquire the Free and Open Source software named Tahoe-LAFS. We recommend that they get it from their operating system provider, e.g. Debian, Ubuntu, or the pkgsrc system (http://www.pkgsrc.org/). Therefore if a government, or a murderous mafia, compelled us to cooperate with them, we would then say Well… okay, but… have you figured out how your target users acquires the software? Because, you know, if they're getting it from Debian, or from Tails, or something, then there's not a whole lot we can do to help you backdoor your target users…. Here's an open letter on this topic that I wrote to the Silent Circle folks when they shut down their mail service after the Lavabit story broke: https://leastauthority.com/blog/open_letter_silent_circle.html Regards, Zooko Wilcox-O'Hearn Founder, CEO, and Customer Support Rep https://LeastAuthority.com Freedom matters. -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Secure Cloud Computing: Virtualizing the FreedomBox
On 04/24/2014 03:09 PM, Zooko Wilcox-OHearn wrote: Therefore if a government, or a murderous mafia, compelled us to cooperate with them, we would then say Well… okay, but… have you figured out how your target users acquires the software? Because, you know, if they're getting it from Debian, or from Tails, or something, then there's not a whole lot we can do to help you backdoor your target users…. This is the same approach we've taken with Ostel.co and OSTN - we provide a service, but clients like Jitsi, CSipSimple, Linphone, etc come from other free-software sources. It is counter-intuitive in this age of a unified vendor for the app and service stack. Some people say that makes our usability poor, but if you consider not being backdoored as part of usability, then I think we do just fine. Keep up the excellent work, Zooko. +n -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Secure Cloud Computing: Virtualizing the FreedomBox
On 24/04/14 21:09, Zooko Wilcox-OHearn wrote: On 24/04/14 19:21, Zooko Wilcox-OHearn wrote: Oh, by the way, this part was incorrect. An example of a Tahoe-LAFS service provider is my company, https://LeastAuthority.com. LeastAuthority.com does not have any ability to acquire our customers's keys, nor to backdoor our customers. On Thu, Apr 24, 2014 at 6:13 PM, Caspar Bowden (lists) li...@casparbowden.net wrote: This is semantics. If you provide the service to a customer, you can be forced to backdoor No, this is wrong. I can understand why you say this, because you've looked at dozens — perhaps hundreds — of services which made claims like those above, and in every case it turned out that the service actually had the technical capability to backdoor its customers. Am I right? The Hushmail case that you cite was an early and famous example, and the recent Lavabit case is an example. But LeastAuthority.com is different from that, for a very specific technical reason. That reason is that not *only* is our operation free from customer plaintext and customer encryption keys, but *also* we don't deliver software to our customers. When new customers sign up at https://LeastAuthority.com, we send them a nice email explaining that now they need to go acquire the Free and Open Source software named Tahoe-LAFS. We recommend that they get it from their operating system provider, e.g. Debian, Ubuntu, or the pkgsrc system (http://www.pkgsrc.org/). So I had not realized that and, that is a very good idea generally, for these types of legal attack, and would be even better idea if we had deterministic compilers Therefore if a government, or a murderous mafia, compelled us to cooperate with them, we would then say Well… okay, but… have you figured out how your target users acquires the software? Because, you know, if they're getting it from Debian, or from Tails, or something, then there's not a whole lot we can do to help you backdoor your target users…. Here's an open letter on this topic that I wrote to the Silent Circle folks when they shut down their mail service after the Lavabit story broke: https://leastauthority.com/blog/open_letter_silent_circle.html I agree. Inadvertently, I muddied the waters by referring to Hushmail, since the storage providers in your system don't (and don't purport to) provide confidentiality Caspar -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Secure Cloud Computing: Virtualizing the FreedomBox
On 17/04/14 20:29, David Solomonoff wrote: This blog post was inspired by a recent breakthrough in homomorphic encryption at MIT: In 2010 I asked Professor Eben Moglen https://en.wikipedia.org/wiki/Eben_Moglen to speak to the Internet Society of New York http://isoc-ny.org about software freedom, privacy and security in the context of cloud computing and social media. In his Freedom in the Cloud http://isoc-ny.org/?p=1338%20 talk, he proposed the FreedomBox https://freedomboxfoundation.org as a solution [Now] data can be encrypted at every point until it is accessed by its legitimate owner, combining privacy and security with the flexibility and scalability of cloud computing. No longer confined behind a locked down private data center or hidden under the end user's bed, a virtual FreedomBox can finally escape to the clouds. Full article: http://www.davrola.com/2014/04/17/secure-cloud-computing-virtualizing-the-freedombox/ (I am not a cryptographer, but disillusioned former FHE-enthusiast, until I realized was irrelevant to real Cloud policy) Fully homomorphic encryption uses techniques utterly different to conventional encryption and is a ~trillion times slower. Even the integer version ~million times slower Apropos the blog, Mylar is cool, but doesn't use FHE. It sends the Cloud conventionally encrypted blobs to and fro - and the Client does all the work (thus neutralizing main vaunted benefit of Cloud, elastic and parallel CPU power). It also uses an encrypted search technique for indexing (which is also cool) TAHOE is also cool, but doesn't claim to provide confidentiality. A TAHOE service provider would have no choice but to round-up/backdoor the necessary keys under existing US (FISA/PATRIOT) or UK (RIPA Pt.3) legislation [or Indian IT Acts etc. etc.] There are partial homomorphic solutions coming along useful to specific scenarios, but using them will be state-of-the-art crypto engineering research.microsoft.com/pubs/148825/ccs2011_submission_412.pdf for foreseeable future FHE cannot rescue confidentiality in the Cloud. Caspar Bowden -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Secure Cloud Computing: Virtualizing the FreedomBox
On 22 April 2014 07:47, Caspar Bowden (lists) li...@casparbowden.net wrote: TAHOE is also cool, but doesn't claim to provide confidentiality. A TAHOE service provider would have no choice but to round-up/backdoor the necessary keys under existing US (FISA/PATRIOT) or UK (RIPA Pt.3) legislation [or Indian IT Acts etc. etc.] I'm pretty sure that TAHOE does provide confidentiality - the keys don't leave your device (more correctly, the gateway running on your device) unless you distribute them. Which you can, you can send the decryption key granting read-capability to anyone, but you don't have to. -tom -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Secure Cloud Computing: Virtualizing the FreedomBox
On 22/04/14 14:05, Tom Ritter wrote: On 22 April 2014 07:47, Caspar Bowden (lists) li...@casparbowden.net wrote: TAHOE is also cool, but doesn't claim to provide confidentiality. A TAHOE service provider would have no choice but to round-up/backdoor the necessary keys under existing US (FISA/PATRIOT) or UK (RIPA Pt.3) legislation [or Indian IT Acts etc. etc.] I'm pretty sure that TAHOE does provide confidentiality - the keys don't leave your device (more correctly, the gateway running on your device) unless you distribute them. Which you can, you can send the decryption key granting read-capability to anyone, but you don't have to. Yes, the fragments of data are brought together on your device (or a gateway someplace), in that sense it is no different from a pure storage Cloud (do it yourself crypto) but with better availability * Users do not rely on storage servers to provide */confidentiality/* nor */integrity/* for their data -- instead all of the data is encrypted and integrity-checked by the gateway, so that the servers can neither read nor modify the contents of the files. (https://tahoe-lafs.org/trac/tahoe-lafs/browser/trunk/docs/about.rst) It's a storage solution, and therefore not what actually Cloud is about in a business/industry sense, who want Cloud compute power to crunch usefully on encrypted data. CB -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
[liberationtech] Secure Cloud Computing: Virtualizing the FreedomBox
This blog post was inspired by a recent breakthrough in homomorphic encryption at MIT: In 2010 I asked Professor Eben Moglen https://en.wikipedia.org/wiki/Eben_Moglen to speak to the Internet Society of New York http://isoc-ny.org about software freedom, privacy and security in the context of cloud computing and social media. In his Freedom in the Cloud http://isoc-ny.org/?p=1338%20 talk, he proposed the FreedomBox https://freedomboxfoundation.org as a solution [Now] data can be encrypted at every point until it is accessed by its legitimate owner, combining privacy and security with the flexibility and scalability of cloud computing. No longer confined behind a locked down private data center or hidden under the end user's bed, a virtual FreedomBox can finally escape to the clouds. Full article: http://www.davrola.com/2014/04/17/secure-cloud-computing-virtualizing-the-freedombox/ -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.