This is about work done with a nonprofit to try to find a way to prevent infected people from entering a location in a privacy-preserving way.
(Stopped this work when it became clear that this was being built for a world which wouldn't exist any time soon.)
Right now, we ask people to self-diagnose, which requires on diagnosis and truthfulness
There are stronger mechanisms like PCR tests
How to make showing that you've been testing easy and private?
Safety is hard:
* easy to transmit
* easy to travel
* asymptomatic transmission
* people don't believe or care
What's the privacy risk?
* centralized design would let your health care provider see everywhere you go
* peer to peer is hard to trust-model
* self-sovereign identity is like p2p but with more privacy risks (because blockchain)
Some places are using centralized -- is it worth it here?
* we're actively struggling against discrimination
* lack of trust
Decentralized design
Hybrid approach
* decentralize sensitive info
Who would this serve?
* "opening up" is for the economy, but the economy is made of people
* we should support people in their efforts to protect their communities
* support people so they can stay home
Actors in this system
* ephemeral pass authority
* identity verifiers
* health workers
* policy admins (enforcing entrance policies)
* individuals (who want to enter a place)
What do policies look like?
* must be public so people can check before they go
* there can be non-enforceable policies as well (e.g. 10' social distancing)
Core protocol
Core protocol (from the prover's perspective)
What you give and get back (graphically)
Identity verification (credential creation should be expensive to make a bunch of identities you can use to spoof)
Note that you can't put PII in the output of the proof due to privacy requirements
Health verification: show nothing, get a Magic Code
Now you have proof... but you can't use it directly because it could be used to track you. So you send it to a central authority and get back Ephemeral Pass (cryptographic proof which doesn't expose your info)
Hard to collude to track you.. but the central authority needs to be transparent because that's where the risk lies
Now you can enter without sharing sensitive information
Your credentials are still revokable in case you're lying about your identity or malicious noncompliance with rules like masking or distancing.
Enforcing isolation -- can do some revokation of proof in case of e.g. positive diagnosis
Sample timeline
* disinformation is running rampant and anti-vaxxers and anti-maskers are putting everyone at risk. we need protections
* digital contact tracing works well if people isolate and get tested... which people aren't
* we are already using vaccination records to restrict movement
* should never have to put your health information on any kind of blockchain
* should be able to verify yourself offline without exposing your sensitive information
* need a paper fallback because not everyone has the same (or any!) tech
* need to be really careful to make sure to support everyone, especially people from marginalized communities
Hang in there and stay safe!
[end of talk. Apologies that I couldn't transcribe the diagrams at the speed of livetweet.]
• • •
Missing some Tweet in this thread? You can try to
force a refresh
Last talk of #enigma2021 by Marcus Botacin: "DOES YOUR THREAT MODEL CONSIDER COUNTRY AND CULTURE? A CASE STUDY OF BRAZILIAN INTERNET BANKING SECURITY TO SHOW THAT IT SHOULD!"
The outcomes I get from my analysis of malware I find in Brazil were quite different than what I saw in analysis of malware from other researchers. Why? Because the malware attacks were different!
The Brazilian banking system:
* let's move banking to computers (80s)to keep up with hyperinflation
* desktop clients for users... and the attackers migrated from physical to fake desktop app attacks -- that would only work in Brazil because that's where the banking was
Content note: this talk is about online abuse as some of the content may be upsetting
Got pulled into this after a screenshot of a class assignment sending folks to post on 4chan to post about race/gender/etc issues got posted on 4chan without the email address... so the 4chan folks thought it was @gianluca_string. It wasn't, but they doxxed and harassed anyway
Kicking off the last session of #enigma2021, @katestarbird is speaking about an extremely pressing topic: "ONLINE RUMORS, MISINFORMATION AND DISINFORMATION: THE PERFECT STORM OF COVID-19 AND ELECTION2020"
This talk is going to go through the experience pushing the boundaries on sandboxing in the Chrome browser
What is sandboxing?
* breaking something into lower/higher privileged process
* necessary for browers, OSes, VMs etc.
Chromium uses to reduce the amount of privilege of the application: also to reduce the amount of privilege for code that touches websites (renderer)
* split different websites into different processes
* good defense against logic bugs (e.g. same-origin policy)
Next up at #enigma2021, Alex Gaynor from @LazyFishBarrel (satirical security company) will be talking about "QUANTIFYING MEMORY UNSAFETY AND REACTIONS TO IT"
Look for places where there are a lot of security issues being handled one-off rather than fixing the underlying issue
We tried to fix credential phishing mostly by telling people to be smarter, rather than fixing the root cause: people being able to use phished credential.
Zoom's launched end-to-end encryption 5 months after the white paper was published
* prevents eavesdroppers between users who are speaking to each other
* protection against compromised servers