Share this page!

Matthew Green Profile picture
Twitter logo
24 Mar, 11 tweets, 3 min read
So it looks like NYC is deploying some half-cooked “blockchain” solution for vaccine passports. theintercept.com/2021/03/24/and…
Thank you to @samfbiddle for only using the G-rated quotes.
At one point @samfbiddle told me that IBM claimed to have a technical document explaining how their system worked, and it (in all apparent seriousness) proposed this diagram as a “system architecture” or something. I nearly blew milk out of my nose.
I’m pretty sure this is a scene from an old Legend of Zelda game.
Ok in all seriousness it’s probably worth explaining why blockchains aren’t a great idea for COVID vaccination passports (if we must have them) and also why IBM’s systems are very dubiously even “Blockchains”.
The problems that blockchains are great at solving are those where lots of people need to agree on some shared history, and the parties *really* don’t trust each other. Ownership of money is one.
Vaccination data is absolutely not an example of such a problem. All of the data comes from a “trusted” source. If a health department tells you someone got the shot, you have to trust them. They might be lying, but blockchains won’t solve that.
The only thing blockchains might do is make it slightly more difficult to hack into a database and change past records. But that protection is going to come with a cost, because blockchains are expensive. And anyway: who is going to do that with a vaccine database?
IBM, however, has unique and proprietary “private blockchain” technology that’s way faster than public chains like Ethereum, so maybe this balances the cost equation. Except that private blockchains don’t provide the same tamper-resistance, so it’s still kind of useless.
Now who knows. Maybe IBM is doing something deep here that isn’t available from normal databases. I’m open to hearing about it.

But instead we get Zelda.
I would laugh about this being an isolated incident, but the EU is *also* exploring vaccine passports — and they’re using *five* blockchains. Multilateralism at its best.

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Matthew Green

Matthew Green Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @matthew_d_green

Matthew Green Profile picture
22 Mar
Me: I’ve felt super productive this pandemic!

Department: Doesn’t look like it.

Me: *vanishes into a tailspin of insecurity*
Me: surely everyone else has been a little slower on publishing during the pandemic.

Me: *stupidly checks the websites of my theory friends*

Also me: *vanishes into a tailspin of insecurity*
Advice to new faculty: it is very important to make a friend in your field who will reassure you about why everyone else’s work is easy and yours is both harder and uniquely important. This does not need to actually be true for it to help.
Read 4 tweets
Matthew Green Profile picture
3 Mar
For most of my life I’ve waited for someone to post a credible claim that they’ve broken a major cryptosystem like RSA, and I’m pretty sure tomorrow I’ll still be waiting.
But that doesn’t make it any less fun to think about what a real (implemented) RSA break would look like. Imagine you were a genius who found an efficient factoring algorithm. You have so much opportunity for drama.
Obviously you could just post your algorithm but that’s boring and anyway practical people won’t be able to tell if it works, especially if it’s complicated and you’re not one of a very small number of researchers.
Read 27 tweets
Matthew Green Profile picture
20 Feb
Not to criticize good lists like these (go Apple!) but goddamn it we invented computers precisely to automate tasks like this.

Why isn’t each of these a button in the iPhone UI?
Ok so let’s try these checklists out and see what it’s like to lock a phone down. I assume I’m concerned about someone else accessing my iCloud account as well as apps being evil.

Here’s step 1.
Ok this works pretty well, but it gives me the following confusing exception.
Read 26 tweets
Matthew Green Profile picture
20 Feb
The new MacOS malware sounds unpleasant. arstechnica.com/information-te…
2013: It’s probably the NSA.

2021: It’s probably cryptocurrency thieves.
Also gagghgg I hate this. I mean: good. But gagh.
Read 6 tweets
Matthew Green Profile picture
4 Feb
How it started: How it’s going:
This is probably old enough that it doesn’t ring a lot of bells for people, so here: blog.cryptographyengineering.com/2017/12/19/the…
I was trying to be really low-key on this one, so let me make it really blunt. There is every reason to believe the NSA tried to subvert commercial cryptography in the 2000s, and now one of the architects of that work runs applied crypto at Amazon.
Read 7 tweets
Matthew Green Profile picture
29 Jan
I couldn’t tweet a better description than the headline for this piece: After SolarWinds breach, lawmakers ask NSA for help in cracking Juniper cold case. cyberscoop.com/nsa-juniper-ba…
For those who haven’t heard this story, the context here is back in 2015 hackers broke into the source code repository of Juniper’s NetScreen firewalls and introduced serious vulnerabilities. 1/
Everyone has heard of the SolarWinds supply chain attack, but almost nobody outside our little community remembers Juniper. We don’t even know who the ultimate victim was. And there’s a reason for that. 2/
Read 12 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!

Follow Us on Twitter!

Like this author's thread?

Get emails when @matthew_d_green has new unrolls!

Check out other threads from @matthew_d_green!

Read all threads by @matthew_d_green