Sarah Jamie Lewis Profile picture
Dec 9, 2021 4 tweets 1 min read Read on X
My ongoing rage at papers that define an adversary strong enough to compromise any participant at will, but weak enough that they are incapable of arbitrary protocol violations.
"We permit the adversary to perform all of these actions, but we assume they will never lie to the other members about it"
"We assume the adversary is omnipotent in regards to the internal state of protocol participants, but they will definitely never introduce arbitrary network delays."
Mostly I just wish you would say your protocol is insecure in the abstract, instead of making me wait until page 11.

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Sarah Jamie Lewis

Sarah Jamie Lewis Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @SarahJamieLewis

Jun 16, 2022
Canada's new proposed privacy law:

* "De-identified" data doesn't actually mean de-identified.
* Organizations are explicitly allowed to subvert "de-identified" data in order to identify people "for testing".
* The commissioner can authorize organizations to de-identify data. Screenshot of Canada's new ...Screenshot of Canada's new ...Image
There is also a long list of exceptions that allow personal data to be disclosed to a huge number of organizations (including hospitals, schools and libraries) under the ridiculously broad category of "socially beneficial purposes" ImageImage
A big fan of this hellish definition of "dispose" wherein organizations can just "anonymized" your data instead. Image
Read 9 tweets
Jun 16, 2022
Really excited about the upcoming @cwtch_im 1.8 release.

So much work has gone into the UX over the last couple of years and it really feels like we are moving closer to the goal of usable metadata resistant tools.
Thinking back to where it all started, years ago, with just me hacking on a little extension to ricochet it really has come a ridiculously long way thanks to the work and dedication of so many people!

We wrote about some of the bigger ideas recently - there is still so much we would love to do, and so many innovations to explore in this space.

openprivacy.ca/discreet-log/3…
Read 5 tweets
Jun 15, 2022
Last night I tested whether I could use the same antenna I use for GOES as a less-bulky hydrogen-line radio telescope. I swapped out the LNA and plugged it into the pipeline I wrote last year.

Turns out it works pretty well if you are looking for an off-the-shelf option.
Here is the spectrum chart from last night. I didn't both calibrating so there is way more noise here that could be easily removed.
Thread from last year with the same charts made from data taken from my home-built horn antenna:

Read 5 tweets
May 10, 2022
If you want a vision of the future, imagine an endless line of do-nothing, jobsworth, bureaucrats demanding you use ever less secure forms of communication – forever.
I want to be very clear that there can be no compromise on this position. Any attempts at weakening end-to-end content encryption or demanding metadata surveillance must be seen clearly for what they are:

Attacks on democracy and free society.
You deserve a present and future where the technological extensions of yourself are under your control rather than agents subject to the bidding of meddling authoritarians
Read 6 tweets
Mar 7, 2022
Begging people to understand that given:

1) "We will not hand over data we collect"
2) "We cannot hand over data because we automatically delete it"
3) "We cannot hand over data because we never had it in the first place"

Only (3) is actually secure against a state.
That includes super-duper promises made in press statements and pinky-swears.
If you haven't yet worked out that policy promises made by tech companies regarding what data they give to state actors mean absolutely nothing I can only assume you have been living under a rock for the last several decades.
Read 4 tweets
Feb 20, 2022
Begging crypto twitter to stop conflating the orders of a Canadian Provincial court based on well established legal procedures with potential impacts from Federal emergencies act invocation.

There is a lot to criticize and be concerned about, but conflation muddies the water.
I am very troubled by the invocation of the act - and more so with statements made by MPs to put forward legislation to make some of the powers relating to financial surveillance and/or censorship permanent.

While all extra-judicial freezing of assets is reprehensible I am very concerned with claims made in the house of commons this morning that Canadians who donated small amount of money are having their accounts frozen - if verified, those kinds of actions need intense scrutiny.
Read 7 tweets

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us!

:(