[MyData & Open Data] This man thinks big data and privacy can co-exist, and here's his plan
stef
s at ctrlc.hu
Thu Aug 29 10:05:06 UTC 2013
On Wed, Aug 28, 2013 at 11:39:28PM +0100, William Heath wrote:
> Thanks Sam; thanks for the ref Andy. Stef: re your concerns: in broad
> design terms when an individual uses Mydex to create a personal data store
> they create their own key, and they alone hold it. So initially the
> individual encrypts the data with a passphrase only they know.
> Since Mydex itself does not hold they key this protects against the insider
> threat or superinjunction.
only as long as you do not backdoor your code under pressure and retreive the
data anyhow. so this argument/method does not protect against injunctions or
insiders. we are back in trust-us-land. this happened to hushmail for example,
which is pretty good crypto done by respected and established people. yet,
they could not defend against... blackmail - i guess? and they backdoored
their tool specifically designed for security which made very similar promises
as you do. but that backdooring wasn't done by crypto people i guess.
https://en.wikipedia.org/wiki/Hushmail#Compromises_to_email_privacy
will you shut down like lavabit did if so happens? how can we verify that?
--
pgp: https://www.ctrlc.hu/~stef/stef.gpg
pgp fp: FD52 DABD 5224 7F9C 63C6 3C12 FC97 D29F CA05 57EF
otr fp: https://www.ctrlc.hu/~stef/otr.txt
More information about the mydata-open-data
mailing list