According to you what is the NSA actually doing against Maidsafe ? I mean if I were Commander of the United States Cyber Command, I’d have asked last year a report about Maidsafe and the possible ways to Infiltrate the Maidsafe organisation and be able to press on important choices, find a method to set a backdoor… What would you propose if you were officer and asked to plan something against maidsafe ?
3 Likes
I doubt that the NSA is worried about MaidSafe. The NSA can probably break encryption like RSA etc. Same as with the Tor network. MaidSafe will definitely be secure enough for ordinary protected use though I believe.
So, does MaidSafe use RSA?
And breaking doesn’t scale. They’d have to have a backdoor.
I hear they’re sending sexy female spies to each city where there’s a SAFE Pod. Developers beware!
9 Likes
David said that MaidSafe uses standard cryptographic technologies. If I remember correctly including RSA with long (4096 bits?) keys.
“As if it wasn’t enough that the NSA paid RSA $10 million to adopt an algorithm that wasn’t entirely secure, …” – Researchers Break RSA 4096 Encryption With Just A Microphone And A Couple Of Emails
3 Likes
I believe RSA encryption is used at some point in the process, but I also remember David discussing that the system is resistant, even if such codes are compromised. There is, after all, self-encryption, data dispersal, node anonymity beyond close group, geographical random dispersion of nodes and data particles, etc.
Back door would be the only option I can imagine, and it’s hard to think of something like that getting past all the core coders, even if one or a couple were indeed compromised.
But, then again, who knows with the NSA. They’ve some clever folks and a lot of resources.
4 Likes
The low hanging fruit will, for a long time, be targeted credential theft. The user’s device and their credentials is by far the weakest point of the system, and once launched, securing this will be an ongoing process.
I’m not sure there’s the possibility of a backdoor into MaidSafe because data is self encrypted, but supposing there was, a backdoor is costly to obtain, and vulnerable to discovery and being closed, at which point you’re back to square one.
6 Likes
To me they might want to try to slow its adoption with smear and scandal. It seems lives may well be lost over trying to stress test this tech. If so they may try to portray the approach as unreliable. But it would just be a stalling tactic. Do they really care much about being able to snoop for real security issues. It may be that their snooping is really driven by trying to stop exposure of bad actions. At this point they may be a pure bad actor in a totally defensive mode. Maybe that is all they ever were. They’d be working to stop stuff like what became Watergate from leaking. Entities like wikileaks would be directly opposing their mission. They simply exist to suppress.
It wasn’t the RSA encryption that was backdoored but an obscure (optional) library from RSA Inc. used in RSA encryption.
When they scanned the internet to find all those exposed hosts that used that library (BSAFE) they found “as many as” 700 servers.
That’s unrelated to MaidSafe.
While there may be other backdoors we don’t know of, MaidSafe is much more secure I would say because the gov’t can’t even know if one actually has a MaidSafe account or not.
1 Like
MAIDSAFE breaks down data into shards that are encrypted and sent all across the network - and only your computer has the keys to put that data back together again (unless it’s public data I presume)…so now the only way to break into someone’s data is to break into their machine and gain access to their password.
MAIDSAFE is open-source, so a back door would be discovered sooner or later - probably sooner as MAIDSAFE is advertised as secure software - so it’s going to attract many people who will try to break it - and that means analyzing the code. I expect, the MAIDSAFE community will also be offering bounties for security holes as well.
The NSA has a tough job cut out for it.
The most likely thing they are doing now is taking down the names of everyone here and putting us on a list. As well as studying the code itself and writing up reports on it.
5 Likes
Reinstating the rule of law, now,… to avoid some sort of digital tyranny later…that’s the way i see it. As for some kind of list? Ridiculous,melodramatic…but i enjoyed some of your other thoughts.
You haven’t been exposed to the NSAs own reports via Ed Snowden? We may not be getting real close scrutiny as yet, but we’re all in the data base along with most everyone else, the words and actions we take here are recorded and reviewable in perpetuity. Melodrama, maybe. Ridiculous, not no much.
5 Likes
Point taken, and i’m pretty aware of the mess. All the best.
1 Like
great counterargument. Debate much?
2 Likes
Presentation by William Binney, former technical director of NSA.
" We substituted George the W for George the III, and from there it went downhill" - Binney
Good to have this kind of exposure, hope you enjoy the presentation @TylerAbeoJordan (you may have already seen it)…a peace token for my comment, which was a bit knee-jerk.
6 Likes
Lol this thread is pretty funny
United States vs John Lennon
2 Likes
hmmm - funny threat - and i’m with @happybeing here … breaking an encryption seems to be the hardest way to get information
I would suggest to you - my commander - to write some kind of goodware to copy and send all content of Data accessible as soon as a user on this computer logges in. Even better would be a key logger grabbing login data as soon as the user opens the Safe-Login-Window. Maybe Microsoft can help us here with Cortana; that would be the easiest way and nobody would become suspicious.
Also an Idea might be to infiltrate the Forum and suggesting formulas for calculating the Farming-Rewards in ways that seem perfectly working in the first place … but destabilizing the safe network in very special circumstances.
If we then ourselves use the safe network and influence it with our 943875279 VMs we can manage everything to fall apart. The Safe-Dreamers will fall back at least 2 years because of the bad reputation and then we probably will have other options to get every peace of intel we need. …However this could mean many other networks like MS might appear … if we help the MS guys on the other hand and get Cortana onboard (+the apple guys … and also a solution to get into linux - how about some closed source freeware virtual assistant like cortana …? …) this might be preferable …
I hope you do like my suggestions! I’ll do my very best to help in this fight against global terrorism!
kind regards
- your hard working officer
1 Like
Even it’s using RSA 4096 the data it’s still obfuscated so I don’t think it will work with MaidSafe.
2 Likes
What about using Ed25519? Would that stand out better than rsa provided cryptography?
Here’s the list that products uses this strategy.
CJDNS is uses Ed25519. FYI.