I completely understand. As stated the purpose of this thread is to gather all security issues into one place in an easy to read format so that future engineers and onlookers have a reference. A sort of exhaustive checklist.
Let no stone go unturned for a truly secure SAFE Network!! 
As long as others donât use it as a source of FUD that means we need to spend Engineering time explaining it all. I can defo see that happening. Its the hard slog about being open, we expose our innards for bad people to stick knifes in.
In any case I love a list of these things, but at the same time I do fear very much time spent here is not time spent launching the full network at version 1 (Fleming). Then I see these are invaluable but if it stops us getting there I am much more wary.
At Fleming launch I think an exhaustive list would be good, like what if 50% of Elders collude, or can we recover a section, how can we use section keys across the network to further secure safecoin and so on. There will be a long list including quantum resistance, key stealing/selling and so on. We could get a really long list then prioratise them. Sort of giving the enemy the road to the jewels in many ways though as well.
So I would love a way to do this properly where we can gather attacks then prioratise them, find resolutions etc.
Tough to say the least to get this right.
At this point those who spread or conjure FUD can kiss our ass. There is a shrinking window for which they have any realistic chance of contaminating perception. You and your team are now delivering. VERY. F***ING. RAPIDLY. If I might add. 
End of story.
If a moron approaches and is dissuaded by the ramblings of another so be it. We have roughly another year before the SAFE flag is planted in our world wide digital soil. Like the UX team stated before. Knowing the end goal is important to the initial approach. If weâre not careful we could tangle our feet/code for future changes. We must first consider the destination. A collection of security issues helps to give us a clear path forward. The big (S) is fundamental to this new world weâre creating after all. Full steam ahead captain! Ignore the bottom slopsucking dwellers⊠
We have moderators who can shut down FUD, in order not to dissuade bonafide contributors freely posting their ideas.
Engineering in general should not get involved, but âThe MaidSafe Architectâ, one person, probably should! (I would say ban access to certain threads or this non-developer forum during working hours, to control that unruly mob at MaidSafe if you have to:)
For launch and beyond, it would be nice to have a plan of phased levels of security/guarantee goals. Initially, anonymity would for example be much lower on my priority than reliability of âperpetualâ storage, or integrity of data, or avoiding printing of SafeCoin.
Finally, why not challenge the community to test and try to break things before launch, in a very specific area (e.g. a feature) that makes sense, for each specific release. There is free labor waiting to be channeled towards this kind of things.
Example: Alpha 2 - which features that are on the roadmap are ready for meaningful testing? (There is no point in trying to test or break PoC or tentative code.)
The issue is FUD in other places. This forum maybe the primary community talking place but many other places people will talk.
Best compromise is I think to make this topic only accessible for level 2,3 members. Something like the #lounge?
This is an important topic. Need a thread for it somewhere people can discuss freely without the fud issues.
What about lounge until after Fleming, just to keep us on track for a safecoin/data network to be out there. Prob Fleming will be missing upgrades, but the amount of head space everyone will have will be huge compared with today. Then we can get a ton more focus on the remaining features though Beta, including a full security audit by the whole community as well as professional auditors
Elder collusion Attack
PSI#002
STATUS:
Open
DIFFICULTY:
Moderate to Ultra
CONSEQUENCE:
Complete manipulation of section behaviour.
METHOD:
This can happen several ways.
One large entity controls a significant portion of the network allowing it to manipulate multiple if not all sections.
Several entities work together to manipulate section behaviour. This can happen privately or publicly. In the public case an automated system could be established to connect all those interested in section manipulation. This attack is particularly devastating in that it requires little to no effort from the user once the recruitment infrastructure is in place and is subject to political/peer pressures.
PROPOSED SOLUTION:
Identity swapping is all I can think of ATM. This done in a way that hides the fact that one node is in fact another would mitigate this. Implementaion details need to be sorted. My thought is that deceit needs to be introduced to combat malice.
I propose an identity matrix that adds a bit of complexity but has the potential to weaken collusion attacks enough to warrant its implementation.
Basically it consists of identity blinding and another tier of oversight with dynamic membership. Letâs call this group registrars 
Their form and function is as follows:
Registrar groups consist of elders from more than one section. Naturally their total must be an odd number though greater than 5 for increased security. Their composition changes often enough to make malicious participation trivial but not enough to make overhead unreasonable.
Together this subset of elders manage the true identities for members of their origin sections. They hold an identity index for comunication with nodes in their care.
Sam today may be sarah tomorrow without changing their position in the network. Ultimetely the XOR address will always be elder01101 . Without the factor of churn that is.
This would have to be Hard to Ultra.
Node aging and only accepting new nodes and relocating nodes every so often make getting your attacking nodes into one section very difficult and then to have them all elders is even more difficult
Uh David, you saw that little guy trying to climb your leg? His name is Fleming. Did you forget you gave him life so quickly. I told you. Slow down with the ale my good friend. 
He needs his dad. We all try but there is no substitute for his real âda daâ . Seriously though weâve arrived. Never have we been in such a position to truly give the finger to all who doubt this.
Itâs 11:59 pm and Fleming is soon to wake. Lets converse before he starts crying for his bottle. He wonât be too happy if we all huddle into another room soon after he has awoken. Thatâs how you traumatize kids daddy laddy 
I feel like a much older person. When youâre this far along you start losing your filters. Double middle finger guns. Muahahaha 
Very few have faith in this project. Those that do have a wide scope. This topic will do little to cripple current perception. Anyone with eyes can see its purpose. Those who rely on others for project validation can be swayed by blatant lies anyway. Thatâs the nature of their misunderstansing. It comes from their lack of viglance. Donât tell me you plan on flying into everones room to educate us on the horrors of poor information sourcing. Jeez! Youâre only one man! 
IDK @neo . Imagine a few months or years have passed into the life of a live SAFEnet. People see that moderation is needed and tools are available. Those already in elder status need only to install a very small program that ties his/her machine to a growing moderation group spanning the globe. That doesnt seem too difficult. In fact it can be done on day one.
Any ideas on mitigation strategies?
Sorry, that requires people to do an upgrade that does not align with the reasons for SAFE. But if a majority want it then I guess the representative majority decides.
Honestly look at the trouble bitcoin has implementing a needed improvement and that isnât even changing its purpose or anything like that, just making the required improvement so bitcoin can remain working.
Not sure of any above what is being implemented.
Hmm, an out of band collusion requires no upgrade. An advert somewhere says âhey, tired if this or that? Join us by downloading thisâ . The program is downloaded and executed. It sits in the background much like malware and monitors node status and vault composition. This information is relayed to C&C for assesment and section manipulation. Easy peasy IIUC.
So why has this not been done for the actual internet and taken over the internet? And the answer to that will inform you why this is nowhere as feasible as it sounds
Cuz the internet as I know it does not work that way. The current infrastructure is (as you well know) centralized. Meaning the whim of a few prevail. The many feel powerless. In a world dominated by SAFE the paradigm and therefore behaviour changes. WE ARE NOW IN CONTROL.
This undertanding coupled with the appropriate tools empower people to do joyous or harrowing things. Infastructure changes (in the case of bitcoin) are complicated and filled with scary jargon. Making decisions about it less straitforward. Moral/ethical issues on the other hand are⊠mmm delicious 
Most; happily indulge.
The constituents of our evolving techno society. Adaptive to societal underpinnings but always subject to the deliciousness of the amygdala
Doesnât have to. Just look at virusâ and the like which install without your acceptance.
Look at the opportunity for media, government, etc to ask you to download filters, or any shit they want.
Historical people do not download and install things because they are told its sooo good. Our government wanted parents to download a paid for by government filter for their kids. Less than 5% ever did and they told the government they did not need to install enpowering tools
Weâre talking about those who already went through the trouble of ACCEPTING, downloading and participating in SAFE. A clear capacity is shown. Not much of a stretch to see them inching forward to participation in a regulatory group. The process can be made even easier than joining SAFE.
The media make great stides in control. Just look around you. You live in a media box. It has touched every facet of our lives. The most effective control strategies involve emotional saturation. The target is then ushered into a state of complaceny by way of relaxed homogenization. âHey buddy look at all this crazy shit! Wicked!? Well donât worry. Look at how much better it can be. Weâre here to help.â Abidea abidea that all folks!! 
In the case of out of band regulation the target is motivated by something intrinsic. The advert is just a catalyst
And typically those who download the node software are less likely to download something that changes the node. It will take greater convincing and since they want a secure network.
It all relates the reason why this does not work with the current internet and something so needed for their experience. History is a good teacher.