davies on Nostr: Thoughts on this by Balaji? Pasted from his tweet below: STOPPING THE BACKDOOR ATTACK ...
Thoughts on this by Balaji? Pasted from his tweet below:
STOPPING THE BACKDOOR ATTACK
In 2010, even after Twitter and Facebook helped catalyze the Arab Spring, people still would have thought it implausible if you'd said "in ten years, the most important political issue in the world for a few days will be whether the President of the United States could tweet."
But it was.
Similarly, in 2023, even after El Salvador has adopted Bitcoin, people still think it's implausible to say "by the end of this decade, the most important political issue in the world may be whether bankrupt governments have sufficient Bitcoin to fund their operations."
But it could be.
And in such a circumstance, what will desperate governments do? As of 2023, I don't think the conventional 51% attack by mining is something the US government could easily pull off. Maybe China could, but most mining is now outside China.
Instead, the federal government may try to compel Apple and Google (and other tech companies) to hunt for private keys on the servers, devices, and browsers they control. And to remit any stolen funds to a cash-hungry federal government.
This isn't cyberterrorism, it's cyberwar. It's not some random hacker who manages to sneak out a file. It's when the CEO of a company gives the lawful order to to hack their customers. This is similar to what happened to 140M Russians designated enemies of the state in early 2022 — every tech company turned on their former customers.
What's the possible target? We're talking billions of iPhones and Android phones, Mac laptops and Chrome browsers, Google Docs and Gmail. China could do the same with the Chinese smartphone manufacturers.
What's the possible defense? This is a tough situation. It's quite possible Tim Cook stands up to the pressure. He's been good on end-to-end encryption and stood up to the establishment on the CSAM on-device scanning initiative[1], which was an obvious way to get the snout under the tent.
If you can't trust the operating system itself, things get tricky. Linux is an answer but Linux devices may not scale in time. Exchanges built on Linux are another possible answer, but those are of course custodial and possibly also vulnerable to similar attacks.
I don't have all the answers, but I want to raise the question to get us to start thinking about it. It's possible that the answer here is in part social or political, not simply technological.
STOPPING THE BACKDOOR ATTACK
In 2010, even after Twitter and Facebook helped catalyze the Arab Spring, people still would have thought it implausible if you'd said "in ten years, the most important political issue in the world for a few days will be whether the President of the United States could tweet."
But it was.
Similarly, in 2023, even after El Salvador has adopted Bitcoin, people still think it's implausible to say "by the end of this decade, the most important political issue in the world may be whether bankrupt governments have sufficient Bitcoin to fund their operations."
But it could be.
And in such a circumstance, what will desperate governments do? As of 2023, I don't think the conventional 51% attack by mining is something the US government could easily pull off. Maybe China could, but most mining is now outside China.
Instead, the federal government may try to compel Apple and Google (and other tech companies) to hunt for private keys on the servers, devices, and browsers they control. And to remit any stolen funds to a cash-hungry federal government.
This isn't cyberterrorism, it's cyberwar. It's not some random hacker who manages to sneak out a file. It's when the CEO of a company gives the lawful order to to hack their customers. This is similar to what happened to 140M Russians designated enemies of the state in early 2022 — every tech company turned on their former customers.
What's the possible target? We're talking billions of iPhones and Android phones, Mac laptops and Chrome browsers, Google Docs and Gmail. China could do the same with the Chinese smartphone manufacturers.
What's the possible defense? This is a tough situation. It's quite possible Tim Cook stands up to the pressure. He's been good on end-to-end encryption and stood up to the establishment on the CSAM on-device scanning initiative[1], which was an obvious way to get the snout under the tent.
If you can't trust the operating system itself, things get tricky. Linux is an answer but Linux devices may not scale in time. Exchanges built on Linux are another possible answer, but those are of course custodial and possibly also vulnerable to similar attacks.
I don't have all the answers, but I want to raise the question to get us to start thinking about it. It's possible that the answer here is in part social or political, not simply technological.