Karl Auerbach on Nostr: Security and privacy are on everyone's mind. My sense is that we are playing a game ...
Security and privacy are on everyone's mind.
My sense is that we are playing a game of whack-a-mole, in which we smack down each new penetration or data leak.
I don't see an analytical approach.
When I worked on secure operating systems at SDC back int he 1970's we tried to define what we meant by "security" (in our case the famous * [star] property of not writing data to a lower level.) Formalizing even that simple notion was very hard, yet we had to do it for our early attempts to do formal verification of our code.
So what, today, do we mean by "security" or "privacy". The answers are going to be extremely complex.
And, particularly, with privacy, where do we draw the line between user choice (including the question whether a user is actually making an informed choice) and imposing constraints on everyone?
Then there is a new angle - data aggregation. That was the topic of almost forgotten, but really good, 1973 HEW report on privacy/security:
https://epic.org/documents/hew1973report/
My sense is that we are playing a game of whack-a-mole, in which we smack down each new penetration or data leak.
I don't see an analytical approach.
When I worked on secure operating systems at SDC back int he 1970's we tried to define what we meant by "security" (in our case the famous * [star] property of not writing data to a lower level.) Formalizing even that simple notion was very hard, yet we had to do it for our early attempts to do formal verification of our code.
So what, today, do we mean by "security" or "privacy". The answers are going to be extremely complex.
And, particularly, with privacy, where do we draw the line between user choice (including the question whether a user is actually making an informed choice) and imposing constraints on everyone?
Then there is a new angle - data aggregation. That was the topic of almost forgotten, but really good, 1973 HEW report on privacy/security:
https://epic.org/documents/hew1973report/