LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

Pencil, Pencil, and Pencil

Dividing the Linux desktop

LWN.net Weekly Edition for June 13, 2013

A report from pgCon 2013

Little things that matter in language design

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Some concerns

Some concerns

Posted Feb 23, 2011 21:57 UTC (Wed) by JoeBuck (subscriber, #2330)
Parent article: The Freedom Box gets off the ground

I think that it would be wise to think like an attacker: if FreedomBox is widely deployed and catches on, how would someone attack it? There are several kinds of attackers: governments who want to keep tabs on dissidents, marketers trying to assemble detailed databases that invade people's privacy, spammers, stalker ex-boyfriends/girlfriends, and random crackers in it for the lulz.

Assuming we all keep our data on our own servers, the "friend" relationship presumably means that there's a public-key structure that allows friends to see data that I've decided to share with friends. But if I share anything with a friend, I can't prevent that friend from passing it on far and wide. Furthermore it's possible that some people will install bridges: they have friends that use Facebook and friends that use FreedomBox, and they pass things from one side to the other. Or maybe it will be possible to run applications on top of FreedomBox, with the ability to share data, and privacy could be defeated that way. Or people could be tempted to give away their privacy for a marketing offer (make us your FreedomBox friend and get 10% off on your next Happy Meal!). Or people could be required to give up their FreedomBox password as a condition for employment, or else hide the fact that they run it.

In the end, I'm skeptical that we can solve social problems with clever technical hacks. See xkcd .

(Log in to post comments)

Some concerns

Posted Feb 24, 2011 6:54 UTC (Thu) by ssmith32 (subscriber, #72404) [Link]

I mostly agree, with one caveat. Yes, most pictures of me on Facebook are from other people. And, yes, any hypothetical pictures that I wouldn't have wanted made public to the whole world would definitely have been posted by a friend ;)

On the other hand, some causes are worth dying for, and some brave souls can take being beat to death by xkcd's $5 wrench - especially when they have even a modicum of hope that not giving up whatever secrets were desired meant that the 4096 bit encrypted hard drive, with whatever links to whatever other people they cared about, would be out of reach of wrench-wielding thugs.

And sometimes you just need to delay the thugs long enough that your revolution becomes thousands strong, and secrets no longer matter.

Some concerns

Posted Feb 25, 2011 14:39 UTC (Fri) by NAR (subscriber, #1313) [Link]

On the other hand - how many people would buy this stuff if they risk being beaten to death just because they own one? I mean it's a dead giveway to government agents - guy has such a device, he's up to something! And although there are some brave souls who can take the beating, would they also let their mother/sister take the beating/raping?

wrenches don't scale, and they provide visibility

Posted Feb 25, 2011 19:23 UTC (Fri) by coriordan (guest, #7544) [Link]

I think this is focussing on irrelevant details of an immense exaggeration.

First difference is scale. Even if everyone handed over their passwords at the mere sight of a wrench, this is *many* orders of magnitude slower than ording Facebook to hand over their entire database.

Secondly, the wrench method is publicly visible or leaves traces. We don't know if Facebook gave info to Mubarak or his allies but we would hear if a government was using physical violence to get account passwords.

wrenches don't scale, and they provide visibility

Posted Mar 3, 2011 9:37 UTC (Thu) by renox (subscriber, #23785) [Link]

Irrelevant details?

Well one detail that I don't find irrelevant is that by monitoring the access of TOR proxys, the governements can get easily a list of 'suspect users'.

If the list is small, it's very risky to be in the list, so IMHO that's something to keep in mind as the Freedom box plan to use TOR..

Some hope

Posted Feb 24, 2011 12:14 UTC (Thu) by coriordan (guest, #7544) [Link]

I'm less sceptical. FreedomBox won't guarantee privacy, but it might at least make it possible.

> structure that allows friends to see data that I've decided to share with friends

I think they'll implement a structure which allows each particular "friend" to see only what you want to show to that particular friend. For some people, you might show everything, for marketers and employers there'll be privacy features such as "Dud profile/password for employer" or "Dud 'friend' list for non-friend friends".

As for the wrench, it doesn't scale. Zuckerberg can give the data of a million Egyptians' Facebook accounts to a government for data-mining. Getting that same info via TCP/wrench is completely impractical.

For the problem of (real) friends reposting your pics on their Facebook page, yeh, that's a problem that will have to be solved. Still, from what I've seen of Facebook, people don't repost entire galleries from others. The limited flow of data between accounts will still greatly reduce how much data a government (or whoever) can easily get about you. Maybe that's enough already. In any case, FreedomBox seems our best hope, and the best starting point for a solution.

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds