Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Remember the rubber hose

Remember the rubber hose

A talk in distributed ledgers, privacy and an often disregarded threat mode.

Ricardo J. Méndez

July 20, 2018
Tweet

More Decks by Ricardo J. Méndez

Other Decks in Technology

Transcript

  1. July 20, 2018 / [email protected]
    @ArgesRic

    https://mastodon.social/@ricardojmendez/
    Remember the
    rubber hose
    Ricardo J. Méndez

    View full-size slide

  2. @argesric @samsungnext
    About me
    Technical Director for Europe at Samsung NEXT
    in Berlin.
    We partner with innovators and invest in
    forward-looking deep-tech companies.
    This talk, however, is about privacy.
    Feel free to grab me later if you want to talk
    more.

    View full-size slide

  3. Speaking of
    which…

    View full-size slide

  4. @argesric @samsungnext
    Kudos to the
    organizers.
    We need more
    conferences taking
    people’s desire for
    privacy into account.

    View full-size slide

  5. Let’s talk about
    privacy

    View full-size slide

  6. @argesric @samsungnext
    Have you asked
    people about
    decentralization?

    View full-size slide

  7. @argesric @samsungnext
    Most have no idea.

    View full-size slide

  8. @argesric @samsungnext
    People do know a few things, though
    The "crypto"comes
    from all the data out
    there being
    encrypted...
    Blockchains are
    private because they
    are decentralized...
    And this makes them
    anonymous and
    untraceable.

    View full-size slide

  9. @argesric @samsungnext
    This is partly our fault.

    View full-size slide

  10. @argesric @samsungnext
    There’s a lot of new
    concepts for people.

    View full-size slide

  11. @argesric @samsungnext
    Privacy “as a way to prevent signalling concerns from
    encompassing all of our activity.”
    Vitalik Buterin, reddit thread

    View full-size slide

  12. @argesric @samsungnext
    Everything we do in
    public generates signals.

    View full-size slide

  13. @argesric @samsungnext
    First world problem?

    View full-size slide

  14. @argesric @samsungnext
    “We are putting X on the blockchain”

    View full-size slide

  15. @argesric @samsungnext
    Effectively, logging.

    View full-size slide

  16. Let’s talk about
    keys

    View full-size slide

  17. @argesric @samsungnext
    Raise your hand…
    Who believes in being
    in control of their
    private keys?
    Who expects public
    key cryptography will
    keep our data safe at
    least until quantum
    computers?
    Who has ever had a
    gun to their heads?

    View full-size slide

  18. @argesric @samsungnext
    Yeah. That signaling.

    View full-size slide

  19. @argesric @samsungnext
    “We are making the world a better place”

    View full-size slide

  20. @argesric @samsungnext
    What’s the worst thing
    that can happen?

    View full-size slide

  21. @argesric @samsungnext
    Censorship resistance?
    Pseudonymity?

    View full-size slide

  22. @argesric @samsungnext
    Those who can benefit
    the most are vulnerable.

    View full-size slide

  23. Rubber hose
    cryptanalysis

    View full-size slide

  24. @argesric @samsungnext
    Easy, cheap, and effective.

    View full-size slide

  25. @argesric @samsungnext
    We need to make it
    easier for people to be
    private.

    View full-size slide

  26. @argesric @samsungnext
    Yes, we are better off.
    But we have it pretty
    good already.

    View full-size slide

  27. @argesric @samsungnext
    Hey, I’ll take it.

    View full-size slide

  28. How can we help?

    View full-size slide

  29. @argesric @samsungnext
    Yes, users can change
    your defaults.

    View full-size slide

  30. @argesric @samsungnext
    If your defaults aren’t
    private, they will stay
    non-private.
    Source

    View full-size slide

  31. @argesric @samsungnext
    Can we help with the
    metadata?

    View full-size slide

  32. @argesric @samsungnext
    Plausible deniability?

    View full-size slide

  33. @argesric @samsungnext
    But mostly, speak plainly.
    Help them build a mental
    model.

    View full-size slide

  34. Because we’re
    really close

    View full-size slide

  35. @argesric @samsungnext
    We’re in the cusp of
    something here.

    View full-size slide

  36. @argesric @samsungnext
    … and then 95% of them
    won’t change the defaults.

    View full-size slide

  37. @argesric @samsungnext
    Thank you.
    Contact: [email protected]

    View full-size slide