hi duke,
perhaps you shouldn't have put in a line that established your position. it tells me how you think about the value of security and the purpose of the architecture. i think it was worth addressing as from my viewpoint user security is the foundation of tc's value.
"all technology can be implicated as good or bad. The internet can be considered a great innovation or you can write a scathing article saying it spreads viruses and opens the door to spying; same with any technology."
i read the post the first time. it made a point about technology being used for good purposes and evil ones. i made this same point a dozen years ago. to make it, i applied richard feynman's quotation of some wisdom he heard at a buddhist temple.
"To every man is given the key to the gates of heaven; the same key opens the gates of hell."
i thought about this quote a lot over the years. and in the end i came to this conclusion. even if a key opens the gates of heaven, we can't be passive about using the door to open the gates of hell. it's our obligation to make it difficult to use the key for evil purposes.
the key.
okay - so back to your post. i am not as passive as you are about a tcg back door. i think the tcg should state very clearly either (i) there isn't one, or (ii) they are going to work as hard as they can to ensure there isn't one.
the notion of an untrustworthy sovereign is not something i had been concerned with until snowden. i considered the possibility of probable cause breaches, which i can tolerate. i had not imagined the nsa had a gigantic program in place for broad surveillance. indeed, even the folks who expressed scepticism before snowden's revelations were shocked by the scale of the nsa programme. only the post-revelation wiseacres seem to have known the comprehensive scale of the thing.
so this new problem emerged. i started to worry that a system the nsa could see through was not at all the architecture i hoped for.
let me apply the mirror to your post in the hopes you will see the virtue of a different approach.
the revelation of untrustworthy sovereigns might be the key to a better architecture and tc's commercial acceptance. or it might be the key to a surveillance model and commercial failure. we collectively get to choose which one we are given. i think the choice we make defines not only the constitutional but also the commercial outcome.
i think the folks who argue for an easy-going attitude to back doors (oops, the nsa has one) adopt the latter principle and will find that user demand does not occur. we have seen that in previous iterations of chips with back doors or the suspicion thereof.
i think the folks who demand no back door open the opportunity which most investors hope for and that users clearly desire.
and as i have said to many folks, there are more than two choices here. eg
1. there's a current model that has weak user identity features, weak security against criminals and weak security against surveillance.
2. there's a model that has strong user identity features, strong security against criminals and weak security against surveillance.
and 3. there's a model that is strong in all three domains.
i like 3 the most and 2 the least.
AI
