A very important point in today’s Apple #VisionPro announcement was that eye tracking is processed in the M2 Secure Enclave (like keys are). This is because it can be a huge risk to security and cognitive liberty… https://twitter.com/ChristopherA/status/1168260553921433600
“By tracking the eyes of someone sitting in front of a computer viewing a scene, researchers can measure “scanpaths”—the order in which somebody looks at an image or scene—or create “fixation maps,” in which the time that the eye lingers” https://www.aclu.org/news/national-security/privacy-invading-potential-eye-tracking-technology
Eye tracking can reveal secrets (birthday, credit card PINs, political & sexual preferences, and more) https://link.springer.com/article/10.3758/s13414-010-0001-x
Eye tracking can also be used to magnify persuasion: https://futureofmarketinginstitute.com/the-metaverse-from-marketing-to-mind-control/
So I commend Apple making these threats more difficult. But diligence is still required so that Apple doesn’t misuse this data.
“After Meta’s presentation, Stark said the outcome was predictable. And he suspects that the default “off” setting for face tracking won’t last long. “It’s been clear for some years that animated avatars are acting as privacy loss leaders,”” https://www.wired.com/story/metas-vr-headset-quest-pro-personal-data-face/ https://twitter.com/ChristopherA/status/1665849832966168582
“At the event announcing the new headset, Mark Zuckerberg, Meta’s CEO, described the intimate new data collection as a necessary part of his vision for virtual reality. “When we communicate, all our nonverbal expressions & gestures are often even more important than what we say”.
Replying to @TimoGlastra
Not that I know of, partly related to that JWTs require replication the canonical data, making multiple signatures large. In general VCs are also not being able to have multiple issuers. With signed Gordian Envelopes you can have both, or aggregate them privately in quorums.
I like this paper, written from a philosophy perspective, on “Hostile Epistemology”. It aligns with my own thinking about various forms of “adversarial analysis” which is how I approach design of security & trust systems. Why do we, as individuals and groups, make bad decisions? https://twitter.com/add_hawk/status/1666486887991894017
RT @ArcadeCityMayor: Best opening slide ever 👍 @LeaPetras
That wellness data can be used against us. Imagine if some politicians had their way in the US and threw out the ACA, allowing insurance companies to discriminate based on the individual insurance market. They might start requiring activity-tracker data in an application! [3/12]
Remember the Fitbit murderer? He actually got caught thanks to the data on his wife’s Fitbit, but the case showed how much data there is on an activity tracker. [2/12] https://www.cnn.com/2017/04/25/us/fitbit-womans-death-investigation-trnd/index.html
What’s the most private data your have? Ignoring your browser history for a minute, it’s probably your healthcare data. It’s hugely sensitive, as @BlockchainComns wrote in a new article. 🧵… [1/12] https://www.blockchaincommons.com/articles/Dangerous-Wellness-Data/
Or imagine how GPS information revealing your visiting a strip club or attending a Trump rally might cost you your job depending on who your work for. (Or read about how a priest lost his job based on geo-data, though it didn’t come from a tracker) [5/12] https://nypost.com/2021/07/25/reporting-that-outed-catholic-priest-reveals-data-is-not-private/
Or imagine how body temperature info might be used to prosecute reproductive care in certain parts of the US. [4/12] https://www.mayoclinic.org/tests-procedures/basal-body-temperature/about/pac-20393026
At @BlockchainComns, our answer is “holder-based hashed elision”. The holder can elide their own data, but a Merkle Tree of hashes maintains its verifiability. It’s what we use in Gordian Envelope. [8/12] https://www.blockchaincommons.com/introduction/Envelope-Intro
There’s a flip-side to this! You’d like to share your wellness information with your doctor. You might want to monitor your kids’ health. You might want to support a clinical trial. How do you do these safely? [7/12]
It’s all in your wellness data! It’s all stored by your @fitbit tracker, Digimon Vital bracelet, @ouraring, and your Apple Watch. And this data can be very revealing! [6/12]
If you’re interested in developing Gordian Envelope to add privacy protection to your own data, join our Gordian Developer meetings! Our mailing list and Signal will keep you up to date. [11/12] https://www.blockchaincommons.com/subscribe.html#gordian-developers
Wellness data, such as that collected by an activity tracker, is very sensitive and also very powerful. It needs to be both protected and empowered! Our article discusses the topic more. [10/12] https://www.blockchaincommons.com/articles/Dangerous-Wellness-Data/
We recently wrote some Use Cases describing how wellness data could be protected with Gordian Envelope and still used for individual health, clinical studies, contact tracing, and more, all with strong privacy. [9/12] https://github.com/BlockchainCommons/Gordian/blob/master/Envelope/Use-Cases/Wellness.md
If you want to support our work, to help ensure that data in the future is properly protected, please become a patron of Blockhain Commons. [12/12] https://github.com/sponsors/BlockchainCommons
Replying to @mistakecav4566 and @BlockchainComns
We have some important additions to it at https://github.com/blockchaincommons/smartcustody#smartcustody-tools, in particular a good multisig scenario with @SparrowWallet as coordinator, @FOUNDATIONdvcs and Gordian Seed Tool, however…
Replying to @mistakecav4566, @BlockchainComns, @SparrowWallet and @FOUNDATIONdvcs
our beta-testing of with some of our supporters demonstrated that it was too complex without some technology improvements. This is the CSR Project (Collaborative Seed Recovery) that we are working on with multiple wallet vendors: https://github.com/BlockchainCommons/Gordian/blob/master/CSR/README.md
Replying to @mistakecav4566, @BlockchainComns, @SparrowWallet and @FOUNDATIONdvcs
Basically with CSR, you can initiate a “crypto-request” either as a QR or URL that initiates the creation of your seeds and properly back them up. Other crypto-requests will initiate multisig account creation, create & distribute public keys, and ease handling of PSBT signing.
Replying to @mistakecav4566, @BlockchainComns, @SparrowWallet and @FOUNDATIONdvcs
These will make it much easier for users to navigate the current NASCAR of every wallet having different UX, while allowing each to offer services that others may not. Once CSR is functional (Q3?) we plan to return to the book.
RT @mistakecav4566: @BlockchainComns When do you anticipate completing SmartCustody 2.0 with multisig?
RT @ChristopherA: @mistakecav4566 @BlockchainComns We have some important additions to it at https://github.com/blockchaincommons/smartcustody#smartcustody-tools, in particular a good…
RT @ChristopherA: @mistakecav4566 @BlockchainComns @SparrowWallet @FOUNDATIONdvcs our beta-testing of with some of our supporters demonstra…
RT @ChristopherA: @mistakecav4566 @BlockchainComns @SparrowWallet @FOUNDATIONdvcs Basically with CSR, you can initiate a “crypto-request” e…
RT @ChristopherA: @mistakecav4566 @BlockchainComns @SparrowWallet @FOUNDATIONdvcs These will make it much easier for users to navigate the…
@lifeext https://twitter.com/ChristopherA/status/1668654971817013253
Replying to @kobigurk, @daniel_d_kang and @AnnaRRose
We are working on a CBOR data format for attestation/provenance that also supports privacy. We also have started docs on use cases for education, data distribution, finance, and more. Interested in collaborating? We also are working with secure chip designers to support it. https://twitter.com/ChristopherA/status/1668654971817013253
RT @BlockchainComns: In our June Gordian Meeting, @WolfMcNally spoke about the conversion of our Gordian stack to Rust. https://t.co/va3y9C…
RT @BlockchainComns: This includes our new dCBOR library, our Shamir’s Secret Sharing and SSKR libraries, our Uniform Resources library, an…
RT @BlockchainComns: Basically, if you want to protect seeds, if you want to transmit and store information in an interoperable way, and if…
RT @BlockchainComns: The video also includes a nice demonstration of some of the work.
RT @BlockchainComns: Join us for future Gordian Developer meetings! The next is scheduled for August 5th
https://www.blockchaincommons.com/subscribe.html#gordian-developers
Majority of EU states want chat control despite warning of their lawyers “The control of interpersonal communication is a particularly serious restriction of the fundamental rights…the planned law is not compatible” (in German translated to English) https://netzpolitik.org/2023/staendige-vertreter-eu-staaten-wollen-chatkontrolle-trotz-warnung-ihrer-juristen/
Me too. 😤 https://twitter.com/AnastasiaU/status/1668419996618309636
I am hosting right now an @RWOTEvents “Open Office Hours” discussion on decentralized self-sovereign identity, and inspirations for self-sovereignty from history and elsewhere. DM me for Zoom URL.
Replying to @xovemnormie and @matthew_d_green
I have a shortcut that when you try to turn on airplane mode without a pin (say immediately after a theft) it will turn back off and force lock of phone.
You can slightly see the artist mirrored in the pearl in this 108 billion (!) pixel scan of Johannes Vermeer’s masterpiece “The Girl With The Pearl Earring”. I remember reading about it and when I was in The Hague where I looked for and spotted it. https://www.newscientist.com/video/2378702-scans-of-girl-with-a-pearl-earring-reveal-paintings-hidden-secrets/
#qotd “The man who wishes to keep at the problem long enough to really learn anything positively cannot take dangerous risks. Carelessness and overconfidence are usually more dangerous than deliberately accepted risks.” ~ Letters from Wilbur Wright https://www.commonlit.org/en/texts/letters-from-wilbur-wright
/ht https://twitter.com/jasoncrawford/status/1669451877208014848
RT @WebDevLaw: I don’t say this often anymore, but I (very slowly) wrote a blog post. It’s expanding on some recent thoughts I shared here…
RT @justinhendrix: What is Secure? An Analysis of Popular Messaging Apps
A deep dive into the design and technical security of encrypted a…
RT @JoyceWhiteVance: This bears close watching, It could be legit fraud investigation (the feds usually do that tho) but looks more like ta…
RT @sethforprivacy: 1/ Time to break down the latest response to the rightful outcry over the approach being taken with Ledger Recover and…
Replying to @n1ckler and @statusquont
So are x-only public keys in secp identifiable?
👍Wellness Capitalism “complex, privatized approach to public health…new regulations protecting worker privacy and preventing discrimination are needed, regulation is not enough” This is why we wrote a use case for privacy & elision for wellness data
(More in following 🧵) https://twitter.com/datasociety/status/1671522823108538369
Replying to @n1ckler and @statusquont
Yes, but can you prove that only given the public key? Or do you need some other data? I’m not sure how you differentiate the two with only the public key. Related, if you can correlate, is it only 1-bit of correlation?
The answer “You don’t do this to human beings” is such a great answer to so many problems and questions. https://twitter.com/edels0n/status/1671605376645464064
Replying to @WebDevLaw and @WebDevLaw
Is there a Kindle edition available? Did you ever see my post on Four Kinds of Privacy? http://www.lifewithalacrity.com/2015/04/the-four-kinds-of-privacy.html I also have seven chapters in early draft on Lentz & Carmille and identity tragedy during WW2. I’d be interested in chatting with you.
This week @Ledger released a white paper on their Ledger Recover system. It’s primarily cryptography, and without deep-diving into that element (yet), some basics seem sound. I particularly appreciate moving toward VSS. The problems arise in the more human elements. 🧵… [1/16] [https://twitter.com/P3b7/status/1671489331737899010](https://twitter.com/P3b7/status/1671489331737899010)
It’s also a very conservative view for how identity works. As @JoeAndrieu wrote in his foundational primer on “functional identity”, identity is how we recognize and remember people we’ve met. Names are just handy labels for this ongoing process. [4/16] https://github.com/WebOfTrustInfo/rwot12-cologne/blob/main/advance-readings/functional-identity-primer.md
The biggest issue is Ledger’s use of “legal citizen identity”, including full name, as well as place and date of birth, for verification, something that’s given out to every “backup provider”. This is full-on privacy busting. [3/16]
At @BlockchainComns, we propose what we call the “Gordian Principles” as best practices: independence, privacy, resilience, and openness. In my opinion, Ledger Recover falls short in three out of four of these: everything but resilience. [2/16] https://github.com/BlockchainCommons/Gordian#gordian-principles
How do you authenticate a user without violating their privacy? You let them decide! They provide proofs when they shard their secret (be it phone #, email, legal identity, thumbprint, or a word), and then they prove access to their self-declared proofs by the other side. [6/16]
Ledger Recover misunderstands this tool as the end product and in doing so potentially exposes a user’s entire identity. It also totally ignores the precepts of data minimization: it’s way more than is needed. [5/16] https://www.blockchaincommons.com/musings/musings-data-minimization/
Do users have any choice of backup providers? What prevents collusion among the providers? Do users have any ability to privately store some shares? Is it rational to recover without a Ledger? These are crucial questions of independence, resilience, and openness. [9/16]
I focused on authentication because that’s one of the few topics the Ledger white paper addresses, other than the cryptography. There’s so much more we don’t know. Even with a white paper, we’re still short on transparency. [8/16]
The other problem with Recover’s authentication is that it’s homogeneous: all based on legal identity. Ledger says each backup provider must do independent ID verification, but it’s insufficient. Discrete & disconnected authentication methods provide better security. [7/16]
It tackles some of the problems we see with Ledger Recover. It lets users choose their “backup providers”, it advocates for those providers to offer a variety of differnet authentication methods, and it definitely doesn’t require legal identity [12/16].
We are taking a different approach at @BlockchainComns with a wallet interoperability project we call Collaborative Seed Recovery, or CSR [11/16].
https://github.com/BlockchainCommons/Gordian/tree/master/CSR
Down the road, the question will be whether there’s any way to prove that the Ledger implements Recover as has been documented. [10/16]
And speaking of other points of view, please take a look at the excellent overview of some of the more technical elements by @sethforprivacy, including the revelation of a master decryption key. [15/16] https://twitter.com/sethforprivacy/status/1671532777441841158
We’d love to have you onboard, to tell us about your requirements and concerns. (We’d love to have @Ledger onboard too!) Our next “Gordian Developers” meeting will be on Wednesday July 5th. Sign up and join us! [14/16] https://www.blockchaincommons.com/subscribe.html#gordian-developers
We’re not going it alone because we don’t know best. Instead, we’re depending on a consortium of designers with a wide variety of interests including @FeralFile, @FOUNDATIONdvcs, and @proxy. [13/16]
If you want to signal your support for open, transparent standards for controlling digital assets, become a financial sponsor of @BlockchainComns via Github. [16/16] https://github.com/sponsors/BlockchainCommons
RT @BobMcElrath: @ChristopherA @Ledger I’m gonna second VSS here. It’s a damn good idea that has been neglected for too long because they c…
I’m pleased that a major publication is taking up this topic. I’ve been puzzling on how to add these 4 essential principles to #SSI: “The right to mental self-determination. The right to mental privacy. The right to mental integrity. The right to psychological continuity.” https://twitter.com/TIME/status/1673331642239275008
RT @RWOTEvents: RWOT 12 Early Bird Deadline is 7 Days Away
Advance Reading papers must be submitted by 7/7
to qualify for the Early Bird t…