Thoughts on this by Balaji? Pasted from his tweet below:
STOPPING THE BACKDOOR ATTACK
In 2010, even after Twitter and Facebook helped catalyze the Arab Spring, people still would have thought it implausible if you'd said "in ten years, the most important political issue in the world for a few days will be whether the President of the United States could tweet."
But it was.
Similarly, in 2023, even after El Salvador has adopted Bitcoin, people still think it's implausible to say "by the end of this decade, the most important political issue in the world may be whether bankrupt governments have sufficient Bitcoin to fund their operations."
But it could be.
And in such a circumstance, what will desperate governments do? As of 2023, I don't think the conventional 51% attack by mining is something the US government could easily pull off. Maybe China could, but most mining is now outside China.
Instead, the federal government may try to compel Apple and Google (and other tech companies) to hunt for private keys on the servers, devices, and browsers they control. And to remit any stolen funds to a cash-hungry federal government.
This isn't cyberterrorism, it's cyberwar. It's not some random hacker who manages to sneak out a file. It's when the CEO of a company gives the lawful order to to hack their customers. This is similar to what happened to 140M Russians designated enemies of the state in early 2022 — every tech company turned on their former customers.
What's the possible target? We're talking billions of iPhones and Android phones, Mac laptops and Chrome browsers, Google Docs and Gmail. China could do the same with the Chinese smartphone manufacturers.
What's the possible defense? This is a tough situation. It's quite possible Tim Cook stands up to the pressure. He's been good on end-to-end encryption and stood up to the establishment on the CSAM on-device scanning initiative[1], which was an obvious way to get the snout under the tent.
If you can't trust the operating system itself, things get tricky. Linux is an answer but Linux devices may not scale in time. Exchanges built on Linux are another possible answer, but those are of course custodial and possibly also vulnerable to similar attacks.
I don't have all the answers, but I want to raise the question to get us to start thinking about it. It's possible that the answer here is in part social or political, not simply technological.
davies
npub1cm…lg9u6
2023-05-19 07:47:24
Author Public Key
npub1cmh0ha306t2cjgk00rfemzumek7h9yjyjpq6pcn6ea46e5t30w3s7lg9u6Seen on
wss://relay.noswhere.comPublished at
2023-05-19 07:47:24Event JSON
{
"id": "59cd421e7ec64bde50ab14015cfd7578db260d0ed1adf31fde8a799dd7ae8054",
"pubkey": "c6eefbf62fd2d58922cf78d39d8b9bcdbd7292449041a0e27acf6bacd1717ba3",
"created_at": 1684482444,
"kind": 1,
"tags": [],
"content": "Thoughts on this by Balaji? Pasted from his tweet below:\n\nSTOPPING THE BACKDOOR ATTACK\n\nIn 2010, even after Twitter and Facebook helped catalyze the Arab Spring, people still would have thought it implausible if you'd said \"in ten years, the most important political issue in the world for a few days will be whether the President of the United States could tweet.\"\n\nBut it was.\n\nSimilarly, in 2023, even after El Salvador has adopted Bitcoin, people still think it's implausible to say \"by the end of this decade, the most important political issue in the world may be whether bankrupt governments have sufficient Bitcoin to fund their operations.\"\n\nBut it could be.\n\nAnd in such a circumstance, what will desperate governments do? As of 2023, I don't think the conventional 51% attack by mining is something the US government could easily pull off. Maybe China could, but most mining is now outside China.\n\nInstead, the federal government may try to compel Apple and Google (and other tech companies) to hunt for private keys on the servers, devices, and browsers they control. And to remit any stolen funds to a cash-hungry federal government.\n\nThis isn't cyberterrorism, it's cyberwar. It's not some random hacker who manages to sneak out a file. It's when the CEO of a company gives the lawful order to to hack their customers. This is similar to what happened to 140M Russians designated enemies of the state in early 2022 — every tech company turned on their former customers.\n\nWhat's the possible target? We're talking billions of iPhones and Android phones, Mac laptops and Chrome browsers, Google Docs and Gmail. China could do the same with the Chinese smartphone manufacturers.\n\nWhat's the possible defense? This is a tough situation. It's quite possible Tim Cook stands up to the pressure. He's been good on end-to-end encryption and stood up to the establishment on the CSAM on-device scanning initiative[1], which was an obvious way to get the snout under the tent.\n\nIf you can't trust the operating system itself, things get tricky. Linux is an answer but Linux devices may not scale in time. Exchanges built on Linux are another possible answer, but those are of course custodial and possibly also vulnerable to similar attacks.\n\nI don't have all the answers, but I want to raise the question to get us to start thinking about it. It's possible that the answer here is in part social or political, not simply technological. ",
"sig": "93c4cdde9d5dc2a1a9ea9488d66a8579b822726595423d414c1100a602c3edeccc508b292ed1fe2274e8c34af97c88b6c2b3bf7a9cf17378044c9b9756ddf9b9"
}