Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

His point is that he can't backdoor it: you can read the code before you install it. I'd go further, and say that this is true of anything end-to-end encrypted, open-source or not, because it's not 2002 anymore and reversing ordinary client software is table stakes. (I'd still rather run something open source, ceteris paribus).


Feeding the paranoia above is that cperciva would verifiably be the smartest person in the room. A canny torturer would respond to this bringing in djb as the primary instrument of torture. "First one to break or weaken scrypt or 8-round salsa20 gains their freedom". The loser is forced to give talks at AWS marketing conferences for the rest of their natural


> A canny torturer

A canny torturer would read the Smart People on a public forum red-teaming cperciva's mind.


Not being able to "backdoor it" (presuming this means "exploit a backdoor the torturer presumes you have already put into it") does not prevent you from getting tortured to backdoor it.

All it does is, should that occur, prevent you from giving the torturer what they want to end the torture.

OTOH, convincing the torturer by, among other means, public statements in advance that you have failed to consider this anhd believe that not having that ability prevents torture, and that for this reason you do not have it, might prevent torture. But that's a big gamble on potential future torturers believing your public statements of motivation.


Tarsnap is software you compile and install yourself. He literally can't backdoor existing installations of it.


Exploitable but obscured backdoors in software distributed in form that is compiled and installed by downstream users is not impossible, though sufficient auditing may make it improbable.


He probably should have said that if it's what he meant. In his answer he implies that he could in fact back door it but chooses not to because of the liability.


Reversing ordinary client software is table stakes, sure. I'm not so sure about reversing client software which has a deliberately hidden backdoor. (You can hide a backdoor in source code too, of course, but I think it's easier to hide one in a binary because you could e.g. ensure that a buffer overflow overwrites cryptographic keys, where a C compiler would have the freedom to change the memory layout.)


We can just disagree here for now, since we agree directionally, and I think people should use Tarsnap.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: