• Edward Snowden Explains Blockchain to His Lawyer — and the Rest of Us | American Civil Liberties Union
    https://www.aclu.org/blog/privacy-technology/internet-privacy/edward-snowden-explains-blockchain-his-lawyer-and-rest-us

    ES: In a word: trust. Imagine an old database where any entry can be changed just by typing over it and clicking save. Now imagine that entry holds your bank balance. If somebody can just arbitrarily change your balance to zero, that kind of sucks, right? Unless you’ve got student loans.

    The point is that any time a system lets somebody change the history with a keystroke, you have no choice but to trust a huge number of people to be both perfectly good and competent, and humanity doesn’t have a great track record of that. Blockchains are an effort to create a history that can’t be manipulated.

    BW: A history of what?

    ES: Transactions. In its oldest and best-known conception, we’re talking about Bitcoin, a new form of money. But in the last few months, we’ve seen efforts to put together all kind of records in these histories. Anything that needs to be memorialized and immutable. Health-care records, for example, but also deeds and contracts.

    ES: Let’s pretend you’re allergic to finance, and start with the example of an imaginary blockchain of blog posts instead of going to the normal Bitcoin examples. The interesting mathematical property of blockchains, as mentioned earlier, is their general immutability a very short time past the point of initial publication.

    For simplicity’s sake, think of each new article published as representing a “block” extending this blockchain. Each time you push out a new article, you are adding another link to the chain itself. Even if it’s a correction or update to an old article, it goes on the end of the chain, erasing nothing. If your chief concerns were manipulation or censorship, this means once it’s up, it’s up. It is practically impossible to remove an earlier block from the chain without also destroying every block that was created after that point and convincing everyone else in the network to agree that your alternate version of the history is the correct one.

    So on the technical level, a blockchain works by taking the data of the new block — the next link in the chain — stamping it with the mathematic equivalent of a photograph of the block immediately preceding it and a timestamp (to establish chronological order of publication), then “hashing it all together” in a way that proves the block qualifies for addition to the chain.

    Think about our first example of your bank balance in an old database. That kind of setup is fast, cheap, and easy, but makes you vulnerable to the failures or abuses of what engineers call a “trusted authority.” Blockchains do away with the need for trusted authorities at the expense of efficiency. Right now, the old authorities like Visa and MasterCard can process tens of thousands of transactions a second, while Bitcoin can only handle about seven. But methods of compensating for that efficiency disadvantage are being worked on, and we’ll see transaction rates for blockchains improve in the next few years to a point where they’re no longer a core concern.

    Yet the hard truth is that the only thing that gives cryptocurrencies value is the belief of a large population in their usefulness as a means of exchange. That belief is how cryptocurrencies move enormous amounts of money across the world electronically, without the involvement of banks, every single day. One day capital-B Bitcoin will be gone, but as long as there are people out there who want to be able to move money without banks, cryptocurrencies are likely to be valued.

    BW: But what about you? What do you like about it?

    ES: I like Bitcoin transactions in that they are impartial. They can’t really be stopped or reversed, without the explicit, voluntary participation by the people involved. Let’s say Bank of America doesn’t want to process a payment for someone like me. In the old financial system, they’ve got an enormous amount of clout, as do their peers, and can make that happen. If a teenager in Venezuela wants to get paid in a hard currency for a web development gig they did for someone in Paris, something prohibited by local currency controls, cryptocurrencies can make it possible. Bitcoin may not yet really be private money, but it is the first “free” money.

    BW: So if Trump tried to cut off your livelihood by blocking banks from wiring your speaking fees, you could still get paid.

    ES: And all he could do is tweet about it.

    BW: The downside, I suppose, is that sometimes the ability of governments to track and block transactions is a social good. Taxes. Sanctions. Terrorist finance.

    We want you to make a living. We also want sanctions against corrupt oligarchs to work.

    ES: If you worry the rich can’t dodge their taxes without Bitcoin, I’m afraid I have some bad news. Kidding aside, this is a good point, but I think most would agree we’re far from the low-water mark of governmental power in the world today. And remember, people will generally have to convert their magic internet money into another currency in order to spend it on high-ticket items, so the government’s days of real worry are far away.

    BW: How would you describe the downsides, if any?

    ES: As with all new technologies, there will be disruption and there will be abuse. The question is whether, on balance, the impact is positive or negative. The biggest downside is inequality of opportunity: these are new technologies that are not that easy to use and still harder to understand. They presume access to a level of technology, infrastructure, and education that is not universally available. Think about the disruptive effect globalization has had on national economies all over the world. The winners have won by miles, not inches, with the losers harmed by the same degree. The first-mover advantage for institutional blockchain mastery will be similar.

    BW: And the internet economy has shown that a platform can be decentralized while the money and power remain very centralized.

    ES: Precisely. There are also more technical criticisms to be made here, beyond the scope of what we can reasonably get into. Suffice it to say cryptocurrencies are normally implemented today through one of two kinds of lottery systems, called “proof of work” and “proof of stake,” which are a sort of necessary evil arising from how they secure their systems against attack. Neither is great. “Proof of work” rewards those who can afford the most infrastructure and consume the most energy, which is destructive and slants the game in favor of the rich. “Proof of stake” tries to cut out the environmental harm by just giving up and handing the rich the reward directly, and hoping their limitless, rent-seeking greed will keep the lights on. Needless to say, new models are needed.

    ES: The tech is the tech, and it’s basic. It’s the applications that matter. The real question is not “what is a blockchain,” but “how can it be used?” And that gets back to what we started on: trust. We live in a world where everyone is lying about everything, with even ordinary teens on Instagram agonizing over how best to project a lifestyle they don’t actually have. People get different search results for the same query. Everything requires trust; at the same time nothing deserves it.

    This is the one interesting thing about blockchains: they might be that one tiny gear that lets us create systems you don’t have to trust. You’ve learned the only thing about blockchains that matters: they’re boring, inefficient, and wasteful, but, if well designed, they’re practically impossible to tamper with. And in a world full of shifty bullshit, being able to prove something is true is a radical development.

    #Blockchain #Edward_Snowden #Pédagogie #Bitcoin

    • There are many similar instant messaging systems, and each person can only handle so many of them. And they don’t talk to each other. So if you’re in touch with two people who use Signal and another three use Wire and you want to chat with all five of them, how do you do it? Email has the advantage of universal interoperability.

      Email are interoperable because there is well-documented standard behind it. And it is federated.
      XMPP is well-documented and federated too.

      The collapse of domain fronting means that some network operators can, and do, block Signal, Telegram, and other centralized messaging services like them. People stuck behind those networks simply can’t use these tools at all.

      Domain fronting is required because Signal is centralized. In a federated network, one has to block all possible communication channels between two arbitrary people. It is much harder to block a federated network unless you are willing to maintain a whitelist.

      Some people can only be contacted by email and have no public Signal number. For example, the EFF’s contact page lists email addresses (with PGP fingerprints) and office phone numbers, but no Signal numbers. If I’ve switched off end-to-end email security in favor of Signal, how am I supposed to communicate with the EFF securely?

      That’s bad practice from EFF. Not a first. But it cannot be attributed to Signal.

      Signal requires registration to a phone number. Not everyone has a phone number, knows the phone number of the person they want to contact, or is willing to share their phone number with other people.

      XMPP uses arbitrary identifiers. Phone numbers are possibly sensitive and allow som eattackers to track people geolocation. Phone numbers are bad. Arbitrary identifiers are good. This has been discussed at the last CCC conference as well.

      Some versions of the Signal app have similar problems to those outlined in EFail.

      No, they don’t have similar problems, except if the “similar problems” are “having a vulnerability”. This is bad phrasing. Signal has many problems but none that are as bad as emails.

      My advice, as always, is: use XMPP with OMEMO. There are Windows, GNU/Linux, Mac, Android and iOS clients. You can have a free account at https://jabber.lqdn.fr or a paying one at conversations.im. Conversations for Android has excellent ideas regarding seamless secure communication. More on that here: https://www.ssi.gouv.fr/publication/chiffrement-de-messagerie-quasi-instantanee-a-quel-protocole-se-vouer