Sage sends URLs and package hashes to Gen Digital reputation APIs. File content, commands, and source code stay local.

Sage sends URLs and package hashes to Gen Digital reputation APIs. File content, commands, and source code stay local.

The hyperthreat can be outmaneuvered by humans reconfiguring their activities in two ways: security by design and security by dispersal. National security in the Anthropocene is increasingly achieved by designing systems and settlements so that enhanced security is incorporated from the start. For example, it can be imagined that each time a person refuels a car with petrol, this action empowers the hyperthreat. This leads to global warming, which creates ocean acidification and in turn reduced fish stocks, while also creating pressures for resource wars, thereby influencing whether a soldier or civilian dies and how much taxpayer resources are required for material security missions. In contrast, zero-emission transportation technologies can “design out” the slow violence and threats associated with a fossil-fuel-intensive lifestyle. This is similar for plastic use, in which case the “threat” is embodied in the high polluting design of consumable products and lifestyle activities. Likewise, other health threats and longer-term costs are embodied in hidden toxins or sugars in food products. Accordingly, peace, health, and a different form of national prosperity can be created through design, which requires a longer-term and mesh-intervention viewpoint. OP VAK has a role to play in achieving security and safety by design by linking apparently benign activities with their devastating impacts.    

The code is far simpler and easier to understand/verify

By design, snap apps have no access to /etc. They live in their own little world, but instead of a normal chroot, they are splatted all over the standard Linux filesystem layout. With other bits mounted hither and thither. Its a mess, and subject to change with each release.

At the same time, we need to ensure that no information about other unsafe usernames or passwords leaks in the process, and that brute force guessing is not an option. Password Checkup addresses all of these requirements by using multiple rounds of hashing, k-anonymity, and private set intersection with blinding.

we must not place the burden of safety on users in terms of who is responsible and who suffers the consequences

IDEAS FOR TECHNICAL MECHANISMSA technique called differential privacy1 provides a way to measure the likelihood of negative impact and also a way to introduce plausible deniability, which in many cases can dramatically reduce risk exposure for sensitive data.Modern encryption techniques allow a user’s information to be fully encrypted on their device, but using it becomes unwieldy. Balancing the levels of encryption is challenging, but can create strong safety guarantees. Homomorphic encryption2 can allow certain types of processing or aggregation to happen without needing to decrypt the data.Creating falsifiable security claims allows independent analysts to validate those claims, and invalidate them when they are compromised. For example, by using subresource integrity to lock the code on a web page, the browser will refuse to load any compromised code. By then publishing the code’s hash in an immutable location, any compromise of the page is detectable easily (and automatically, with a service worker or external monitor).Taken to their logical conclusion these techniques suggest building our applications in a more decentralized3 way, which not only provides a higher bar for security, but also helps with scaling: if everyone is sharing some of the processing, the servers can do less work. In this model your digital body is no longer spread throughout servers on the internet; instead the applications come to you and you directly control how they interact with your data.