[tahoe-dev] I nominate #796 "write-only backup caps" for Ticket of the Week
Zooko O'Whielacronx
zooko at zooko.com
Wed Jun 15 22:39:46 PDT 2011
Dear tahoe-dev folks:
Being Ticket of the Week doesn't mean it is going to be fixed this
week. It means we're going to talk about it this week (or at least I
am), and if we're lucky somebody will *start* on fixing it this week.
:-)
For this week's Ticket of the Week I nominate #796 "write-only backup caps".
The reason that I'm thinking of this is Bitcoin. I'm pretty excited
about Bitcoin, and I read the sad story of a Bitcoin user whose value
was stored on his computer in his wallet.dat file, and someone stole
that file and transferred all of his Bitcoins to themselves. At
current market rates, that was USD 500,000 worth!
http://forum.bitcoin.org/index.php?topic=16457.0
Now if you use symmetric encryption on your wallet.dat file then this
does *not* protect you from malware which is running on your computer
[*]. Such malware can do whatever you can do, so if you can
symmetrically encrypt and decrypt your wallet (in order to, for
example, store more money in a symmetrically encrypted wallet) then
that allows the attacker to do the same and steal all your money. It
is like a lockbox that you have to open to put more cash in. But if
you open it, the attacker can steal everything from inside it.
On the other hand, public key encryption does not have the same
property. You can encrypt your ⓑ without having, on that same
computer, the ability to decrypt it, because your private key which is
necessary for decryption is stored somewhere else and you access it
rarely and carefully. This is more like a "piggy bank". A very strong
piggy bank. How about: it is like a piggy-bank-shaped safe that has a
little slot on top into which you can drop coins, but which cannot be
opened without the key/combination.
Some people currently protect their Bitcoin wallet by encrypting it
with gpg and then backing up the encrypted copy to a remote site. This
accomplishes the "piggy bank safe" scenario. Perfect! Except that most
people don't do it, because they don't know how to use gpg.
The Bitcoin developers are apparently working on adding symmetric
encryption to the official client. That would be the lockbox scenario.
In my opinion this is near-useless and may actually harm people by
giving them a false sense of security.
So, it would be cool, not only for Bitcoin wallets but also for all
other sorts of backups, if you had a "write-only capability", which
implements public key encryption just like the GPG scenario above, but
integrated into your Tahoe-LAFS filesystem and your automated
Tahoe-LAFS-based backups. This is the subject of #796.
Regards,
Zooko
[*] Assuming it can get your user privileges or equivalent authority,
which is typically the case nowadays.
http://tahoe-lafs.org/trac/tahoe-lafs/ticket/796# write-only backup caps
More information about the tahoe-dev
mailing list