Technological Measures for Cybersecurity
July 29, 2024 – By Robert Blinov
There are various kinds of cybersecurity measures: organisational, legal, technological, and physical. All of them are useful, but the technological ones are the most resilient.
Policies and platforms are short-lived by nature
Legislation and policies are short-lived and unreliable, they are easy to bypass and modify. Just as platforms, they are created and maintained in a centralised manner by people who cannot be held to account. Protocols, on the other hand, are far more reliable, because they work in any jurisdiction and under any management. If a protocol’s creator dies or loses control, it keeps on working regardless. SimpleX, RSS, Monero, and the internet itself are all open protocols that do not belong to any company.
There can be any formal rule, but only the technologically enforced one will be followed. To falsify a contract on a Proof-of-Work blockchain, one needs to take over 51% of the network, and not just a single notary office. Good cryptocurrencies have monetary policies that are deeply thought through, so people don’t have to worry about central banks making the “right choice”. Decentralised domain protocols allow for true domain ownership, so people don’t have to worry about the benevolence of the Internet Corporation for Assigned Names and Numbers (ICANN).
As for data protection, it’s possible, of course, to open a company in one country and have it belong to two legal entities in two other countries, dividing data between different jurisdictions. Yet legislation can always change, while technologies will keep on working regardless. Such a legal move can only be an addition to technological measures, not their replacement.
The European GDPR allows citizens to withdraw consent to their data being processed, as well as to exercise “the right to be forgotten” and thereby remove all data about themselves from the public eye. But as the Streisand effect proves, a person who states the desire to hide will thereafter only become more visible. Services that truly want to streamline data deletion allow it to be done with a simple click — no emails and phone calls required.
“Security through obscurity” leads to lack of responsibility and accountability. Good defence works even if the enemy knows how it works.
The Zero-Trust approach works best
When a system is transparent and comprehensible, there is no need to rely on others’ oaths: violations are seen, while vulnerabilities are easy to fix. Transparent and comprehensible software is open-source, its builds are reproducible. If it connects to the web, it has an Internet Access Policy (https://obdev.at/iap/index.html).
Reliable devices have open schematics and, when possible, are physically transparent to make it easy to notice foreign components. The microphone and camera are turned off electrically, not via software.
If some code isn’t being used, it needs to be removed. The simpler the software, the fewer the bugs & vulnerabilities, and the higher the likelihood of detailed external audits.
“The more code lines you have removed, the more progress you have made. As the number of lines of code in your software shrinks, the more skilled you have become and the less your software sucks”
Technologies should be built in ways that make surveillance impossible, with data being processed only after the user’s conscious consent. It’s preferable for all new technologies to be backwards-compatible: this makes their adoption easier. Optional privacy is no privacy at all, as it divides people into normies and “those with something to hide”—that’s why Monero rules and Zcash drools.
“If you see a proposal for an electronic money system, check to see whether it has the ability to preserve the privacy of financial transactions the way paper money does today. If not, realise that the proposal is designed to harm, not help, individual privacy”
Protecting Privacy with Electronic Cash – Hal Finney, 1993
The zero-trust model is a good way to enhance security. In an organisation, this means embedding multi-level access control: each person can only access the data needed for the time needed. Accepting that anything can leak leads to minimising data collection and storage; accounts are not created without good reason.
Zero-trust can also be implemented on a local level via sandboxing. This means isolating browsers, ecosystems, and devices: using one for the personal, another for work, and a third for the alter ego. Access to one account or device will thus never be enough to paint a full picture of someone’s life.
Tips to Enhance Privacy and Security
As many interactions as possible should happen anonymously or at least pseudonymously. To make identification more difficult, one can reduce the amount of static data by constantly changing IP addresses with a VPN, randomising MAC addresses, preferring IPv4 to IPv6 (https://youchu.be/Vt4Jl4t43ug), spreading disinformation about identity. It’s harder to identify a person whose name isn’t tied to a device.
“Disinformation is our greatest weapon” — John McAfee
Browser-level protection is not enough: it’s not the only program communicating with the internet. Also, the more a browser is configured, such as with installed plugins, the easier it is to identify the person through metadata. Restrictions, such as those related to scripts, should be set on the system or router level.
Authentication should consist of multiple factors: what a person knows and what a person has. Emails and SMS messages should not be obligatory factors because of their low privacy. There also should not be any shared secrets: many people are unable to follow instructions and keep passwords in a safe place.
“Email is a fundamentally insecure protocol” — Edward Snowden
As much as possible should happen locally: the cloud is just someone else’s computer, while trusted third parties are security holes. However, if an interaction requires the internet, a web app is safer than a local app: a closed browser tab guarantees absence of background communications.
Almost everything should be encrypted, but it’s important to remember that malware (and on-device AI) can gather data before encryption and after decryption.
It’s best to avoid passing SSDs onto others: the only way to truly ensure the absence of previously “deleted” data is to smash the disk.
To completely exclude remote attacks, a device should not have Wi-Fi, Bluetooth, microphones, and cameras; any connections should happen physically. Such devices are typically kept in hard-to-reach places. If such a device were to be accessed, it should notify about this, both on the software and hardware levels. The most advanced devices use deniable encryption, fooling potential extorters into believing that the little data they manage to retrieve is all there is.
Final Thoughts
Certain kinds of digital threats can be prevented only with transparent technological measures.
However, a system can never be fully secure — this would make it inoperable. Tradeoffs are unavoidable; security measures should be chosen based on threat model, threat probability, objective limitations, long-term goals, and budget.
As of today, network effects continue to sway people towards centralised messaging apps, many sites needlessly require registration, hardly any devices have open schematics, and decentralised domain protocols are still uncommon. There is great room for improvement — let’s get to it.
by Robert Blinov – July 29, 2024
Buy Robert a coffee, send XMR to:
88ENPaJFqx9iYJf5UDhHd4hmgPTKCDTAVBFgsjHxYGPx9EZatKc9j1Pgt5Zi5WrwKoYCg2YdtQGc2DQYfb5UH515NPjsvFG
