Upload files to "assets/robert.png" #2

Robert · 2024-08-06T20:02:05+02:00

Robert commented

2024-08-06 20:02:05 +02:00

No description provided.

Robert added 1 commit 2024-08-06 20:02:06 +02:00

Upload files to "assets/robert.png" 3095f32d77

Robert added 1 commit 2024-08-06 20:11:27 +02:00

Add servers/anonsensitive/index.html abfe72156a

Robert added 1 commit 2024-08-06 20:12:07 +02:00

Upload files to "servers/anonsensitive" 3323af5d9e

nihilist commented

2024-08-06 20:40:00 +02:00

don't involve anything serverside in the situation, we're only talking clientside here.
explain the situation as of when charlie is using a remote service (anonymously right) to do something sensitive, and explain what can go wrong and the consequences (tor 0day, he deanonymizes himself at some point by his actions, etc)
which leads to an adversary to bust down his door and force him to unlock his computer: Can he deny that he is the user that the adversary is seeking or not ?
and yes conclude that without deniable encryption, he can't deny the existance of the encrypted volume, and its contents.
add graphs to illustrate (you can reuse some of the graphs i made if you want)

1) don't involve anything serverside in the situation, we're only talking clientside here. 2) explain the situation as of when charlie is using a remote service (anonymously right) to do something sensitive, and explain what can go wrong and the consequences (tor 0day, he deanonymizes himself at some point by his actions, etc) 3) which leads to an adversary to bust down his door and force him to unlock his computer: Can he deny that he is the user that the adversary is seeking or not ? 4) and yes conclude that without deniable encryption, he can't deny the existance of the encrypted volume, and its contents. 5) add graphs to illustrate (you can reuse some of the graphs i made if you want)

Robert added 1 commit 2024-08-07 09:54:27 +02:00

Upload files to "servers/anonsensitive" 9b7be7d7fb

Robert commented

2024-08-07 09:55:06 +02:00

I updated it, please take a look

Robert commented

2024-08-07 09:57:15 +02:00

By the way, the JS was already present in the 0_anon index.html file

👍 1

nihilist commented

2024-08-07 10:20:29 +02:00

well, in this case it's questionable wether or not he can deny any implication with the leak, if he really is the only one to have used that password. this can easily be used against him to put him in jail. So i think we need something lighter here.

maybe add another example where LE is literally trying to do some guess work. (ex: they have a batch of 10 potential users that may be the authors of the leak, but they dont know which one. And they persecute Charlie (without any solid evidence unlike the previous idea) and for instance there he can't deny being the author of the leak, as he's forced to type his password (he didnt implement any deniable encryption)

well, in this case it's questionable wether or not he can deny any implication with the leak, if he really is the only one to have used that password. this can easily be used against him to put him in jail. So i think we need something lighter here. maybe add another example where LE is literally trying to do some guess work. (ex: they have a batch of 10 potential users that may be the authors of the leak, but they dont know which one. And they persecute Charlie (without any solid evidence unlike the previous idea) and for instance there he can't deny being the author of the leak, as he's forced to type his password (he didnt implement any deniable encryption)

Robert added 1 commit 2024-08-07 10:54:43 +02:00

Upload files to "servers/anonsensitive" b16a91161f

Robert commented

2024-08-07 10:56:59 +02:00

Edited accordingly

nihilist merged commit b7844a2030 into main

2024-08-07 19:42:25 +02:00

nihilist referenced this issue from a commit

2024-08-07 19:42:26 +02:00

Merge pull request 'Upload files to "assets/robert.png"' (#2) from Robert/blog-contributions:main into main

nihilist referenced this issue from a commit

2024-08-14 18:13:29 +02:00