just trying lemmy

  • 16 Posts
  • 53 Comments
Joined 3 years ago
cake
Cake day: June 3rd, 2023

help-circle



  • Begrenzung ist ein Vorwand. Es geht eigentlich um was anderes:

    Treibende Kraft der Initiative: SVP

    Die Zuwanderung in der Schweiz wird grossteils von Firmen verursacht die Arbeitskräfte brauchen. Diese Firmen werden gezielt durch Steueranreize angelockt. Treibende Kraft dieser Taktik: SVP. Die SVP hetzt dann gegen die “Ausländer” um Stimmen zu gewinnen. Widerspruch? Nein. Denn: es geht gar nicht um einen “Bevölkerungsdeckel” (der ist nämlich aus Gründen nicht mehr so hart sollte sich die Geburtenrate der Schweizer Bevölkerung steigern). Es geht darum dass Arbeiter:innen “illegal” in die Schweiz kommen und besser ausgebeutet werden können. Das drückt durch Konkurrenz auch die Löhne lokaler Arbeiter:innen. Gut für Reiche, Arbeitgeber, Konzerne. Die SVP macht schon immer Politik für Reiche.





























  • Interesting :)

    A few quick questions & comments:

    1. I don’t quite understand “If all users accept the introduction, a list of contacts is sent for each contact pair. These contacts are not used for messaging to prevent more than two parties from having encryption keys.” (line 66) What exactly are the “contacts”? Is it the same data as defined on line 8? Where do the encryption keys come from? Do initiators of introduction reveal encryption keys of their existing contacts?

    2. After an introduction there’s the problem that newly introduced people cannot setup secret keys in a very clean way. Because this secret keys can be computed if an attacker gets hold of the introducer, has recorded traffic and is in possession of a large enough quantum computer (which you assume in your threat model). You therefore would need some sort of ‘upgrade’ mechanism which would allow either two people to meet in person to ‘upgrade’ their secure channel. Or you could add a asymmetric key-agreement or key-exchange on top (probably post-quantum algorithm).

    3. I don’t quite get the combination of “HTTPS”, “Tor”, “symmetric crypto because of quantum computers”. Why HTTPS if Tor already provides confidentiality? HTTPS implies certificates, no? What about them?

    4. What about nonces for GCM? How do you prevent replay attacks?

    5. If you want to truly understand your protocol and get confident about it, I recommend studying something like this: https://tamarin-prover.com/ This allows you to model your protocol more formally, state your security claims and check if the protocol satisfies this claims :)