diff --git a/notes/be_anonymous_review.org b/notes/be_anonymous_review.org new file mode 100644 index 00000000..5b1724c2 --- /dev/null +++ b/notes/be_anonymous_review.org @@ -0,0 +1,70 @@ +:PROPERTIES: +:ID: a860b364-bf2b-4934-b128-4dc5697b4fa4 +:END: +#+TITLE: Be Anonymous (review) +#+Author: Yann Esposito +#+Date: [2022-02-21] +- tags :: [[id:2351f4cb-85a3-45ca-9bb5-f13a559afcfe][security]] [[id:db44b28a-7d7c-43e1-a77a-a84770a80f13][privacy]] +- source :: https://kg.dev/thoughts/be-anonymous +- hn :: https://news.ycombinator.com/item?id=30408236 + +I just read this blog post which is a classical take on anonymity, just +with a slightly more modern take. +And I like this related comment: + + +#+begin_quote +The article touches on a good point: one mistake and you're out. +It doesn't even have to be your mistake - you didn't choose to put your SSN +out there after all, yet here we are. + +This gave me a radical company idea, on the other end of the spectrum: spam +as a service. +Something that'll take your name, email, and other things and put it all +over the internet in questionable and plausibly denial ways. +That way, even when someone is trying to find things out about you, it'll +be hard to find, and easy to deny. +(I'm kidding of course). + +-- mindvirus ; https://news.ycombinator.com/item?id=30408236 +#+end_quote + +In fact, the problem are just coming. +Now that it will be easier and easier to be attacked by people all other +the world it will be problematic in a few short years. +And thus, this idea of making it almost impossible to really discover your +real personal information will probably be the best way to protect ourselves. + +So how would someone implement that? + +1. gather all your public account/presence on the Internet. +2. flood the Internet with slightly false information everywhere. Change + your address slightly, your city, your birth date, your age, your sex, + the color of your eyes, etc… +3. flood the Internet with different world-view, like change your political + stance, hmm.... + +This doesn't look trivial at all. + +OK maybe the solution is to go the other way around. +Create a company that will track people you see during interview with the +potential following outcomes: + +1. not enough data (quite rare now) +2. enough data ; comply to the spirit of your team +3. not enough data ; does not comply to the spirit of your team + +This will be a cat & mouse game. +It could be fun. + +Oh god, this exists: + +#+begin_quote +https://redact.dev + +Delete your digital footprint. + +The only platform that allows you to automatically clean up your old posts +from services like Twitter, Reddit, Facebook, Discord and more all in one +place +#+end_quote diff --git a/notes/high_iq_captcha.org b/notes/high_iq_captcha.org deleted file mode 100644 index 1c7a16cd..00000000 --- a/notes/high_iq_captcha.org +++ /dev/null @@ -1,102 +0,0 @@ -:PROPERTIES: -:ID: b6402aa6-3315-4317-82a5-367af38f0ead -:END: -#+TITLE: High IQ captcha -#+Author: Yann Esposito -#+Date: [2022-02-21] -- tags :: -- source :: https://news.ycombinator.com/item?id=30414374 - -I just recently read into HN a new notion. -High IQ Captcha. Captcha designated to prevent low IQ people to access -some resources, but are easy to get from higher level IQ. - -We could extend this notion to use community filtering captchas. -And I think this looks like a great idea. -It will not make it impossible to retrieve some resources, but the price -to pay will be different depending on your community. -For some, it will be almost impossible to reach. - -Maybe it could be the great system to prevent eternal September in social -networks. - -Another interesting idea will be to hide a few gems into my articles behind -such kind of system. - -Like having a small encrypted text which would only be revealed if the -reader want to put the extra effort in finding the result. - -Let's try to find a few different exercises for the reader. - -** Visible only via the HTML source: - -#+begin_src html -
Galaad - Arthur -

What is ... your quest?

- to seek the holy grail! - to seek the holy grail! -

What is ... your favorite color?

- red - blue -
- This is the CSS hidden message and it works. -
- - - - - -#+end_src - -Then ask users to use the inspector to retrieve the data. - -Then potentially, hide the data into some comment, or extra meta difficult -to retrieve and ask them to look at the HTML source. - -** Encrypted - -A better idea is to use random long bits of data, with XOR. -And answering all good answers will provide the correct XOR key. -Can we make that with a static website without js? -Hmm.... I don't think so ;) - -Secret being: ~MAIN_URL/secret~ with secret being the letters/numbers of the answers. -I think we could do that with a ~form~ with some sort of backend dynamic program. - -Anyway it was a fun though experiement. diff --git a/notes/privacy.org b/notes/privacy.org new file mode 100644 index 00000000..d2e6c7f0 --- /dev/null +++ b/notes/privacy.org @@ -0,0 +1,8 @@ +:PROPERTIES: +:ID: db44b28a-7d7c-43e1-a77a-a84770a80f13 +:END: +#+TITLE: privacy +#+Author: Yann Esposito +#+Date: [2022-02-21] +- tags :: +- source :: diff --git a/tracker.org b/tracker.org index bd0be610..ac366af9 100644 --- a/tracker.org +++ b/tracker.org @@ -298,7 +298,7 @@ index page is always tk-server *** 2022-02-18 Friday **** IN-PROGRESS Fix module-type :work: :LOGBOOK: -CLOCK: [2022-02-18 Fri 12:21] +CLOCK: [2022-02-18 Fri 12:21]--[2022-02-18 Fri 15:51] => 3:30 :END: [2022-02-18 Fri 12:21] - ref :: [[file:~/dev/iroh/lib/iroh-core/test/iroh_core/test_helpers_test.clj::(deftest is-similar?-test]] @@ -542,3 +542,13 @@ EU "former_title": "Stealthwatch Cloud" } #+end_src + +** 2022-W08 + +*** 2022-02-22 Tuesday +**** MEETING SXO Meeting :work:meeting: +:LOGBOOK: +CLOCK: [2022-02-22 Tue 18:00] +:END: +[2022-02-22 Tue 18:00] +- ref ::