Nothing. That should always be used when possible. Read about Advanced Data Protection. It is designed to pass the Mud Puddle Test, where your old device is not available to encrypt anything, while the user has not yet bought their new device.

I worry about that. In my threat model, I assume the attacker wants to keep the backdoor secret, and is unwilling to push a secret mass surveillance backdoor to all phones. Even if no one noticed the backdoor, someone is likely to notice all that encrypted surveillance traffic. So, there may be occasionally used back doors in our phones already, but secret mass surveillance is done server-side. That's the main threat I'm worried about.

Check out the github repo I just created. Simply ask to become a contributor.

Data can eventually add up. It isn't like a block chain, but we might have say 1KiB per device, and 8 billion devices globally, so maybe 10 TiB? That's assuming we don't ever shard into different quorums, and 15-ish nodes run the world, which is probably unrealistic. With say 150 nodes by then, it could add up to 1TiB per node.

Queries per second would always be low. Using a public key for incremental backups and only rotating the private key every month or two, 8 billion devices registering once a month is only 3,000 QPS globally, and again dividing by 10, that's only 300, which a Raspberry PI can probably handle.

So... it's dumb, but I will find it entertaining to run my node on a Raspberry PI until I start having security concerns. That would be roughly when enough devices are enrolled to make the system a juicy target, probably at least 2 years out. We'll need improved security at that point, e.g. running nodes in data centers with multi party with for any changes, and maybe Tor routing.

Anyone interested can ask to join my Github project.

And my first philosophy class at Berkeley in 1982 I predicted the singularity would happen in 2025. I just applied more slaw a threshold of million 1982 dollars for a grad student to be able to use a college bot machine to code intelligence. I also predicted that instead of writing code the way we do today there would be a new profession where we guide the machines telling it more about what we wanted than how to build it.

And my first philosophy class at Berkeley in 1982 I predicted the singularity would happen in 2025. I just applied more slaw a threshold of million 1982 dollars for a grad student to be able to use a college bot machine to code intelligence. I also predicted that instead of writing code the way we do today there would be a new profession where we guide the machines telling it more about what we wanted than how to build it.

Humidity can take this in two ways. We can harse the awesome potential to produce more with less work making everyone much better off. Or we can follow history and it will be a s*** show for everyone.

While you're correct that the effort level to moderate hasn't kept up, I think the bigger reason is that the social media companies figured out that they make way more money keeping everyone at each other's throats. They don't have a backup plan for limiting doomscrolling.

So, I work for Google. I am on the only team that defends your data from all of Google. It is a weird threat model: The CEO shows up at your desk with security guards and demands that you hand over a particular user's data by the end of the day or you and your whole team are fired. If you succeed in providing the data, you've failed. To be more specific, we ensure that Google can't see your Android backup/restore data, unless you can prove you know your Android screen unlock secret. If you do, then secure hardware I helped deploy to data centers will let you recover your backup data to a new Android device. If you fail 10 times, your data is lost forever, because the secure hardware only allows 10 guesses. This is all in our white paper.

I am of two minds about this sort of press. First, I'm proud to work for the only company I have ever known to spend a crap-ton (an official unit of measure) to hide user data from itself. On the other hand, Google's management needs reminders that users actually give a shit about privacy.

I'm an Air Force brat. In 1969.I watched with my family as Neil Armstrong took the first steps on the moon. That was an OMG moment, which set unfulfilled expectations for years to come. Instead of OMG moments, we've had a steady advance in tech, better every year, but never with an OMG moment like that.

So, I'm disappointed that I cannot vacation on Mars. At the same time, the steady tech revolution has changed the world far more than most of us would have thought possible.

In 1982, I took a philosophy class at UC Berkeley. For my final project, I predicted when the AI singularity would occur. My hypothesis was that we sim[y lacked the compute power, and when we had enough such that for $1M in 1982 dollars, any mainstream university could afford a neural network with the same capacity as a human brain, then some a-hole would come along and program it to actually be intelligent.

I predicted, based on Moore's Law, 2025....

Because the only way to defend a network is to think like an attacker, and far better, be an attacker. Every time we PWN an adversary, someone will ask, "Would that have worked against us?" And the answer will be, "Yeah, they've PWNed us for years with that."

Clearly the world just needs to get off its butt and adopt real privacy and security.