With the release by Wikileaks of the so-called Vault 7 CIA Hacking tools, the debate has once again turned to the effectiveness and role of encryption. As Zeynep Tufekci (you should absolutely follow her on Twitter) rightly points out, this is all about endpoint security and not about broken encryption. Now we are at the point where it gets interesting and one that I have been writing about for years whenever it comes to the relationship between privacy and general purpose computing.

To repeat my argument: you cannot have *both* user-controlled general purpose computing *and* secure endpoints. User-controlled means that I as the user can choose which software I want to run and also how I want that software to execute on my machine (meaning I control the entire compute stack, such as the network layer). When I have this great power, I can always extract another users data unencrypted at some layer. That power of course can be abused in a number of ways including by people who manage to get code to run on my machine without my knowing it, which is what all these hacking tools are about.

The general approach to trying to make endpoint more secure is to have more trust in the code that I execute through some combination of code signing and trusted key storage/verification in a non-user code accessible element. The big problem with this approach, at least as currently implemented, is that it is a massively centralizing force on computation. Locking down the phone endpoint the way Apple does is exactly what gives the iPhone security but also makes Apple the gatekeeper to all computation on the phone. Not only can I not choose my own software but I also have no access to lower levels of the stack.

This is a bad tradeoff to make for humanity. Computation controlled by a few megacorps is exactly the dystopia we do not want to live in. Blockchain infrastructure, such as Blockstack, have the potential to give us more endpoint security (not perfect) without this centralization or loss of control over the compute stack. For example, the code running on your phone could all come in source format and be properly digitally signed. Because it is source it can be inspected for backdoors. And because it is signed in a decentralized and yet trusted fashion you can make an informed choice about which code to allow onto your device. That I posit is the future we want. 

With the release by Wikileaks of the so-called Vault 7 CIA Hacking tools, the debate has once again turned to the effectiveness and role of encryption. As Zeynep Tufekci (you should absolutely follow her on Twitter) rightly points out, this is all about endpoint security and not about broken encryption. Now we are at the point where it gets interesting and one that I have been writing about for years whenever it comes to the relationship between privacy and general purpose computing.

To repeat my argument: you cannot have *both* user-controlled general purpose computing *and* secure endpoints. User-controlled means that I as the user can choose which software I want to run and also how I want that software to execute on my machine (meaning I control the entire compute stack, such as the network layer). When I have this great power, I can always extract another users data unencrypted at some layer. That power of course can be abused in a number of ways including by people who manage to get code to run on my machine without my knowing it, which is what all these hacking tools are about.

The general approach to trying to make endpoint more secure is to have more trust in the code that I execute through some combination of code signing and trusted key storage/verification in a non-user code accessible element. The big problem with this approach, at least as currently implemented, is that it is a massively centralizing force on computation. Locking down the phone endpoint the way Apple does is exactly what gives the iPhone security but also makes Apple the gatekeeper to all computation on the phone. Not only can I not choose my own software but I also have no access to lower levels of the stack.

This is a bad tradeoff to make for humanity. Computation controlled by a few megacorps is exactly the dystopia we do not want to live in. Blockchain infrastructure, such as Blockstack, have the potential to give us more endpoint security (not perfect) without this centralization or loss of control over the compute stack. For example, the code running on your phone could all come in source format and be properly digitally signed. Because it is source it can be inspected for backdoors. And because it is signed in a decentralized and yet trusted fashion you can make an informed choice about which code to allow onto your device. That I posit is the future we want.