Day 89


Total hours: 200.633

Top three:

1) Basic Sync Concept

I got this done!!! I tested the main ways that synchronization can occur and have found there to be no possibility of a sync conflict. This is because for browsers history there is only one operation that can be done (delete it). So conflicts aren’t possible at all.

I’ve designed it to ensure it’s privacy maximizing. When the operator deletes that page from the browser. The history and time are wiped out immediately from the database. Meaning that history is gone from your computer (presuming that you don’t have other history capturing things setup on your device).

Then it syncs that deletion to all other devices and wipes it from the central database. Your history is a class 2 data which means that we’re not able to access your information. Your encryption keys are stored only ever encrypted online and never in plain text.

Speaking of classes Sapphire Pack takes operator data security and privacy extremely seriously that I’ve designed a data storage classification.

Class Data Public Data Encrypted Key Available Key Encrypted
5 Yes No N/A N/A
4 No No N/A N/A
3 No Yes Yes No
2 No Yes Yes Yes
1 No Yes No N/A
0 No N/A N/A N/A

Class 5 data is public data. Whereas Class 0 data is data that is never stored by us in any form at all (encrypted or not).

Class 4 is data that is not encrypted and stored by us.

Class 3 data is data that is encrypted and we have access to the encryption key.

Class 2 data is data that is encrypted and we have access to only the encrypted encryption keys.

Class 1 data is data that is encrypted and we do NOT have access to any kind of encryption keys.

2) Passwordless (almost) E2E Encryption

The way this works is by having each device push keys to the remote and if it’s a new device it requests the key ring w/ it’s public key. This public key is then downloaded to an already provisioned device which then will upload the encryption key ring for sites using the other’s public key.

This enables E2E encryption (almost). There’s a few things that make it almost but not fully E2E which is a fly in the soup. Because it’s technically possible for the server owner to pose as a new device within that operator’s network of devices, request the key and then get access to the internet browsing history.

This is because Gaya relies on abstracting computer complexity from the actual devices. Gaya should just work. Not leak out crypto details and shortcomings with current setup.

Some ideas in the future is have two devices ‘sing’ the password to each other musically thereby improving likely hood that they’re in the same area along with being on the same wifi network or such. There could also be a one way encryption setup in which the browsing history from the wanna be device is scrutinized by the other devices and if there are irregularities in terms of time and such then it would be denied access.

3) Keyring Management

Began starting my design of how the keyring should work along with how to access the keyring. This itself provides another massive hurtle that’ll need to be overcome.

Currently if a device is ‘bad’ then it can submit a false keyring and therefore cause other devices to loose access to a particular keyring. However the damage (if any) should be limited to just that device and not spread to the other devices. This requires a lot of thinking. Something that I’m obviously down to do!

Special Message:

I’ve hit the 200 hour mark. I’m extremely proud. It was a massive learning experience. Here are the main take aways:

  • I’m really good at abandoning ideas that don’t work. Looks like I give ideas more or less around 50 - 75 hours to work out before I abandon them.
  • I had way grandiose vision and was trying to start from multi data centre level and work down to the code instead of start from the code and work up to the data centre layer.
  • As we already know I’m really good at trying out ambitious ideas. SSL2 and it’s successor 2SSL was by far the biggest undertaking that I’ve ever attempted. Though it didn’t succeed because if issues by not having a clear separation of concerns. What it’s suppose to do versus what should be done above it along with file transportation ending in an extremely confusing mess.
  • Ultimately what brought it down was trying to make 2SSL do waay to much at the same time. With packet designs and choices that weren’t changed as security designs and concepts improved. Leading to odd redundancies and impossible scenarios.

Favourite entries in the last 100 hours

You'll only receive email when they publish something new.

More from Linkerd
All posts