Profile cover photo
Profile photo
Phillip Hallam-Baker

Thinking of moving back to G+ from FB.

Who won the election on this channel? Trump won on FB, if its different here, that would clinch it.
Add a comment...

Post has attachment
Another example of the idiocy of G+ auto animation.

I was just taking a photo of the model number so I didn't have to pull the TV out.
Animated Photo
Add a comment...

Post has shared content
Very interesting. If this makes it easy to run Linux code, it will make cross platform so much easier

Especially if you use Visual Studio
Add a comment...

Post has attachment
Add a comment...

Post has attachment
Add a comment...

Post has attachment
The Mathematical Mesh is an infrastructure designed to make the Web easy to use securely.

Modern cryptography allows us to protect information in almost any fashion that can be described precisely. But until now most security applications have been built for the 'enterprise' market where ease of use is a very low priority for most software providers because the person who has to use the system is very rarely the person who signs the check to buy it.

Cryptography does not have to be difficult to use. In fact, using the Mathematical Mesh actually makes computers easier to use. One of the problems that we had to solve in the Mesh was how to encrypt data in a way that the user had access to it on every device they owned but nobody else did. This means that the cryptographic configuration data (the secret keys) has to be synchronized across all the devices. Having built a system that can do that, we can synchronize any type of configuration data, passwords, bookmarks, email server settings, VPN configuration, SSH keys.

The biggest headache in administering computers today is the difficulty of managing a disparate collection of devices from different manufacturers, bought at different times with different software installed. Apple, Microsoft and Google all have an answer to this (of course!) just standardize on their platform and throw away any device when it gets too old. Even if that was an acceptable solution for computers, it isn't going to work as the 'Internet of Things' picks up steam.

The first public release of the proof of concept build is now available from Sourceforge. This is the set of tools I am using to make a set of demonstration videos and podcasts explaining the Mesh in detail. At this point, the code isn't ready for production use but it is complete enough to perform real tasks.

What I need to do right now is to show that this approach is practical and that it is useful. And to do that I am going to show how it can be used to activate the email encryption system that has been shipping with Windows and supported by all the leading vendors for 15 years now. As in the Wizard of Oz, we had the security solution all along, people just didn't know it was there or how to use it.

This email encryption mechanism is called S/MIME and it is based on an open standard that is published by the IETF. You may have heard about OpenPGP which is another email security standard which we hope to support in the near future. In principle the Mesh can be applied to pretty much any application that uses cryptography. The reason for choosing S/MIME is that it is the email security standard that is widely used in the US government for classified information.

Development of the Mesh was funded by my employer, Comodo Group Inc. who have allowed me to release the code under an MIT open source license.
Add a comment...

Post has attachment

So I discovered that C# already has futures, which figures. They are just done in a way that doesn't seem very C#-ish.

Spent some time playing with lambdas and I am really not seeing the point. LINQ uses them extensively as they are much nicer than the SQL like SELECT syntax but that is hardly a low bar, beating yourself over the head with a claw hammer meets that criteria as well.

Sure, it is marginally nicer to write 

x = Y (A,  w => w^3) 

x = Y (A, cube)
public long cube (int w) { return w^3; }

But even though I did the functional programming thing back in the day, it never struck me as vastly different to, let alone superior to declarative.
Add a comment...


Visual studio seems to have managed to work out enough of the syntax of the language I am using to be able to offer autocomplete.

Which is quite odd when I am probably the only person using the language and there has only been a synthesizer for it for a couple of months.

And even odder given that I really, really hate autocomplete. If work is that redundant, people should fix the language, not the editor. That is why I use tools like Goedel in the first place.
Add a comment...

Today I made a major change to the architecture of the Mesh. There are now two separate persistence logs with different data in each. This makes it possible to offer better privacy and anti-rollback guarantees.

The Mesh itself remains the medium through which public key information is exchanged. Any data that the user adds to their profile will be published to the Mesh within some time interval, currently shooting for 24 hours but eventually an hour. Once the data is in the mesh, the changes are permanent and can't be rolled back without anyone noticing unless every mesh node colludes in a permanent MitM attack on an unknown set of observers.

To access the Mesh, every user has to go through a portal at which they have an account. So to use the mesh a user has to have a mesh profile and an account on at lest one portal. But the mapping isn't one to one. A user can have more than one account for a given profile at a particular portal and the profile can be enrolled in more than one portal.

This separation allows me to remove all the accounts needed for users to administer their Mesh profiles from the Mesh itself. So all that an observer of the Mesh now sees is a series of pseudo-anonymous blobs of data. The only data that might tie them to particular individuals is lodged at the portals. It is not possible for an observer to know which portal(s) a given profile is enrolled at. 

So for example, lets say I enroll my profile in the CryptoMesh through the PRISMProof and SNOWDENProof portals. Both portals perform integrity checks to verify that there is nothing 'odd' happening to any profile that is enrolled in an account at that portal. If PRISMProof defects, SNOWEDENProof spots the defection and vice versa. Since PRISMProof is not aware that there is a multiple enrollment or how many enrollments there are, they are accountable regardless.
Add a comment...
Wait while more posts are being loaded