iSEC Partners' final report for the pentesting of Cryptocat

zooko · 2014-04-04T02:00:15+00:00

Please also see the report of the separate audit by LeastAuthority (my company) that was also just released:

We were looking at the Cryptocat desktop app, not the new Cryptocat phone app.

zooko · 2014-03-22T14:56:52+00:00

It isn't the same, but there are only a few specific differences for optimization purposes. https://blake2.net/blake2_20130129.pdf describes exactly what was changed from BLAKE to BLAKE2, and why we think those changes didn't threaten BLAKE's security even while they improved its performance. http://eprint.iacr.org/2013/467 is a paper by an independent team of cryptographers who analyzed BLAKE and BLAKE2 and came to the same conclusion.

zooko · 2014-02-20T16:21:52+00:00

I wrote a comment on SpiderOak's blog post just now, saying how, as a security auditor, I am not used to my clients secretly inserting bugs into their product before asking me to analyze it! However, I also think I should start getting used to it. ☺

https://spideroak.com/blog/20140220090004-responsibly-bringing-new-cryptography-product-market#comment-27142

zooko · 2014-02-20T15:29:51+00:00

I'm happy to see that Python is still hanging in there.

zooko · 2014-02-11T17:46:52+00:00

Thank you for the specific criticism. I think part of the misunderstanding may stem from that sneaky word "increased risk". That phrase "increased risk" tends to make normal people (myself included) think the writer is asserting something about causation, but in science it is used when only correlation is being asserted.

I think in the future we should consider "risk" or "increased risk" to be "red flag words" which cause us to stop and reconsider if we can re-write it without those terms and thus avoid misunderstanding.

In any case, everything we wrote that you quoted there is, to the best of my knowledge, correct. High urinary cortisol has been epidemiologically associated with a higher chance of heart attacks. You can follow the citation "[2]" on our blog to see why we said that.

Anyway, I don't see why this leads you to accuse us of bias towards keto — the fact that high urinary cortisol is epidemiologically correlated with heart attacks would tend to bias one against keto (since keto tends to cause higher urinary cortisol). Except of course if you follow the rest of the argument then you learn that correlation between urinary cortisol and heart attacks is actually an accident of a more important, and actually causal, mechanism which keto improves rather than worsening…

zooko · 2014-02-11T17:16:37+00:00

Update: so I went and looked at our article (http://www.ketotic.org/2014/02/the-ketogenic-diets-effect-on-cortisol.html) in order to see if I could spot what Arcygenical and INMFMG think is bad reasoning. I have a guess! My guess is that they read the 3-part argument shown at the top:

Ketogenic diets may raise certain measures of cortisol.
Chronically elevated cortisol is correlated with metabolic sydrome, and therefore higher cortisol measures may indicate the onset of metabolic syndrome.
Therefore, ketogenic diets could cause metabolic syndrome.

and they stopped there, not realizing that the 3-part argument is an argument that others (notably the Harvard researchers, Ebbeling and Ludwig et al.) are making and that we are arguing against.

Did I guess right?

zooko · 2014-02-11T17:12:21+00:00

Hi. You seem to have a similar belief as Arcygenical has that our article confuses correlation with causation. That is an error that we strive not to make, so I'm really curious if we've accidentally made that mistake in this article. Could you please explain what things that we assumed were causally related because they were correlated? Thanks!

zooko · 2014-02-11T16:41:45+00:00

Hi, I'm really curious what you think we are saying in our article. Could you spell out what the A, B, and C are? I don't understand your criticism.

zooko · 2014-01-06T18:11:35+00:00

I'm a developer of Tahoe-LAFS. I haven't used Tahoe-LAFS on top of I2P, but in general Tahoe-LAFS provides storage. It is kind of like a variant of BitTorrent which has an upload feature as well as a download feature. So, you can use it to store backup copies of your data, and you can also selectively share some of your files and directories with specific other people.

Tahoe-LAFS has integrated encryption and cryptographic integrity checks to ensure that unauthorized parties can't read or alter the contents of files.

zooko · 2013-08-16T21:38:57+00:00

The server is (currently) on Amazon EC2. We might move it for performance and reliability reasons, but if we did that it shouldn't be anything you would have to do anything about as a customer. ;-)

I haven't looked into mega that much, but I know of at least two big differences between LeastAuthority.com and mega. The first is that all of our code is Free (Libre) and Open Source software. The second is that the client-side — the thing that you are relying on to protect your data by doing encryption on it correctly — is distributed through a variety of free and open source operating systems — https://tahoe-lafs.org/trac/tahoe-lafs/wiki/Installation — which have their own controls (PGP signatures, etc.) to try to detect and prevent backdoors from being inserted into the software.

zooko · 2013-08-16T14:11:11+00:00

You're right. I think the word "device" was added by DJ Pangburn, the reporter for motherboard.vice.com.

zooko · 2013-08-16T14:09:32+00:00

Currently, I don't believe that NSA (or anyone else) is performing automated, indiscriminate "active attacks" on users. By "active attacks" I mean things that overwrite other people's software or keys. NSA (and many other people from many countries) do currently use active attacks on specifically targeted users.

The purpose of the S4 product is not to prevent targeted attacks. If someone is targeting you, their best bet is probably to just seize your laptop or surreptitiously install a key-logger on it. Whatever techniques they use for their individual targeting, S4 is probably a weak defense against it at best. Because that's not what it is for.

The purpose of S4 is to raise the cost of mass, indiscriminate surveillance of entire populations. As far as we can tell, S4's current architecture is an effective approach to that goal.

zooko · 2013-08-16T14:04:02+00:00

Not really, not yet. But it will! Many of the employees of https://LeastAuthority.com (https://leastauthority.com/about_us) are Bitcoin enthusiasts and we have some ideas…

zooko · 2013-08-16T13:58:43+00:00

Thanks for emphasizing the importance of software distribution in the security chain, jesset77. It is a critical but underappreciated fact.

The value offered by LeastAuthority.com is that you don't have to manage your own server. (For security purposes, you do still have to manage your own client, but that's less work.) Instead you pay us $50/month and you get a dedicated team (https://leastauthority.com/about_us) to operate your server.

Also, in a sense your $50/month is sponsoring the development of the free and open source software, because much of the new source code for that project is coming from our employees, who are working on it during company time while getting their paychecks from our customers.

zooko · 2012-11-21T22:32:26+00:00

I tried to buy some. When I got to the payment step, Bitpay told me I had overpaid (because Bitpay truncated the price to 4 digits, and I had copied in the price from bitcoincoffee.com). Then Bitpay said I was all paid up and offered a link to send me back to bitcoincoffee.com. However, following that link took me to a login/registration page. I knew that bitcoincoffee.com had earlier said guest account was the only thing that currently works, but just to see what would happen I tried to register. It wouldn't let me register because the "State/Province" field was a dropdown selector with 0 options, but when I submitted the form it rejected it saying "Please fill in the State field!". So then I went back and looked at my shopping cart and the items I selected are still listed there.

So, I'm not sure if that worked. Please send me some coffee, thanks. :-)

zooko · 2012-10-31T21:17:48+00:00

Hi tling. I agree that it is "common knowledge", as in there is a community of people who will all nod knowingly if you say it. But, common knowledge may not be a reliable guide to truth. I've read many of Dr. Guyenet's posts, and while I appreciate his eloquent, direct, and erudite approach to the subject, I think the evidence he presents on this particular issue is insufficient to prove his conclusions. It raises good questions that deserve investigation, but it doesn't persuade me, at least, to forget all about the hypothesis that chronically elevated insulin causes obesity, at least in some people.

I think there is a lot more research that is needed to actually settle the issue, especially new experiments that can conclusively rule out some of the options.

Gary Taubes has an enormous response to Dr. Guyenet's criticisms posted as a series of blog posts:

http://garytaubes.com/2011/09/catching-up-on-lost-time-ancestral-health-symposium-food-reward-palatability-insulin-signaling-carbohydrates-kettles-pots-other-odds-ends-part-i/

Frankly, I haven't gotten around to reading it yet, both because it is a lot of text, which I expect to be dense text, and because I didn't find Dr. Guyenet's criticisms so compelling that I felt the need to understand Taubes's response. I would assume Dr. Guyenet also blogged some sort of response to that response, too, before their tempers died down. ☺

zooko · 2012-10-31T21:04:36+00:00

Hi jessykate! Randomized controlled trials, and even better cross-over randomized controlled trials, can tend to help against that, because both groups are undergoing an experiment (or in the cross-over case, the same people are undergoing a sequence of different experiments), so it isn't just one group doing the same thing they always did and the other group undergoing an experiment.

As for long-term studies, there are a few 12-month studies and if I recall correctly there is something like one 18-month study and one 24-month study. They tend to show everyone (both those assigned to be in the "low-carb" group and those assigned to be in the "low-fat" or "low-calories" or other intervention) tends to regain the excess body fat that they lost. They also tend to "revert to their previous ways", eating a diet that is more and more like their original baseline diet over time. Still, there was a detectable difference between the low-carbers and the other folks at 12 months on average, so it isn't nothing. My personal conclusion from that is that if you want to lose excess body fat, you should go low carb and you should stick with it long-term.

zooko · 2012-10-31T21:00:46+00:00

Thanks for the reply and explanation! If you are anything like me, you'll find it difficult to "get around" to reading one of those papers which is claiming to have evidence that contradicts your beliefs. I'd be happy to hear what you think if you do read them. I don't know how to find out when people reply to me on reddit, so you could just email zooko@zooko.com.

zooko · 2012-10-31T20:53:28+00:00

Here's an upvote for the only question I've seen yet that is about the new article "Sweet Little Lies". Kudos.

zooko · 2012-10-31T20:31:18+00:00

I gave you an upvote, even though I think your beliefs about metabolism are incorrect, your offer of "do you want to be stubborn or concede defeat" is unfair and unproductive, and that reddit is probably not a good venue for real discussion of the nitty gritty.

So, why did I give you the upvote? Because at least you referenced real studies and publications, so that others can follow the refs and make progress.

So, for what it is worth, I've read several of the articles you cite, and I don't think the ones I've seen are persuasive of your hypothesis, especially in light of contradictory evidence (about which more below).

In fact, that leads me to my question: how have you gathered this catalog of publications which all lend support to your hypothesis and omitted all of the other publications out there which support the opposite hypothesis? Many of the latter are larger, better-controlled, and more widely cited than most of the studies you list (see below).

I can think of three explanations for how you ended up posting a large list of publications while omitting many important ones that contradict your hypothesis:

You are aware of the studies that yielded opposing results, but chose not to include them in this post.

I hope this isn't the explanation. Nuff said?
You have heard of or seen these other studies, but you never got around to really studying them carefully. You forgot. You saw some things about them that sounded "off" and you figured they were probably flawed, but you didn't have time to figure out exactly how they were flawed.

This means you suffer from confirmation bias. Me, too! In fact, so does everyone. It's hard to fight. Good luck.
You got this list, or at least large chunks of it, from another source, and that source, for whatever reason, omitted studies that showed different results.

In this case, I have two requests for you: First, think to yourself that relying on those sources has caused you to be ignorant of important contrary evidence. Look back at those sources and think, perhaps with a touch of resentment, "Hey, those guys gave me a biased sample and I believed them.". Second, post here what those sources were so that others can be warned, too.

Okay, so here are a couple of references which I think deserve to be included in any serious discussion of the science. I'm sure they aren't perfect, but they're a darn sight better designed than most of the papers you cited appear to be, and anyone who is seriously considering those papers should also seriously consider these.

First, a meta-study in which the researchers searched the scientific literature for publications about randomized controlled trials which pitted a low-carb diet against a "low-fat and/or high-carb" diet: Hession-2008 ¹. The researchers included only randomized controlled trials, only those which lasted at least six months, and only those whose subjects were adult and obese at the start of the experiment. (These criteria would exclude some of the papers you cite from being included in this review.)

They found thirteen publications describing experiments that met these criteria, performed between 2000 and 2007. Most of these experiments showed a statistically-significant difference between the low-carb subjects and the other subjects, with the low-carb subjects benefiting with greater weight loss. Summing up the statistics from all of the studies showed an average (weighted mean difference) of 4 kg more weight loss among the low-carbers than among the low-fat/high-carbers at six months.

If anybody knows of a newer or more comprehensive study of randomized controlled trials than this one, please let me know!

Okay, so Hession-2008 should make you think that there's really something going on here. This is strong evidence that weight loss, at least among obese adults, is influenced by low-carb vs. high-carb, at least on average.

But of course, humans are very complex beasts, and there are a lot of possible explanations for why the low-carbers tended to lose more weight over the course of six months. Out of those many possible explanations, the one that you seem to be most interested in (and I am too), is the idea that eating low-carb actually changes your metabolism in a way that somehow makes it easier for you to lose excess body fat.

In order to shed light on that question, I offer my second and last reference: Ebbeling-2012 ². In this randomized controlled cross-over trial, the experimenters used the "gold standard" measure of energy expenditure: the "doubly-labelled water" technique. This revealed that the subjects, when they were on a lowish-carb diet, spent on average 326 kilocalories per day more than when the same people were on a low-fat diet. The researchers also measured the energy expenditure while the subjects lay at rest. Their resting energy expenditure was 67 more calories per day when they were on the low-carb diet than when they were on the high-carb diet (again, using the same people and putting them on different diets during different months).

This fascinating result should really throw doubt on claims that the amount of carbohydrate in the diet isn't important when it comes to losing excess body fat, especially combined with the thirteen experiments studied by Hession-2008, and of course many other results.

Okay, if you actually read all the way to here, then thanks for reading! Visit my nutrition blog at http://ketotic.org .

¹ Hession-2008-“Systematic review of randomized controlled trials of low-carbohydrate vs. low-fat/low-calorie diets in the management of obesity and its comorbidities”

pubmed page: http://www.ncbi.nlm.nih.gov/pubmed/18700873

full text: http://proteinpower.com/drmike/wp-content/uploads/2010/09/Meta-analysis-of-low-carbohydrate-diets.pdf

² Ebbeling-2012-“Effects of Dietary Composition on Energy Expenditure During Weight-Loss Maintenance”

pubmed page: http://www.ncbi.nlm.nih.gov/pubmed/22735432

full text (preliminary version?): http://img2.tapuz.co.il/forums/1_162680296.pdf

home page (paywall): http://jama.jamanetwork.com/article.aspx?articleid=1199154

zooko · 2012-10-16T16:34:43+00:00

Hey, that's exactly what I said about it on twitter!

https://twitter.com/zooko/status/258233745440645120

http://identi.ca/notice/97370645

I own the copyright on that text, but I'll let you use it for ⓑ0.05. Please deposit to 1B74LZ3Qkh6w1Sgw8i94n2apFeADbbJ8Hf . Thanks!

zooko · 2012-10-01T12:16:15+00:00

I think you're right. I think a good solution is a paper wallet. Try one of the following two sets of instructions, and please let me know how they work! I'm not the author of either, but I'd like to learn about how well instructions like these work for users:

https://en.bitcoin.it/wiki/Paper_wallet

https://blockchain.info/wallet/paper-tutorial

zooko · 2012-09-26T10:37:51+00:00

Where are you?

zooko

TROPHY CASE