Private Cyberspace can take advantage of the abundant compute provide by Citizen Synergy to fight cybercrime - every owner is now a cybersecurity operative.
1. Single Vendor Problems
When a single organisation has control of all your data, it does not matter how much it claims it has done to protect your privacy and security (e.g. uses open sourced software, does not keep logs on servers etc.).
Take the Signal service as an example, which is endorsed by Edward Snowden and Elon Musk:
- it needs a PHONE NUMBER from you (which can be used to not just identify you but also everyone you called or called you).
- by using Apple and Google PUSH NOTIFICATIONS, it is basically sharing your metadata with Apple or Google.
- by being distributed on Apple and Google app stores, its user identity and its software integrity are exposed to Apple and Google .
- it is centralised, the outage shows that it is in the middle relaying and has ability to deny ALL CALLS.
We are talking about ONE party getting ALL the phone numbers, ALL the times of call connection, ALL IP addresses of ALL its users worldwide (as well as leaking metadata to Apple and Google).
- Even if you can trust the ideas behind Signal, can you trust the directors of Signal always behaving properly forever in the future?
- Even if you can trust the directors of Signal, can you trust every staff of Signal always behaving properly forever in the future?
- Even if you can trust the staff of Signal, can you trust that the honest actions are so perfectly executed that your information is not leaked?
- Even if you can trust that your information will not be leaked accidently, can you trust that the there are no malicious actors coming in and stealing them?
Signal is just an example, these trust problems apply to ANY centralised service that claims to protect "privacy" e.g. your favourite VPN Service or Bitcoin Mixer. And if they ask for payment, which any proper service should, then you just created another attack vector into your identity.
The problem does not only apply to niche small companies that aggregates data, what about the biggest Single Vendor there is, Apple ?
Has Apple ever inform you or asked for your permission before starting to use your phone, your internet bandwidth, your battery power, your person location to help them sell more Air Tags ?
2. Device Problems
The trust problems above also apply to all devices which are connected to the internet from cameras to teddy bears and of course mobile phones.
1.1.3. Phone Problems
Whether it is remote servers in the cloud or the mobile phone in your hand, centralising data on devices that you have little control is dangerous. From iOS hacks to Android vulnerabilities to methods leaked in Vault 7 the data centralised on the mobile platform are too valuable to be left alone.
1.1.4. Large Target Problems
Large centralised databases (storing your location, contacts etc.) become very high value targets, look at the massive leaks at Facebook which just happened AGAIN after the problem was supposed to have been fixed after the last leak.
1.1.4. Distributes Risk
Citizen Computing has been designed assuming that Nodes will get hacked, that Nodes will be lost, that Nodes will be located with people who turned "bad" etc., so by cutting up an Application into as many Nodes as possible. More importantly you can change the number of Nodes, for some Applications you might want additional Nodes to be extra safe.
There are separations between Zones (e.g. Personal, Fiduciary, Community etc.), there are separations between functions (e.g. Identification, Collection, Distribution, Notification etc.), there are separations based on time (e.g. maximum one day's data), there are separations of networking, processing, storage and the physical location site itself (so they can all keep an eye on each other).
The less amount of data a Node holds, the less data there is to be stolen if that node got hacked and the easier it is to recover if that Node got damaged.
The more Nodes you have, the less damage can be done by one and the more they can check on each other.
1.1.5. Scalable Safety
Citizen Computing lets you specify which Node to use for which Module, so for some Modules you might like to use Nodes from people you actually know and located in places you have actually visited.
7. Universal Encryption
With Citizen Computing everything is encrypted whenever possible, double or even triple in most cases.
8. Aliases Encouraged
People need to behave differently in front of different groups of people, you need them to know different things about you.
Getting everyone you know on the SAME "social" platform to see one view of you or timeline of yours just does NOT make sense!
For different situations, Citizen Computing allows you to disclose different and just enough information about yourself under each identity, leaving out the rest of the data for privacy and profit.
9. Independent Monitoring
Citizen Computing has basic security rules which prevent you doing dangerous things in general (e.g. uploading unencrypted data to Nodes outside of your Personal Zone, blocking known bad IP addresses etc.) all of which you can of course turn off.
A fundamental problem with Cloud security that is impossible to fix is the lack of physical security
Protection get A LOT easier if you don't have to protect your data physically - from the owner of the computer it is on or from the owner of the room it is in - from the Cloud Platforms.
fact that you are putting your data on their computers without encryption
Cybercrimes are causing substantial damages to many individuals and organisations EVERYDAY.
Private Cyberspace mitigates System and Human Vulnerabilities by enabling citizens to block transactions INDEPENDENTLY with their own Private Cyberspaces.
It brings together the compute and data from millions of citizen devices to verify transactions even before illegitimate transactions reach affected systems.
Fix Hardware Secured VM
Cloud Platforms have started to introduce Virtual Machines (VMs) secured by hardware, giving the impression that your data is secure with them.
Google promotes its Confidential Computing services confidently but the AMD SEV technology it is based on has been shown to be insecure:
Microsoft's Confidential Computing based on Intel SGX does not flair much better:
Despite the impressive sounding concept of using hardware for protection, dynamic and complex systems are always going to have weaknesses, Private Cyberspace complements Hardware Secured VMs with an independent Citizen driven Security layer.