Sarah Jamie Lewis's Activity Feed

Last night I was fortunate enough to see one of the most extraordinary, and beautiful, events I've ever seen.

We saw the first hints of it, a muted light in the east, towards the end of nautical twilight. As the sky darkened the band of light grew wider and more noticeable, eventually becoming a blur of magenta and whitish-green.

As the peak of astronomical twilight hit we were greeted to an astonishingly bright sky at zenith; the shape and awe it inspired conjured up images of angels breaching through the heavens.

I was surprised by both the sheer scale, and how dynamic it was. The colours were obviously more muted than the long exposures below, but nonetheless there - lighting up the sky and drowning out the stars.

A long exposure photography of the Aurora as seen from British Columbia, Canada. A large number of bright pink and green lights are seen emanating from a radiant point high in the sky. Some bright stars can be seen in the background.

We stared into the sky for hours, watching the storm remnants twist and turn' the colors boosting and fading.

One of the last images I took was the one below, and I'm very happy with how the image below came out. It shows the tip of Ursa Major/Big Dipper intersecting with the radiant point.

It was just as majestic when seen with the naked eye.

A long exposure of the aurora as seen from British Columbia, Canada. A bright pink light in the sky with streaks of green emanating from a radiant point. The big dipper/ursa major constellation can be seen on the right hand side with it's tip towards the radiant point.

Posted: by Sarah Jamie Lewis

I'm somewhat perplexed by the new SecureDrop protocol

Specifically: "The server is “untrusted” in the sense [it] learn[s] nothing about users & messages besides what is inherently observable from its pattern of requests, and it should not have access to sensitive metadata, or sender or receiver information"

Seems like a very weak definition of "untrusted", especially when two comparison techniques explicitly attempt to restrict knowledge derived from access patterns.

Further...doesn't the servers ability to produce arbitrary valid ciphertexts (not really forgeries as it's an explicit requirement) allow a range of active attacks against recipients?

I'm not entirely sure of the consequences there, but it seems incompatible with the optimized decrypt-fetch message id (as it allows the server to test and trigger).

Removing the optimization effectively brings you back to download-all and trial decryption (with server forgeries there becoming effectively noise)

The motivation for private server state is "there isn't enough traffic going through the system to provide a reasonable anonymity set to any observer so we want to minimize observers"

Which is reasonable, but then the server is explicitly not "untrusted" - it can perform all the same statistical effectively limit the adversary space to the server.

And if so (and you are unwilling to trust the server) then your risk model becomes that addressed by PIR or OMR.

But instead the protocol explicitly allows the server additional capabilities by granting it participation in generated receiver key material (and bloating the ideal communication cost)

Any optimization you make to reduce that cost grants the server additional information. Either making the server trusted in arbitrary ways or compromising one of the desired properties.

The protocol itself is interesting, involving the server in that way has that nice property of hiding valid ciphertexts from all other parties - I feel like I've seen a flow like it before, somewhere, but nothing immediate comes to mind.

I suspect you could probably hack in authentication into that flow somehow which could have useful applications.

But the protocol doesn't feel like it solves the problem? Or rather, the strengths of the protocol don't nicely map to desired properties.

Posted: by Sarah Jamie Lewis

I had a chance to sit down and read Tor: From the Dark Web to the Future of Privacy by Ben Collier

I highly recommend it. I think it captures the history beautifully and its a nice reminder of how these projects play out over decades.

It can be very easy to get caught up in the day-by-day/week-by-week rush/drama/critiques/effort and having a history like this puts that nicely in perspective.

Go read it.

Posted: by Sarah Jamie Lewis

A list of research/project ideas that I have no time to pursue fully, but which I would be very interested in helping out/mentoring. If any of these sound interesting then please reach out to me. I may also be able to help find funding for some of these.

1. File Metadata Removal - this is an area that I think needs additional reseach/experimentation. Existing solutions like exiftool and MAT/2 are great, but don't quite match the modern reality for when and how we would ideally like to integrate such processes into tooling (e.g. in a chat app file share flow) and I think suffer from a limited view of file metadata in light of the growing complexity and diversity of file types, and web based workflows - and how people realistically want to check/modify/remove metadata.

Further, we now have interesting approaches like Magica and other approaches that can perhaps be utilized to catch file types and metadata not strictly captured by a given tool.

Realistically I think there are like 4-5 distinct research projects here around UI/UX, requirements and expectations, and new technical work.

2. Reproducible Build Tool - I'd love to find someone interested in helping/expanding replqiate. I have some ideas about speeding it up further, pushing back the trust, and getting it to the point where it functions as a day-to-day build tool.

3. A better (mostly-static) source code repo/forge - One of my biggest sources of frustration right now is spam in source code repos: specifically issue spam, pull request spam - I think I delete at least 5-10 AI-generated nonsense a week. It's getting worse and the moderation tools to catch this are terrible. I would really like a mostly static git repo that also allows moderated public-issue creation and other nice features. I have a prototype but its been gathering dust.

4. Small Groups (multi)-Project Management - I work on a lot of projects where the primary team is small (either just me, or a small group of 2-4). I have used every project management tool under the sun and found none of them really fit the flow I want. A few notes:

- Kanban is great for restricting WIP but a tool that manages everything in terms of kanban/boards is terrible for managing longer term research

- I need a place to put papers/documents/artifacts that can be tied and referenced to active issues

- I'd like to be able to breakdown problems in addition to work. Capturing the problem structure is, to me, just as important as tracking the work needed to solve a particular instantiation of it

5+. While I am actively working on projects in the following areas, if any of them sound interesting please also get in touch:

- Decentralized Search

- Formal Requirements Specification

- Evolutionary Fuzzing

- Cwtch / Privacy Preserving Communication

Posted: by Sarah Jamie Lewis

I spent some time improving Saffron, a formal language I've been working on aimed at requirements elicitation and analysis.

Mainly I've been thinking about how to express common "patterns" in the underlying formalism e.g. "A message has a single author" can be expressed as infer WHERE m:Message a:Actor b:Author MATCH Author(m,a) THEN PROHIBIT Author(m,b).

One of my goals for this week is to document some of these patterns, and perhaps allow them to be expressed in a syntactic sugar e.g. the above is perhaps more nicely expressed as constrain WHERE m:Message a:Actor EXCLUSIVE Author(m,a)

(An even better syntactic sugar might be to allow the construction of meta-types that compile down to such relationships under the hood to allow a more programmer friendly representation e.g. struct Message := { Author Content } though I am less inclined towards that direction right now as it clutters the number of formalisms at the highest level.)

Posted: by Sarah Jamie Lewis

Hello World!

I've been thinking about where microblogging/blogging fits in my life.

I used to write a lot of Twitter threads, but since the implosion and my move to Mastodon I write far fewer than I used to. Part of this is the difference in platforms, part is my own changing priorities.

For a while I maintained a personal blog for longer term thoughts but I've found it clashes with how I want to organize my thoughts. I often update old articles, redraft papers, rewrite systems etc. and so a few months ago I started writing this website, in a text editor, with no overarching taxonomy or categorization.

However, this obviously comes with some downsides, which I'm now looking to address.

Inspired by Molly White, I've implemented this Activity Feed. A place for me to microblog, collect thoughts, post links, document website updates, new papers etc. all in one place, and in a format that I have a bit more control over.

I'll probably expand the little script I wrote to compile this, and publish it once it is in a less hacky state. But it already compiles to a feed, has tag categories, and is nicely integrated with the rest of my little static site.

There is no automated cross-posting, some of the stuff posted here will end up on Mastodon etc. but most will not. This is mostly for me, but if you would like to keep track of things I am working on, then this is the place.

Posted: by Sarah Jamie Lewis

Home » Activity Feed