Gregory's Server@J12t @DTinitiative Hmm. Everything we work with assumes the user has to authenticate with source and destination to process the transfer (see, e.g., https://dtinit.org/blog/2024/01/16/threat-model-pt-one and we have another piece in this series coming out Tuesday). I don't see any intermediary replicating the user sign-in function, so I don't think that this is any more risky in the direct transfer context than in a data download scenario?
|
3 comments
 @J12t @DTinitiative Yeah - and one could also imagine "and authorize Gilead social to receive continuous and realtime updates from all your existing social services" as another requirement, I see what you're saying. Of course it's a hypothetical (for now), and there are ways to mitigate the risk, but I get it! |
@mchris @DTinitiative The scenario I have in mind is: "Welcome to the Republic of Gilead. You must use Gilead social networking services while in Gilead. Log in and transfer, then we will let you continue your travel."
It's scarier than "log into Facebook and let the border control guy look at my posts". Maybe it is similarly scary as "download all your data to this disk" but the latter would require Gilead to actually write some software to process the data and integrate w Gilead social.