Blog

We’re upgrading Magic Wormhole to Magic Wormhole for All

The Problem Sending a file from one computer to another is common and should be simple, but it can be surprisingly complicated, even in 2020. This simple-yet-complicated user story is illustrated in xkcd comic #949. How should you send a file from your computer to someone else’s computer? What security and privacy concerns should be

Read More »

Using ZKAPs to Disconnect Payment Data from Service Data

A note from the team: we’re continually looking for possible applications of ZKAPs in a variety of scenarios. If there is a product or project you’re working on that you would like to test ZKAPs with, don’t hesitate to get in touch! Last month, our team, the Least Authoritarians, gave two presentations on ZKAPs—zero-knowledge access

Read More »

Our Audit of Ethereum Foundation’s Node Discovery Protocol

This summer, Least Authority was hired to audit the Ethereum 2.0 node discovery protocol. We enjoyed diving into the protocol, and found some issues that were really interesting to model and test. Read the full report here.  Proof of Identity The audit went smoothly and we were able to quickly grok the protocol the Ethereum

Read More »

Announcing the release of Gridsync 0.4.0: the latest version of our graphical user interface for Tahoe-LAFS/S4

We’re excited to announce that we have rolled out Gridsync 0.4.0 — the latest version of our graphical user interface for Tahoe-LAFS/S4. This release contains a number of new features, improvements, and bug-fixes and is a recommended upgrade for all customers of our Simple Secure Storage Service (S4). Among the latest changes include: Tor integration. Gridsync now offers

Read More »

Why We Need Client-Side Encryption?

Already in 2017, there has been an inordinate number of cybersecurity meltdowns. This complex and constantly evolving range of security threats lead many of us to wonder how we can best protect our data from theft or loss. Many cloud providers advertise their use of end-to-end encryption for security. However, some of the important data breaches in the past have demonstrated that end-to-end encryption may not be enough. What is end-to-end encryption? End to end encryption is a method of…

Read More »

Debunking the “Nothing-to-Hide” Rhetoric

Anamika Ved on May 17, 2017 A few months ago, Least Authority ran user-testing sessions to get a sense of what our potential users think about our products – S4, our current Amazon S3 based application of Tahoe-LAFS and Gridsync, our forthcoming graphical user interface for S4 and Tahoe-LAFS. In addition to getting valuable feedback, it was interesting to

Read More »

BLAKE2: “Harder, Better, Faster, Stronger” Than MD5

Zooko Wilcox-O’Hearn on March 21, 2014 Best read while listening to Daft Punk: Harder, Better, Faster, Stronger Why use BLAKE2 instead of Skein, Keccak (SHA-3), MD5, or SHA-1 as a secure hash function? BLAKE was the best-rated hash function in the SHA-3 competition NIST, in the final report of the SHA-3 competition, said this about the finalists (which included BLAKE,

Read More »