semisol's avatar
semisol
semisol@nostr.land
npub12262...grkj
👨‍💻 software developer 📨 nostr.land relay all opinions are my own.
semisol's avatar
semisol 1 month ago
What about “chained events” improves anything compared to “check all my relays first, update after?” Why would you offload *your* responsibility to a relay? Both of them rely on your relays to detect any issues. However, check-before-write prevents damage before it occurs, while chained events only prevent damage after. That means the app has to sign more events to reconcile instead of doing it right just from the start. If the app discovers a really old version that diverged, it can’t do anything either except to discard it. Compared to chained events, just being competent and reading the event before you write alleviates the problems with losing your list.
semisol's avatar
semisol 1 month ago
"More replicas" is not the solution to scaling relays
semisol's avatar
semisol 1 month ago
Maple still has not addressed the problem that their product’s “encrypted blobs” CAN be decrypted outside the TEE. While it is decrypted only in the TEE *during normal operation*, MapleAI can be easily compelled to decrypt the blobs for law enforcement. This can be done without any technical barriers or challenges. The root key that is used to protect all data of the enclave is *outside the enclave*, in AWS KMS. View quoted note →
semisol's avatar
semisol 1 month ago
Okay, I managed to find the source code, which was in an awfully named repository on Github called “OpenSecretCloud/opensecret” The bad news: - conversation contents are encrypted. Good. - the encryption key for conversations is derived from an encrypted user key - this is protected by the enclave secret, which is a fixed secret. - this key is encrypted by a key in by AWS KMS 🤦 Anyone with the encrypted secret and a single second of access to AWS KMS can get the raw secret. This includes employees with IAM management access to push new builds From there, you can decrypt any user’s conversations that were encrypted with this key, back to the last key rotation and until the next key rotation happens. (Which seems that there is no implementation of) A supply chain attack on a dependency of the backend or a malicious build pushed out by a privileged employee can also extract this secret. The enclave also calls out to a lot of remote services, which could indicate that there is little-to-no firewalling to prevent exfiltration. Even then, many used APIs like the GitHub API can be used to exfiltrate data. View quoted note →
semisol's avatar
semisol 1 month ago
Maple AI is a funny product. They claim it’s private and protected by TEE but the code running inside the TEE is closed source so you don’t know what it actually does. And they can push updates whenever, including one that exfiltrates your data. I asked them 2 times and got answers 0 times how it was verifiable. Anyway it looks like they outsourced all their inference anyway to