I saw this tiktok where this guy was talking about how he’d get his hands on real social security numbers… this was a clip from a whole story he told about some criminal shit, I was too distracted by my thoughts on how to fix the exploits he used.

Block chains and cryptographic signatures would solve basically every one of his exploits. But regardless of the myriad of reasons as to why we won’t adopt cryptography into American laws and bureaucracy, imagine if we did do everything involving government and policy in a cryptographically secure environment.

Imagine if everyone who is born gets assigned a gpg secret key signed by the government and that is your government ID for everything from opening a bank account to paying your taxes to claiming benefits. IMPO I think this is a perfect solution (iif you ignore the human element).

So my question is why wouldn’t it be perfect, and what kind of exploits could bad actors use in a cryptographic bureaucracy?

  • rufus@discuss.tchncs.de
    link
    fedilink
    arrow-up
    2
    ·
    edit-2
    5 months ago

    Well if they properly embraced it, you wouldn’t get one PGP key implanted at birth. I mean if that private key ever leaks, you’re screwed for the rest of your life. And the blockchain has sever shortcomings, too. It’s not anonymous, everyone can see every transaction and it’s not fast enough for lots of applications.

    It’d need to be implemented properly. And most importantly include privacy. You can’t just expose millions of people to every attacker. And please think of the not obvious cases… How someone operate it who’s in the hospital and unconscious… What if you lost your phone… How can you keep secrets from your (abusive) partner… What about separation of state and private companies… How to prevent a scifi dystopia…

    I think if like a few hundred millions of people are subject to it, it needs to be done properly. And I think that’d be possible if the government payed some experts to come up with a really good solution.

    Keys need to have sub-keys, IDs be randomized, there needs to be some human in the loop in case something goes wrong. Attestation and not just giving out everything to every company…

    • shortwavesurfer
      link
      fedilink
      English
      arrow-up
      2
      ·
      5 months ago

      Not every blockchain is fully transparent, but I agree that most are.

      • rufus@discuss.tchncs.de
        link
        fedilink
        arrow-up
        1
        ·
        5 months ago

        Sure. I took “the blockchain” to mean bitcoin. It certainly depends on the implemetation. And on the use-case. In recent years people have put blockchain into everything. But that’s not useful either. There are different kinds of blockchain, some more or less useful to certain tasks. And there are applications where blockchains aren’t useful at all. so generally it depends on the specific problem we’re trying to solve.