Privacy, simply explained
Are privacy intrusions just a luxury problem or trivial offences? Or is privacy the most important protection against ever increasing blackmail and discrimination by authorities and companies?
Stefan Maric’s scientific research at the Lucerne University of Applied Sciences and Arts is based, among other things, on publications by Professor Emeritus Gary T. Marx from MIT. The focus is on seven identifying features of privacy: from names, to locations, to skills. The disclosure or storage of such features leads to privacy breaches.
Trust in central offices online?
As soon as identifying data is stored at central network locations, privacy just cannot be protected. This insight is simple rule number one. Whether actors that have access to storage locations (e.g. the state or a company) uses or misuses the data itself, or whether the data is passed on (voluntarily for the purpose of “improving the world” or involuntarily by theft): control over data can no longer guaranteed and privacy is gone.
First step towards the solution: encryption
The starting point: encryption – as offered by common browsers (Firefox, Chrome, IE, Safari etc.) and proprietary end devices and applications (iPhone, Apple Store, Google, Amazon, “eBanking”, Facebook, WhatsApp etc.) – is infiltrated and not trustworthy.
In most cases it is also only so-called “transport encryption”. This only means that hobby hackers cannot decrypt or modify the data during the transport between user and server. However, confidentiality does not apply to more powerful network users: public authorities as well as technology or telecom companies can easily corrupt central encryption mechanisms.
Therefore: correct encryption is only possible if the complete encryption takes place in your own controlled space without relying on foreign non-transparent components. That sounds complicated? But thanks to DIVA.EXCHANGE it is not.
Second step towards the solution: divide and conquer
Data sets reveal context and the common place is true: knowledge is power. The solution is therefore obvious. Users should distribute encrypted data in fragmented form and thus always maintain control. Isn’t that terribly complicated? DIVA.EXCHANGE has an in-built solution: no identifying data leaves your private space (e.g. your own computer, your own mobile phone) and only transaction data is stored publicly (on the Iroha Blockchain). Only the user can link the identifying data with the transaction data and therefore privacy is preserved.
A look behind the scenes
None of the solutions mentioned make sense, if any access point to the network has been infiltrated. Access points to the network in Switzerland are usually telecom providers (e.g. UPC, Sunrise, Swisscom, waterworks etc.) with the corresponding hardware (e.g. router from Huawei). If these access points are corrupted, the users of DIVA.EXCHANGE are identifiable and can be discriminated against or spied on within the network. To prevent this from happening, DIVA.EXCHANGE uses the open source solution “I2P”: an encrypted network within the public network. This is still often called “darknet”. But exactly this protects every participant from abuse and discrimination.
Stefan Maric has investigated different encrypted networks in his academic research. In particular, the technologies “Tor” and “I2P” were compared in detail. For the field of application of DIVA.EXCHANGE – free banking technology for all – “I2P” is the best choice from a scientific point of view.
The DIVA.EXCHANGE project on Codeberg: https://codeberg.org/diva.exchange
Research project, comparison Tor/I2P (in German), page 28-30: https://www.diva.exchange/de/forschung
I2P documentation (English): https://i2pd.readthedocs.io/en/latest/
Gary T. Marx, Identity and Anonymity (English): https://web.mit.edu/gtmarx/www/identity.html