Deployment and Database (Day 125)

Total hours: 243.650

Top two:

1) Authorization and Deployment Concept

This is very tricky but partially depends on not having a properly design threat scoping concept.

The idea is have access keys which are seperate from the account in the event of a compromised system nuke, and remove,

The problem though is it’s impossible to have a secure E2E encryption without a key being stored somewhere (like the persons brain or hardware key).

If it’s the first it’s adding the ‘just one more password fallacy’. If not then how is the password stored and derived?

In the event that the password is completely lost, how is it derived?????? What is the recovery mechanism?

I don’t know and requires rethinking.

2) Mac Firefox to database synchronization

Not started with fully, because the database, key-management and threat scope need to be reexamined.


You'll only receive email when they publish something new.

More from Gaya
All posts