hp
toc

It’s the clients that betray you.

2023-08-05, post № 276

software-design, #text-editor, #e-mail, #chain-of-trust, #web, #digital-politics

One of the saddest realisations I have come across while exploring the web on its protocol level over the past few years is how the majority of mineable data only crosses the wire due to compliance on the victim’s end: there is no ‘singular stateful backend’ that tracks; it is an oligarchic network of machines constantly fed back this state. Referer:, Cookie:, User-Agent:, client hints and from unfuzzed headers extractables as well as foreign-controlled scripts with a plethora of probes are all solely client-powered.
Techniques employing stochastics powered by the bits of leftover bits such as not explicitly client-informative headers, traffic correlation and profiling based on underlying IP properties is most likely still powerful enough to warrant hardening, yet undoubtedly the bulk is provided by clients.

This begs the question why so many clients are not subordinate to their users but a trojan window into a foreign-controlled service.

Yet this fight I leave to more politically-inclined folks such as the IETF, the Tor Project, Brave Software, the FreeBSD Foundation and what is left of the FSF, GNU and Mozilla to name a few. I wish them the very best but do not expect to be alive to witness their certain (!) victory.

Leaving aside the morally still inexplicit principals of data collection, what troubles me is another kind of clients’ breach of trust: forwarding unsanitised content heedlessly imbued by the client with the trust its user allotted it.

Most prominently, it is the above described carelessness that allows phishing attacks: IDN homograph attacks (colloquially called typosquatting), crafting e-mail address display names and declaring MIME types in particular all are enabled by clients passing unsanitised information along.

Furthermore, this behaviour of clients not only aids criminals but manifests itself in more mundane ways: text editors inventing a final newline or ‘intelligently’ handling whitespace, shells straying away from auto-completing $PWD’s contents to guessing suitable arguments and operating systems automatically upgrade-borking themselves.

Too many pieces of software have forgotten to serve as tools and instead morphed into foreign-manipulatable and unforseeably-inventive thus evermore useless agents.

It is this status quo I aspire to remedy in two niches: firstly a minimal vim clone that is still very early in development which strives to show the true bytes on disk in an editable manner and secondly the non-TUI CLI-based e-mail client brief that both provides a trust barrier (by e. g. employing homograph hardening and strong coupling between e-mail addresses and known display names) and lets one connect to one representation of the message that will go out on the wire on a byte level.

Else where is the point in using these machines?

Jonathan Frech's blog; built 2024/08/31 22:59:44 CEST