Developing a "Ulysses Contract" for protecting Covenant Eyes from Self-sabotage

  • 1
  • Question
  • Updated 1 month ago
I've been a computer security researcher for nearly 6 years now. I've always loved(and hated) computers since I was young. Is there any discussion space, or recommendations for people with a high level of expertise in the computer realm for protecting Covenant Eyes (CE) on their devices?

In another post, we discussed how CE is "consensual" software. For me, 95% of the time, this is true, and during these times, I want CE to last through the storms of the 5% of the time when I would like to see CE burn. It's confusing, yes.

The imagery is that of Ulysses and the Sirens. The Siren song will make me mad. I'd like to be tied to the mast during this time, then have any sort of freedom which will probably mean my demise.

Sure, I can develop a "Ulysses Contract" myself, but would rather see what has already been made if it already exists.

Cheers!

PS I appreciate CE so much! Sure, it's not perfect, and it certainly doesn't heal my heart, but it buys valuable time to come back to reality.
Photo of Luke Jones

Luke Jones

  • 9 Posts
  • 1 Reply Like
  • optimistic

Posted 3 months ago

  • 1
Photo of Mark Donovan

Mark Donovan, Quality Assurance Analyst

  • 51 Posts
  • 4 Reply Likes
Hey Luke,

I think it was my post you saw on the other forum thread that led you to start this one. I've pinged our customer service team on their thoughts on that situation, and what we're able to do for you. They're a little backed up at the moment (the "back to school" situation has them rather busy), but they should get to you before the end of the week, I think.
Photo of Luke Jones

Luke Jones

  • 9 Posts
  • 1 Reply Like
Mark, yes your comment is what I was referencing.

Thanks, I appreciate the lateral communication!

To put it more plainly, I was just wondering if there was any "Best Practices for Protecting Covenant Eyes from Myself" But even such a document would raise this fundamental problem of the "dual-use" nature of information (esp. on the Internet). Dual-use is a term applied to research done by government contractors. Many times the government will let you publish information to the world, as long as it can only be used for good and not for "evil". The problem in talking about how to protect CE from a computer expert, is that it also communicates the weak points to people who might not have known otherwise. I'm sure there are plenty of "tutorials" on evading CE available online, but I avoid looking for these things because I would be horrified to discover something for which there is no remedy. I think that's unlikely but that doesn't reduce the horror.

My viewpoint is a complicated one, and I think my original post was mostly attempting to paint a helpful picture. Your comment about the consensual nature of CE is a very helpful distinction and it has brought me clarity, but it doesn't describe the totality of the situation. CE is a tool for people who probably ought to identify as addicts already (adults). It's a bit unreasonable to expect an addicted person to always consent to abstaining from their drug-of-choice. Perhaps the expectation is that the monitored person will act out in a way that CE can report it to the accountability partner, thus starting a hopefully fruitful conversation. But this isn't necessarily the case. I'm not expecting CE to completely prevent me from using, but I suppose I do expect it to enable me to establish a digital sanctuary in my home and personal devices. Currently, this takes more work than just installing CE. I'm working on a plan to establish sanctuary in my home and personal devices, and I can share this with y'all soon, but be aware that it has the unintended side-effect of informing about the weaknesses of CE. Also, I don't know if this is something helpful for your clientele.
Photo of Steel

Steel

  • 82 Posts
  • 11 Reply Likes
@Luke @MarkDonovan This topic seems to be a recurring one. (Logically, as those skilled in understanding would be skilled in evading, and the more internal conflict one has to match that skill, the more of a problem this becomes in itself.)

Is there a use case or user group for those skilled in IT, SysAdmins, InfoSec experts, etc, who wish to also submit themselves to these types of self-inflicted restrictions and remain accountable? I believe there is. Unfortunately, I'm not sure CE is the place for it. Hear me out - this isn't a criticism of CE...

Minimum Viable Product (MVP) is the cornerstone of most businesses. Usually MVP involves 20% of the work to cover 80% of the usage. By the very nature of this problem, the users we're discussing fall *outside* that 80% of users. Because of that, it's going to take more than the 20% of the work to cover this edge case. It becomes expensive, then to account for those in this edge-group.

Think about it this way: Cybersecurity is expensive because it's a "moving target" ... no group is ever fully patched, because all the exploits have never been discovered. Each week major corporations around the world respond to "Patch Tuesday" and officially supported updates provided by *very, very large, very, very profitable companies*. I wish that CE could keep up with that, but I doubt the resources are there.

So CE is probably doing its best - and in fact providing an incredibly valuable service to that 80% of users. I'm not sure what we "5%" can do, aside from submit ourselves to trusted local admins and deprive ourselves of root privileges as we try to change from the inside out. And those of us with deeper understanding know that this too may not be enough.

Perhaps, CE team, it would be a compromise to let those of us with this greater level of understanding compare notes. The notion of open-sourcing CE has come up, and the idea of user-contributed fixes has also - neither has apparently been a realistic fix. If there was some sort of restricted, official gathering place (in the style of chat.stackexchange, or something similar) where the five-percent-ers could gather to share vulns, discoveries, etc., it could actually provide CE with an exceptionally fast feedback loop of issues as they are discovered. A major downside is that unpatchables (OS- and device-related issues) would be published to that group, and thereby available to a slightly larger audience. I personally feel that this would be a worthy risk to CE, as one benefit of putting smart brains in one room is the ideas that come out. It's not unrealistic that while some may come up with unpatchable issues, the collective may come up with a way for CE to implement something which might not patch said issue, but may still address it in another way. {I can think of at least one vulnerability I've discovered myself.}

There are still questions about the concept; for example: how does one "gain access" to this restricted space? A simple answer could be "If a user reports a vulnerability and requests to join the test group, the user is informed of the potential downsides, agrees to a modified TOS (terms of service), and is granted elevated permissions (group access)." 

I don't have the answers - it's just an idea.
Photo of Luke Jones

Luke Jones

  • 9 Posts
  • 1 Reply Like
Yes! A secret forum (in my paraphrase) came to mind as well. Some fan forums have "Spoiler Alert" tags which require one to click on an expand button to see what is initially hidden ... that's one way

Another is that this secret forum is actually only writable by people who have submitted vulnerabilities (like the first one you submit is reviewed perhaps, and then you get privilege to submit w/o review), but then accountability partners are the only ones allowed to read from this secret forum.

This comes to mind because my accountability partner is more of a wizard than me, but I suppose this is not always the case.

The MVP bit was very interesting. I'm not business savvy, but your explanation makes a lot of sense
Photo of Luke Jones

Luke Jones

  • 9 Posts
  • 1 Reply Like
@Steel I'm doing some research for a job interview and I ran into minimally viable product (MVP) on Wikipedia. I think your presentation of the idea is a bit more pessimistic than what is presented on Wikipedia. MVP is not for satisfying the maximum number of customers with minimal effort by a company, or rather, it's exactly that, but that's only the initial plan of action for the company, not the continuing plan of action. If MVP is the initial plan, a company gets to see if a prototype product gets any traction, and if so, they can make the product better. As software is never perfect, a company will always have to employ developers, even to fix issues in the MVP, and if this is the case, why not make it better for us 5%, 20% (minority of users), whatever.
Photo of Steel

Steel

  • 82 Posts
  • 11 Reply Likes
Technically this is true (MVP is the first phase, not the end phase).
Even though that's the case, I've yet to see a profitable company employing enough brains/labor to get that last minority percent of users, whatever it may be.

And here's a tough pill to swallow: it's (in my experience) exponentially worse for organizations aligned with a bible-relative worldview or mission. This is a rabbit-hole of biblical proportions (ha ha..), and not all entities of that nature are subject to such a generalization, but there is enough customer space based around a simple assumption that there isn't the motivation to provide a commercial-grade, corporately sustainable product.
I'd rather not go down this tangent here; I have no insults for CE - they have proven a responsible organization in many ways. But from a purely capitalist perspective, I don't see the rationale to support that last percent for a greater investment than profit.

Here's an example...
Supporting 5% more users for 20% more expense? That means (X + 20) / (Y + 5) less income per user...
Suppose current support is 70% of use cases for $50,000 annually. Implementing this change would mean 75% of use cases for $60,000 annually. Supposing there were originally 500 users; after the improvements there would be 536 supported users (rounding up).
Old value: $50,000 / 500 = $100/user
New value: $60,000 / 536 = $111/user
Each user now costs the company more money. There are lots of places this can go and lots of variables to switch and all sorts of economics principles to roll in, but that's the essence of my argument. This is also ignoring churn (which includes lost of existing users and acquisition of new customers), a potentially influential factor.
Inevitably there *is* a point of diminishing return: all businesses encounter a point where putting in more resources will *not* result in an equal increase in yield.

I guess all that to say: without downplaying CE for all the successes they have, I haven't come up with a viable way for them to cover the top 5-20% of technically-savvy users that's viable, or I would have suggested it to them. I don't want to discourage anyone from engaging in those thought-experiment-style considerations; it would be epic for them to cover literally 100% of potential users, but I literally think it's impossible. Sure, for 95% of users, they're gold. But even the Bible talks about not all things are permissible for all users ... er, believers.

Maybe those of us who put ourselves into that category should start a discussion group and see what we can come up with. I don't have a good suggestion as to where/how this would take place, but that's what I mentioned earlier was a recurring theme. I'm not sure where to stage the interfacing. Ideas welcome.