Translucent Databases 2Nd Edition: Confusion, Misdirection, Randomness, Sharing, Authentication And Steganography To Defend Privacy

Author: Peter Wayner
5.0
This Month Hacker News 1

Comments

by specialist   2020-05-27
Exactly.

Just like a password wallet. Store the hash of passwords, not the actual passwords. Then disallow password resets.

Then you effectively "forget" your account if you lose your password.

The book Translucent Databases (2nd ed) [2009] explains clever strategies for applying this technique to protect sensitive data. It's brilliant.

https://www.wayner.org/node/39

https://www.amazon.com/gp/product/1441421343

Meta: I remain disappointed by the obscurity of this book and translucent techniques. A long time friend recently asked me about GDPR compliance and so forth, in prep for reworking stuff to allow proper audits. Very tech savvy. The translucent notions just could not compute. So their efforts went down the conventional rabbit hole of actually deleting data. Which I don't consider practical or auditable. How can you be sure an org deleted every record, log, backup, etc? You can't.