PiGraham wrote:I'm intrigued. What uses does this have. Stopping data getting out is trivial - don't make a connection at all.
taught us anything, is that we can't trust anything, not even some of most important building blocks of Internet security, like OpenSSL.
As karlkiste already pointed out, the world is full of very capable individuals who will "make the connection" and extract private data from your systems against your wishes. Those breaches are made possible because the stack (from the hardware, to the OS, and applications) simply allows it, due to bugs and vulnerabilities (and if you are really paranoid, due to intentional backdoors).
There are many uses for protecting data behind data diodes, and I'm just exploring a really simple and cheap solution using 2 Pis.
karlkiste wrote:If there was no way to get data out at all, /dev/null would be the place to use
The funny thing is that, for the purpose of my masters project it is pretty much acting as a temporary
A little background on the project
. In a nutshell I'm working on a prototype of what I call a digital mind extension
, which you can think of as "an artificial brain where you upload your mind". Currently the private Pi will simply store my detailed lifelog (I record myself 24/7, including audio, location, biometrics, activities on laptop, phone, etc). Later I will work on analysis/mining of this data in order to create a "digital mind" that could one day represent myself in the Internet of Minds (IoM).
As part of my masters I will use the public Pi as a simple API to my "mind" that can answer simple queries about my preferences, without giving direct access to my demographics (this feature will not make use of the private Pi, for obvious reasons). The idea is to create a viable privacy-protecting alternative to consumer profiling techniques by corporations.
So, the private Pi is really just to store the really private stuff until one day I'm ready to use it. Think of it like cryogenics for one day resurrecting my digital