Whistleblower Chelsea Manning to Conduct a Security Audit of Nym Privacy System
The U.S. whistleblower will audit Nym's privacy infrastructure.
Share this article
The whistleblower exposing U.S. military war crimes in Iraq and Afghanistan is conducting a security audit on this full-stack privacy infrastructure.
Chelsea Manning Joins Nym
Former U.S. army soldier Chelsea Manning has joined Nym to security audit their cutting-edge code to prevent mass surveillance. The audit will be completed before the network hits “mainnet” later in the year.
The Nym team is thrilled to have her join as a security consultant to audit the code of Nym for security and privacy flaws. While most security auditors do not know what is at stake in a software bug that can harm privacy and security, Manning is keenly aware that secure software can lead to life-or-death consequences. Manning was imprisoned in the U.S. for nearly seven years for leaking documentation from military operations in Iraq and Afghanistan, including the targeting of civilians, before being pardoned by Barack Obama. Harry Halpin, the CEO of Nym, said of Manning’s move:
“While trusting software with their money is one thing people are learning to do with Bitcoin and DeFi, brave whistleblowers and revolutionaries like Chelsea Manning have to trust software with their lives. So rather than “YOLO” and launch as only to wreck their users, we’re working with the best people alive to keep our users safe and secure. While all software has bugs, people that launch software that endangers their users or doesn’t even work are scammers that could even have blood on their hands.”
While Manning is well-known as a whistleblower, what is not so well-known is that she is a talented security and privacy engineer. While most security audits focus only on cryptography, cryptographic bugs are only half the battle for privacy. “Traffic analysis, not cryptanalysis, is the backbone of communications intelligence”, as stated by the founder of public key cryptography Whitfield Diffie and privacy expert Susan Landau in their book Privacy on the Line.
Yet no security audits deal with the kinds of powerful traffic analysis attacks that Nym is meant to prevent. Chelsea Manning states:
“As methods for network traffic analysis have dramatically improved in the last decade, I have frequently called for research (since 2016) into alternative methods to Tor that avoid exposing the data within the network to such analysis. Nym is one such viable alternative worthy of research, and developmental implementation.”
Manning is uniquely qualified to understand how powerful, even nation-state, adversaries can attack Nym users due to her own background in signals intelligence and her personal experiences with repression. Working with other more traditional security auditors, Manning’s mission over the coming months is to help Nym resist surveillance via discovering new privacy leaks and setting parameters for cover traffic. Cover traffic is “fake traffic” that can confuse an adversary like a malicious Internet service provider or mobile phone company and is sent by Nym but not by Tor or VPNs. Harry Halpin continues:
“We’d be happy to have her stay on after the audit in whatever form she wants, but right now we need everyone laser-focused on securing our code.”
Privacy has since been making a massive comeback, through user demand (private messaging app Signal had over 100 million downloads in May 2021) and through new regulation (exemplified in the European GDPR). So far, Nym is one of the only privacy systems promising metadata protection at the network layer. Nym’s mission is to make privacy an integral part of Web3. As the recent Pegasus leaks reveal, privacy is under constant attack, posing life-threatening dangers to journalists, activists, and citizens alike who become vulnerable targets.
Nym is an open-source, decentralized, permissionless, and incentivized system providing full-stack privacy. It enables developers to build applications that provide users with strong guarantees against metadata surveillance, at both the level of network traffic (mixnet), and the level of authentication and payments (credentials). Nym’s team is composed of leading research scientists and developers at the world-class universities Massachusetts Institute of Technology, KU Leuven, and University College London.
For more information, contact Jaya Klara Brekke at [email protected]