On Fri, 17 Jun 2016 13:52:38 -0500 Anthony Papillion <anthony@cajuntechie.org> wrote:
There's value in running security software on a compromised system because it helps to stop /mass/ surveillance.
Does it? Your servers are compromised and so are your 'SSL' connections...your tor routers are obviously compromised...any system used to defend against mass surveillance that you run on compromised hardware is...compromised.
Ultimately, if you are under surveillance, they're going to get you but they're going to have to devote some time an effort /to you/. You're not going to get caught up in the worldwide dragnet.
Backdoored hardware affects everybody except the gov't. Not to mention, why would it be OK to stop mass surveilance but not 'targeted' surveillance...of some big number of people?
My personal quarrel with the NSA and other security services isn't that they watch people at all.
Well, at least you are sincere...
It's that innocent people are getting caught in a dragnet and that information could be used against them later.
Aren't they 'innocent'? If they are 'innocent' they 'have nothing to hide'.
Nobody seems to be trying to fix 'our' fundamental problem...?
It's a hard AND expensive problem to address. There aren't a whole lot of people with processor design skills that aren't already working in processor design for one of the biggies.
I don't think processor design is especially hard. I admit I'm guessing, but I can't imagine what could be so hard about designing some kind of not-fancy, risc system. Not to mention.... http://opencores.org/
And the few that are likely don't have the money to bring up what it takes to do it. It's not like this is going to be bootstrapped by a Kickstarter.
Actually, it seems exactly like the kind of project that could/should be 'crowfunded'. What's the 'minimum order' when dealing with something like TSMC ?
All the talk about snowden, tor, 'hacking' and similar propaganda is...well...propaganda.
It's making people more aware of what's going on and how to protect themselves. Sure, it's not solving the problem but it is making things a bit better.
I don't know. I wouldn't blame Snowden and co.(or maybe I would?) but since 2013 things just kept and keep getting worse. Your NSA friends didn't back off an inch.
Perfect is the enemy of good. If the spooks don't go after one person because it would take more personalized resources than simply catching them in a dragnet, that security has worked. We don't need 'perfect'. We need 'good enough'.
'good enough' requires working hardware, not hardware remotely controlled from washington.