On Wed, Sep 11, 2013 at 10:49:46AM +0200, Martin Schr?der wrote: > 2013/9/11 Marc Espie <[email protected]>: > > Second, low hanging fruit. > > > > There's so much crappy software and hardware out there that you have to be > > REALLY paranoid to think the NSA would target us. I mean, come on, there > > You think openssh isn't a valuable target?
You think they need to target protocols? There are much easier ways of doing things. Strong crypto works if you do all the management stuff. Most people have no idea what's involved with that. Like Espie says there's plenty low hanging fruit. If you're somebody they want to know about the methods they use don't have anything to do with technology. > You think openbsd isn't used in commercial firewall/vpn appliances? You think that government doesn't cultivate "healthy" relationships with "security" product vendors that makes whatever protocol or OS they claim to run irrelevant? Do you really believe they only got google, yahoo, gmx, msn/hotmail/aol/skype to open up their services but not router and vpn and appliance vendors? Don't be so naive... any company that has an office in the U.S. that wants to stay in business is going to bend over. How many Lavabit stories did we read about where somebody had the integrity to say NO and lose his ass? Exactly one. Guess what happened to the rest. You want security, run OpenBSD on a Chinese router or SBC or fab your own chips and build your own hardware. And stay the hell off the net. > Think again. Your turn. /jl -- ASCII ribbon campaign ( ) Powered by Lemote Fuloong against HTML e-mail X Loongson MIPS and OpenBSD and proprietary / \ http://www.mutt.org attachments / \ Code Blue or Go Home! Encrypted email preferred PGP Key 2048R/DA65BC04
