On Sun, Jan 27, 2019 at 03:33:11PM +0100, Alexandre Belgrand wrote: > Le dimanche 27 janvier 2019 à 13:11 +0000, Holger Levsen a écrit : > > I *believe* they probably misunderstood evil32.com and it's fallout. > > CAs and GNU/Linux distributions are #1 targets for national > intelligence agencies. > > Debian developers are not using smartcards to store their GPG keys, > including the master key signing code. It is very likely that Debian > master key has been stolen. I would be very surprised if it had not > been stolen. > > One reason why nobody wants to use SSL, including OpenBSD, is that > there is a wide belief that SSL private keys have been stolen. > Therefore there is no need to use SSL, as it does not offer a real > protection. > > This is simply GAME OVER (part 1 of the game). > > One reason why I am not using Qubes, is that it does not offer a real > protection compared to Debian, as both systems are IMHO compromised. > > At present, any government with a valid certificate from Intel can use > Intel ME backdoor to access all resources from a computer, including > keyboard and screen and there is no way to secure an X86 computer. > > If Qubes was making a wide use of Smartcards with a separate pinpad > reader and was using a hardened operating system like OpenBSD or even a > hardened GNU/Linux, I would have a closer look at it. >
I'd be interested to know what system has been graced with your approval. If you believe all this, then what makes you think that national intelligence agencies haven't infiltrated *bsd, coreboot and any other system you can name. imo Qubes does a reasonable job of providing a more secure system that's usable by ordinary users. Spreading unfounded allegations is a disservice to the community. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to firstname.lastname@example.org. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20190127164722.becnlytbz5bidzhz%40thirdeyesecurity.org. For more options, visit https://groups.google.com/d/optout.