On Sun, Jan 27, 2019 at 03:33:11PM +0100, Alexandre Belgrand wrote:
> Le dimanche 27 janvier 2019 à 13:11 +0000, Holger Levsen a écrit :
> > I *believe* they probably misunderstood evil32.com and it's fallout.
> CAs and GNU/Linux distributions are #1 targets for national
> intelligence agencies.
> Debian developers are not using smartcards to store their GPG keys,
> including the master key signing code. It is very likely that Debian
> master key has been stolen. I would be very surprised if it had not
> been stolen.
> One reason why nobody wants to use SSL, including OpenBSD, is that
> there is a wide belief that SSL private keys have been stolen.
> Therefore there is no need to use SSL, as it does not offer a real
> protection.
> This is simply GAME OVER (part 1 of the game).
> One reason why I am not using Qubes, is that it does not offer a real
> protection compared to Debian, as both systems are IMHO compromised.
> At present, any government with a valid certificate from Intel can use
> Intel ME backdoor to access all resources from a computer, including
> keyboard and screen and there is no way to secure an X86 computer.
> If Qubes was making a wide use of Smartcards with a separate pinpad
> reader and was using a hardened operating system like OpenBSD or even a
> hardened GNU/Linux, I would have a closer look at it.

I'd be interested to know what system has been graced with your
If you believe all this, then what makes you think that national
intelligence agencies haven't infiltrated *bsd, coreboot and any other
system you can name. 
imo Qubes does a reasonable job of providing a more secure system
that's usable by ordinary users.
Spreading unfounded allegations is a disservice to the community.

You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
For more options, visit https://groups.google.com/d/optout.

Reply via email to