Re: [Wikimedia-l] Fwd: [Publicpolicy] Update on FISA 702 reauthorization

Hoi, First, what the Foundation does is not in order to protect itself but to protect its readers, its authors. Second, when you consider security theatre, consider the other countries and then consider the countries where security has a better chance than the USA. Be advised that in many, most

Re: [Wikimedia-l] Fwd: [Publicpolicy] Update on FISA 702 reauthorization

Let me just suggest, again, that we should find out how much it would cost to avoid the most widely "baked in" vulnerabilities which are known to state and non-state actor. I can't imagine why that wouldn't be worth it. If the NSA wants private Foundation data, they could send a National Security

Re: [Wikimedia-l] Fwd: [Publicpolicy] Update on FISA 702 reauthorization

I think, as Geni says, that even that isn't going to provide any effective barrier. If the NSA or other US Government spooks want to get into the servers, they will, regardless of what hardware it's running on, what software it uses, or what jurisdiction it is located in. Anything that the

Re: [Wikimedia-l] Fwd: [Publicpolicy] Update on FISA 702 reauthorization

On 21 January 2018 at 12:56, James Salsman wrote: > Do you think merely avoiding the most mass-produced and arguably > widest backdoor is a step in the right direction? Security though obscurity against state level actors? That is not going to work. And yes I know you seem to

Re: [Wikimedia-l] Fwd: [Publicpolicy] Update on FISA 702 reauthorization

> the WMF doesn't have the resources to prevent a > state level actor from gaining access to its servers. Do you think merely avoiding the most mass-produced and arguably widest backdoor is a step in the right direction? > Switching to little used, little supported and more expensive > hardware

Re: [Wikimedia-l] Fwd: [Publicpolicy] Update on FISA 702 reauthorization

What about moving to another country? Still not an option? Cheers Yaroslav On Sun, Jan 21, 2018 at 8:38 AM, Lodewijk wrote: > 1) still don't see the relevance. If better technology is needed, it's > needed - that should be independent of any lobbying preferences.

Re: [Wikimedia-l] Fwd: [Publicpolicy] Update on FISA 702 reauthorization

1) still don't see the relevance. If better technology is needed, it's needed - that should be independent of any lobbying preferences. It looks like you're just pushing tangents again. 2) You do realize that the FTC and the FEC are very different organizations? But again, it seems you just used

Re: [Wikimedia-l] Fwd: [Publicpolicy] Update on FISA 702 reauthorization

On 20 January 2018 at 22:43, James Salsman wrote: > The NSA surveillance which was reauthorized by Congress can not depend > on eavesdropping alone with new HTTPS cyphers. It needs compromised > hardware to work, Meltdown suggests otherwise. In any case EternalBlue and

Re: [Wikimedia-l] Fwd: [Publicpolicy] Update on FISA 702 reauthorization

> 1) I don't quite see how your question about servers and switches relates > to Stephen's statement. Could you explain for us mere mortals how you link > the two? The NSA surveillance which was reauthorized by Congress can not depend on eavesdropping alone with new HTTPS cyphers. It needs

Re: [Wikimedia-l] Fwd: [Publicpolicy] Update on FISA 702 reauthorization

Hi Jim, I'm afraid I don't quite follow. 1) I don't quite see how your question about servers and switches relates to Stephen's statement. Could you explain for us mere mortals how you link the two? 2) I somehow missed the commitment by the WMF to research "FEC requirements of organized advocates

[Wikimedia-l] Fwd: [Publicpolicy] Update on FISA 702 reauthorization

How much would it cost to replace the servers and switches with open source hardware? Stephen, when do you expect to have the FEC requirements of organized advocates for US political candidates researched? -- Forwarded message -- From: Stephen LaPorte