On 20 January 2018 at 22:43, James Salsman <jsals...@gmail.com> wrote:
> The NSA surveillance which was reauthorized by Congress can not depend
> on eavesdropping alone with new HTTPS cyphers. It needs compromised
> hardware to work,

Meltdown suggests otherwise. In any case EternalBlue and Stuxnet made
it clear that the hardware is irrelevant.

The reality is that the WMF doesn't have the resources to prevent a
state level actor from gaining access to its servers. Switching to
little used, little supported and more expensive hardware simply
weakens the WMF position even further since attackers no longer have
to factor in the risk of burning a valuable exploit. So not much
changed since 2013.


Wikimedia-l mailing list, guidelines at: 
https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines and 
New messages to: Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, 

Reply via email to