Posts by Paul Campbell
Last ←Newer Page 1 2 3 4 5 Older→ First
-
Scarier is "N.S.A. Foils Much Internet Encryption" - it's hard to tell exactly what they're saying there, but it seems to hint to me that SSL is toast.
-
well there's that whole low power only good for a km or so thing and the fact that this will be an all solar net only running for a few minutes a day on the smell of an oily rag in a bush filled valley .... it's going to be a very sparse matrix
-
And on my desk is a pile of NZ designed, NZ built, boards also with TI hardware - I have to sign that same agreement to get the chips (AES, and I use it, even though we're just building a mesh net to monitor stoat traps) - the rules are slightly silly - I'm allowed to send the chips to China for assembly provided I ship the result somewhere else, but I'm not allowed to sell them to the Chinese military
I can buy the same chips cheaper and without signing the disclaimer on Alibaba ....
Meanwhile the bespoke AES chip market (bitcoin) seems to be taking off
The people who make these silly rules don't really care, they just like being able to make people's lives more difficult
-
well of course they are, they keep putting Windows on them
-
OnPoint: BTW, the NZ Police can use…, in reply to
And let's not forget the Israeli contributions to the field...
err, well yeah - Israeli designed crypto is sitting in your Sky TV box and possibly your household wireless phones too - NDS (now owned by newscorp) has a particularly shady past
-
yeah so we have two choices, hardware with NSA spook backdoors and hardware with Chinese spook backdoors Rich is right we need open source hardware all the way.
Now how do I choose an ISP who publishes their router source? an international fibre provider who does the same?
-
The Washington Post reports that the NSA "breaks into foreign networks so that they can be put under surreptitious U.S. control." and that they "has placed 'covert implants, sophisticated malware transmitted from far away, in computers, routers and firewalls on tens of thousands of machines every year, with plans to expand those numbers into the millions.".
My goodness, that sounds just like the sort of thing that the PM claims the GCSB were created to prevent .... I wonder how they are doing ..... or maybe they're quietly helping do it here ....
Maybe the big fuss about Huawei equipment is not that they are Chinese made, but that they are too good and can't be broken in to, and can't be persuaded to add secret back doors, I can see why that might piss off our secret powers that be
-
I generally have this feeling that because this is a secret agency that we have to trust to follow the law because there's no open, transparent public oversight the consequences of not doing the right thing ought to be higher than for say the council guy spraying the weeds on the street who sprays my petunias out there in front of everyone. (I'd say the same for other parts of govt that tend to work in secrecy too, parts of the police, the IRD, the defense forces etc etc).
However a question: so the police have declined to prosecute, can someone bring a private criminal prosecution here? (I'm think of Dotcom who I suspect is quite likely to at least consider doing such a thing, and of course has the means) And if one did such a thing will we see a parade of GCSB spooks in the witness box?
-
Well yes - bear in mind that I'm not saying that MS does this, just we know that they've already done stuff for the NSA and that the NSA can happily make them do it should they want to and we'd probably never know - because those "security updates" make us more secure right? we need transparency in our personal infrastructure - there's little point in end to end crypto if one of the ends is owned by a 3rd party.
And yes UEFI just makes it worse, because of the way that they are forcing it on Arm based platforms MS are effectively locking out alternatives (Linux based ones in particular) that can be open and transparent and provably safe
-
yes remember we know that Microsoft has done deals with the NSA, they're compromised, and every Tuesday(well Wed here) they roll patches into your windows system, they can send you the generic NSA/GCSB backdoor, or target you with a specific one tailored just for you ....
And of course the big problem with back doors in general is that once they're installed they can be used by others, even if you trust the GCSB/NSA it doesn't mean that the Russian mafia wont come a knocking and sneak in and use it to empty your bank account.