The best part of the “going dark” debate is that we have to pretend sophisticated attacks by nation-states and criminals are some kind of Gibsonian sci-fi fantasy. It’s 2019. Theres a multi-billion dollar industry around attacking phone security systems.https://www.fastcompany.com/90307864/u-s-fund-sells-israeli-hacking-firm-nso-group-amid-spy-mystery …
Very true, but we have also had package signing infrastructure compromised (e.g. Microsoft, Red Hat, Debian, Adobe) and that's what we rely on today. So I don't see this as a significant increase in risk, I take it you disagree?
-
-
I do disagree; it’s much easier for Microsoft to authenticate the entitlement of their employee than it is for them to authenticate the entitlement of a person in a entity that has government affiliation that is authorized by that government to decrypt your device; ...
-
both involve human processes that need not to fail but one is plausible risk can be reduced substantially; the other is effectively unbounded.
- 1 more reply
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.