Do you trust the Chinese government with your personal information? How about organized crime groups with the resources to hire expert black-hats?
We're talking about people who haven't done anything wrong, and aren't suspected of any wrongdoing. Innocent people are having private data gathered without their consent (and arguably in violation of the constitution) by people who have had a series of embarrassing security blunders in recent years.
You might argue that the NSA has tighter security standards than the OPM and whichever departments were compromised in this attack. In response to that, I'd point out that Edward Snowden was only a contracter, and shouldn't have had access to the information he leaked to the press. Clearly security wasn't that great at the NSA.
We have so much effort into offence that we ended up forgetting about defence, and losing the latter makes the former largely ineffective. This completely destroys the credibility of the NSA's argument that they deserve ever-more expanding powers to reach around the globe, especially given that we will have hands following the neat trail that we have behind ourselves.
Why do we give them the power to act with impunity and without oversight, trusting them to reach around the globe, when we expose ourselves the whole length of the way?
It's like leaving the door open at Fort Knox because we're too busy spying on our neighbours.
Companies have free reign to do what they will, its up to us the people to demonstrate why / decide what they are doing is illegal and demand laws around it.
I think the question is why aren't more people pissed off about this? Some would say its apathy, I would say its simple lack of knowledge and understanding. Nobody wants to be spied on.
I expect the other guys have them as well.
TLS is cat & mouse game at this point, and we count on closed-sourced systems like Whisper to be the holy grail. It's a sad sate of affairs.
There's nothing arguable about it.
I've never understood this idea. The US government is dangerous to anyone located in the US. The Russian government is not. It will never matter to you if the Russian government has your data; it can matter a lot if the US does.
How do you figure that? Aside from the obvious credit card data/identity theft, there is also freedom of speech persecutions that can routinely happen should a foreign actor have your data and you traveled to their country.
Example: you are openly gay on your social media posts, and want to vacation in a foreign country that bans homosexuality. Maybe you are critical of the current Chinese leadership but still want to see the Great Wall. These are just low-hanging-fruit examples.
It's misguided to be so careless with your personal data, especially with regards to foreign actors.
It does if I have to visit Moscow airport on my way somewhere.
That is a painfully naive declaration.
Given the exceptionally high value to foreign governents (and other actors) of breaking into US government computers, the latter approach seems like the only potential option. The stock tech just can't be secured effectively enough, IMHO.
----
EDIT: Answering my own question to a degree, here are presentations on High-Assurance Cyber Military Systems (HACMS), which apparently utilize seL4:
http://www.cyber.umd.edu/sites/default/files/documents/sympo...
One project is SeL4, which is a provably correct microkernel. I listened to a talk by one of the developers and it sounded like they were getting funding from DARPA.
https://sel4.systems/About/seL4/
I also remember reading on Wikipedia about some proprietary closed-source OS that's used by the US government to work with very highly classified information. Apparently the requirement was that the kernel and every program be formally verified, so it had very limited features. IIRC, it still maintained, but newer versions support a Linux environment for less classified work.
Unfortunately, I don't remember what it was called so I can't link to the page.
edit: found it:
https://en.wikipedia.org/wiki/XTS-400
https://en.wikipedia.org/wiki/Trusted_Computer_System_Evalua...
> Examples of A1-class systems are Honeywell's SCOMP, Aesec's GEMSOS, and Boeing's SNS Server.
Fortunately, DARPA, NSF, and other organizations are funding a lot of good work. Here's a few:
https://www.cl.cam.ac.uk/research/security/ctsrd/cheri/
http://www.cs.rutgers.edu/~santosh.nagarakatte/softbound/ (See hardware papers like Hardbound and Watchdog)
http://safecode.cs.illinois.edu/sva.html
http://scholar.lib.vt.edu/theses/available/etd-10112006-2048...
Much of Galois Inc's work is government funded. That includes CRYPTOL language, Ivory language, Xen work, Haskell work, and so on. NSA partly funded demo's from Praxis (now Altran) on their Correct by Construction process with Z specs and SPARK Ada code. They built SPARK, too.
So, lots of stuff going on that is already practical. There's even more that are academic prototypes or exist in simulation. Leaving them off for now.
Such folks just don't want to bother with the limitations that a secure system implies, even if such a system became much more featureful than the present ones. They want their Windows/Mac and probably want it for their work-groups.
It's not just a lack of technical know-how but a variety of psychological tendencies that stands against this. It's taken a long time for companies to develop UIs that people want to use but the existence of these "easy to UIs" is a barrier to any UI which requires even a small amount of training to use.
None of that matters if you are using it in a modern processor full of backdoors and malicious technologies like AMT/IME/PSP.
The NSA 'owns' at least one semiconductor fab[1] in Texas, and used to (or still does) own another secure CMOS facility in Santa Clara [2]. Add in several facilities owned by defense contractors as well as the facilities at places such as Lincoln Lab. When you have the ability to develop and build your own secure technology, it would seem perfectly 'logical' to force others to use lesser, less secure hardware.
[1] http://www.chron.com/news/houston-texas/houston/article/NSA-...
[2] http://www.militaryaerospace.com/articles/print/volume-9/iss...
Also if the government started making its own computers then private suppliers would raise a fuss about "big government" and hurting private enterprise. Also can you imagine the shitstorm ensuing from: "Government insists every tech company bakes in backdoors. Government then has to create its own computers because consumer models are too insecure."
[1] http://www.militaryaerospace.com/articles/print/volume-9/iss...
I imagine they'd be designed and built by Boeing or Raytheon or some other major military contractor, just like all the other specialized government equipment.
https://domino.research.ibm.com/library/cyberdig.nsf/papers/...
One of the founders and best performers of INFOSEC, Paul Karger, was on that project. Later did their smartcard OS, Caernarvon, for an anticipated EAL7 evaluation. In the past, he did MULTICS security evaluation and VAX VMM Security kernel among other things.
Far as HWMAC, they sort of just dropped it on us in 2011 and I haven't heard about it since. (shrugs) Meanwhile, Cambridge already has FreeBSD running on the CHERI processor with code available and a less-aggressive, legal team. :)
The famed IBM "Future Systems" project (to replace the S/360-descended mainframe architecture) was a failure, but it survived by evolving into System/38, then AS/400, later renamed to i5/OS and now IBM i. Hardware-based capability security was part of the architecture.
Search: site:nsa.gov filetype:pdf hardening
(works in DuckDuckGo as well)
The search will probably get you noticed, but I remember spending like 2 days in highschool just scraping and going through every PDF I could find for useful things to know. ~
In fact it is entirely possible that deep cover agents within the USG had rigged the system so that info security was practically non-existent but only if you had the eyes of a UNIX system administrator like Snowden. Or some foreign spy agency operatives.
Remember that supposed cyber attack on Ukraine's power systems. It is precisely the same thing. Incompetence in security administration, nobody even caring to do the simplest things to secure systems and networks, no real security audits. Just handwaving and powerpoints and lots of impressive jargon, and no doubt, impressive checks being written.
Can we do better than this? Serious question, can we?
Now look at how our society handles sport stars. Their pay. The training kids get which is needed to give rise to the stars.
I'm not convince our society cares about being secure when you measure by actions instead of words.
https://news.ycombinator.com/item?id=11426849
(On topic: the more data they collect, the more tempting of a target they become.)
A compiler that inserts a backdoor ( and the backdoor inserter ) into anything it compiles but contains no backdoor in the source code.
Infect one compiler and then everything that follows has a backdoor.
IMO that attack is as grandiose as it is unlikely.
is there anyway to break the cycle?
Snowden's leaks show the focus is to "prevent public debate about the mass surveillance program." - GCHQ, leaked slide.
> "The mass surveillance program has done nothing to prevent terrorist attacks, it has not stopped a single one.", concludes Obama's 2014 report chaired by the ex-deputy director of the CIA.
Compromising public safety by starving resources from real investigative intelligence.
> "If you collect it all, you understand nothing." Snowden
They were warned of the Belgian Bombers by Turkish Intelligence. Warned he had just returned from training camps. Warned a Tsarnev brother had been at a training camp just before he bombed Boston.
Real warnings about activated radical, single dangerous individuals - not a needle in haystack - direct advance warnings. Same with London 7/7 and in all cases the response is "we didn't have sufficient resources to target these individuals."
If these attacks were preventable - why weren't they ?
This question must be asked again and again and we should be unsatisfied with 'closing the stable door' answers like 'because they had burner phones'. Because that is not their focus is the awful, sad, inescapable truth.
All sources from this debate between Greenwald, Chomsky & Snowden: https://theintercept.com/2016/03/30/edward-snowden-noam-chom...
The idea would be to put mitigations into place for every imagationable attack vector by breaking everything but the things that are necessary and isolating the things that are left. That ought to make breaking into systems harder. It will likely never happen though. If anyone in charge of IT for even a portion of the US government did this, he would probably get fired as soon as those who can fire him experience proper security.
/s
