undefined | Better HN

0 pointsZigurd11y ago0 comments

That's not really how it has worked. CAs can't be trusted because, in part, the USG wants to corrupt them as needed. Encryption systems get weakened because the NSA wants to be able to break them. Vulns don't get reported. Etc. It isn't a "double standard." The tech industry well has been poisoned in the same of surveillance.

0 comments

5 comments · 2 top-level

themeek11y ago· 2 in thread

This is right, but it doesn't address my comment.

Did this play a role in the breach? Almost certainly it did not.

yellowapple11y ago

No, but it means that breaches like this will be even more dangerous to the American public, since now such breaches will have the potential of exposing access to "secure" backdoors and the wealth of surveillance data various LEAs have accumulated.

themeek11y ago

There's other threads here were people suggest this.

It seems pretty speculative to me that there's some large database with all of the mandated software backdoors and keys to get access to. And if it existed, I don't know that it would be such a large threat.

Certainly security bugs and professionals inside of industry are targeted by hackers already.

Given everything else, I don't know how large an issue this is (compared to say, hacking nuclear defense systems, energy grid, military C2C, etc).

It would be interesting to see whether this is considered a threat scenario by the USG.

1 more reply

linkregister11y ago· 1 in thread

> CAs can't be trusted because, in part, the USG wants to corrupt them as needed

Has this happened? Or did a U.S. government official slip up and admit the future intention publicly? (I wouldn't be surprised)

The only CA corruption I've heard of was a MOIS/VAJA operation against DigiNotar and a corporation overstepping its agreement with a CA by abusing a delegate root CA.

themeekforgotpw11y ago

Oh yeah, CAs have been broken for decades. I remember reporting way back on Room 641A at AT&T having shadow certs.

j / k navigate · click thread line to collapse