Ask Slashdot: Can Commercial Hardware Routers Be Trusted? 213
First time accepted submitter monkaru writes "Given reports that various vendors and encryption algorithms have been compromised. Is it still possible to trust any commercial hardware routers or is 'roll your own' the only reasonable path going forward?" What do you do nowadays, if anything, to maintain your online privacy upstream of your own computer?
No. (Score:5, Interesting)
'nuff said.
Re:No. (Score:5, Interesting)
actually the obvious answer is that trust is not a binary thing. Evaluate your threat models. If you want to be safe from the NSA, and you are protecting information they want to know, then yes, I would say that eschewing any technology from corporations that are easily coerced by the NSA would be a good idea. Of course, that is practically impossible. But you do what you can. And wanting a device with all source available, in a form that is easy to (perhaps modify and) compile to a verifiable equivalent of the stock firmware and operating system would be the first obvious step.
Re:No. (Score:5, Insightful)
actually the obvious answer is that trust is not a binary thing.
Actually, the obvious answer is that you don't have a choice. No matter how much effort you put into it, you will always be depending on third party hard- or software that simply have to trust. So, you want to solder your own PCB? Sure, go ahead, but your Ralink SoC is still manufactured somewhere in China. Don't trust Cisco's IOS? Sure, write your own, and let me know how you designed and manufactured your own ASICs. And then we're not even discussing the fact that as soon as the packet leaves your router, it will enter one that you don't even own. Yes, there is a lot that you can do and I think the closest real answer to the poster's question is to just get an OpenWRT capable router and compile from scratch, but to not trust anyone is simply not an option.
Not trusting vendors = you give up a lot (Score:3, Interesting)
One solution is to simply not communicate outside of a domain you trust. Go offline. I the extreme, use pen and paper to store information you don't want others to see, and if you need to share that information with others, memorize it and tell it to them in person. As a compromise, use a trusted courier. But even that requires trusting someone.
Basically, adopt the same "off the communications grid" techniques that Osama bin Laden was thought to use.
As I said, you give up a lot, and for 99+% of us, tha
No, don't go offline ! (Score:2)
Go offline.
If you do that they win !
Internet is a threat to them. Internet is the one thing that can expose their evil deeds.
If there was no Internet, Edward Snowden's revelation will never get known to many of us.
The obvious answer is FPGA routers, made with fully open-sourced VHDL files.
Re: (Score:3, Funny)
He died non-violently in December 2001 of kidney failure.
Re: (Score:3, Interesting)
es, there is a lot that you can do and I think the closest real answer to the poster's question is to just get an OpenWRT capable router and compile from scratch, but to not trust anyone is simply not an option.
I agree with you, though would optimistically add to your thoughts- "to not trust anyone is simply not an option... yet". Maybe there will come a day when a truly open source and hardware replicator will become possible. Before dismissing me completely, I imagine there would be some years where it looks like an Apple-II 3d printing another Apple-II, but it's seeming more and more possible. And then it's a bootstrapping issue from there to catch back up to modern specs. But I'd have a lot of fun with an
Re: (Score:2)
There will never be a commercial chip printing machine. Stop living in Terra Nova.
Re: (Score:3)
You are right. But there IS a FPGA strong enough to program it to be a processor. And there are FPGA configs to make some popular architectures out of it, including Sun Sparc. It's quite enough for 90 per cent of jobs you make on your Intel or AMD desktop. I don't believe that it's possible to create a bugged VHDL compiler or bugged FPGA. It' too low-specialized for such task, and any mismatch between FPGA and the VHDL's idea of it will just cause a total failure.
Re: (Score:3)
The problem with using a FPGA is that THEN you're buying a chip that costs more than Intel's second- or third-most expensive i7, and getting a CPU with the approximate performance of a 500MHz Pentium III.
More importantly, even if you DO build your own CPU using a FPGA, at least 95% of your VHDL is going to come from somebody else if you want to have it meaningfully working, with Ethernet and USB, before you die someday. If somebody is so paranoid about security that he doesn't think he can trust a COTS CPU
Re:No. (Score:4, Insightful)
Amish (Score:2)
Actually, the obvious answer is that you don't have a choice.
There is always subsistence farming.
Re:No. (Score:5, Interesting)
You could always just build a cpu from scratch? http://www.homebrewcpu.com/ [homebrewcpu.com]
Re:No. (Score:4, Interesting)
If you use commodity hardware you could have two CPUs from different manufacturers and compare outputs. Back in the 80s that sort of thing was popular in critical systems. Buy a 68000 CPU from two different sources, preferably from different continents and with each being a unique design. Run the same code on both, and if their outputs don't match for some reason one is faulty. This of course assumes that both don't have identical back-doors.
Re: (Score:2)
Re:No. (Score:5, Informative)
Public key cryptography using open source tools that have been tested and retested by lots of other coders still works pretty well. The RSA backdoor you are referring to is certainly discouraging news. But on the other hand, the fact that RSA had backdoored itself was sort of understood by the community at large as far back as 2006, shortly after they issued the compromised tool. This week's news is merely confirmation. That's why PGP and its ilk, open source and made by activists, might be a better option than commercial tools by companies with a strict profit motive.
If you are really concerned about security, you might very well want to roll your own machine, and certainly should run a fresh, clean linux install off a CD every time you start up, to reduce the chances your machine is compromised.
Re:No. (Score:5, Interesting)
"certainly should run a fresh, clean linux install off a CD every time you start up, to reduce the chances your machine is compromised."
You can also boot an .iso image from a USB or other flash as well as CD and load it entirely to RAM with no persistent home.
Knoppix (nicely polished distro) has had the "toram" option for many years as do other distros it inspired.
http://en.wikibooks.org/wiki/Knowing_Knoppix/Advanced_startup_options#Transferring_to_RAM [wikibooks.org]
Comment removed (Score:4, Insightful)
Re:No. (Score:5, Informative)
Re: (Score:2)
I think to be really secure, you have to mine the silicon yourself and etch all integrated circuit silicon wafers in your own underground lab. Using any code that is on the Internet is foolhardy. You must develop all your operating systems from scratch, in assembly language.
Re: (Score:2)
The problem with silicon is not mining the ore. Its purifying the silicon.
Re: (Score:2)
Re:No. (Score:5, Informative)
" But on the other hand, the fact that RSA had backdoored itself was sort of understood by the community at large as far back as 2006, shortly after they issued the compromised tool."
"Backdoored itself" is a singularly apt way to put it. But apparently they were engaged in trying to "backdoor" other people, too, which is not a victimless crime.
Personally, after their "SecureID" debacle and now this, I'm not inclined to "trust" RSA at all. Fool me once, and all that.
And the same can be said about DropBox. They promised end-to-end encryption, but instead they were "de-duping" files to save storage, which means that entirely contrary to what they told their customers, they actually had direct access to your raw files. Sure, they fixed that (so they say), and said "Sorry, we won't do it again." But how much can you trust them, considering that they blatantly lied to you before?
Re: (Score:2)
And the same can be said about DropBox. They promised end-to-end encryption, but instead they were "de-duping" files to save storage, which means that entirely contrary to what they told their customers, they actually had direct access to your raw files. Sure, they fixed that (so they say), and said "Sorry, we won't do it again." But how much can you trust them, considering that they blatantly lied to you before?
Deduping should never actually work if the files were store with unique encryption keys. On personal stuff, multiple files that are bit-for-bit identical (such as THIS GUY's Experiment [fosketts.net] you can see where it might be possible, but perfectly innocent. After all he sent the exact same file with just a different name.
But de-duping encrypted files seems unlikely to have much of a payout.
Re: (Score:2)
"Deduping should never actually work if the files were store with unique encryption keys."
Yes, this is correct.
"On personal stuff, multiple files that are bit-for-bit identical (such as THIS GUY's Experiment you can see where it might be possible, but perfectly innocent."
And this is correct, as well. But what they were actually doing was the former, not the latter. Their "end to end encryption" promise was simply and blatantly false.
Re: (Score:2)
Re: (Score:2)
That'll help against cybercriminals. Maybe. If you're lucky.
If you really have TLAs going after you, expect attacks that are hardware-based or at least have a hardware component.
Re: (Score:2)
That's why PGP and its ilk, open source and made by activists, might be a better option than commercial tools by companies with a strict profit motive.
If you were an unpaid maintainer of an open-source cryptography tool, and someone offered you $3 million (tax free) to use a specific random-number generator (with no known weaknesses) in your software, would you do it?
Alternatives to being spied on? (Score:5, Interesting)
If you wish to skirt the NSA, get your router from Huawei, and let the Chinese spy on you instead. If you don't want the Chinese to spy, get something from the usual NSA contributors. Or see if there's anything made in Russia or any country that's totally independent of the US.
How easy is it to get a standard router from Cisco or Juniper, and replace IOS or JunOS w/ something like pFsense, m0n0wall or OpenWRT?
While at it, switch to IPv6, and within a group of people, share a /64 subnet so that even if the NSA spies, they'll find it impossible to source the original source/destination, particularly if dynamic IPs are used.
Re:No. (Score:5, Insightful)
I was going to say that.
RSA compromised with money. Cisco compromised already documented. Juniper? I don't know but I wouldn't doubt it.
NSA, you've turned the world against the US and all its businesses. Happy yet?
Re: (Score:2)
> Cisco compromised already documented.
Documented where?
Now now ... (Score:2)
They took every precaution to prevent the world from learning about this sort of thing. If they'd had their way, nobody would know or suspect and everything would be fine.
If you want to blame anyone for having all this come out, blame that tattletale contractor guy with the big usb sticks.
Re:No. (Score:5, Insightful)
It has been demonstrated that the intelligence agencies (plural) in the US government is the tail that wags the dog. This is historically true and more than likely true today as well. When you've got the dirt on many people, how tempting would it be to leverage that into getting your way? It's a temptation many could not avoid exploiting.
Re: (Score:2)
To expand, your router is plugged into the Internet. Your packets traverse many unfriendly wires. They might even trombone through Belarus. So if you want real privacy, find a Tor router you know you can trust. Good luck!
Re: (Score:2)
Re: (Score:2)
What airgap? (Score:3)
It doesn't matter. Either there's an airgap, where nothing can get out regardless, so it doesn't matter, or their's a hop along the path you don't control so the security of your device doesn't matter.
If you have an Intel processor, then there is already a radio backdoor built in. See http://www.intel.com/content/www/us/en/enterprise-security/what-is-vpro-technology-video.html [intel.com]
Re: (Score:2)
Re: (Score:3)
and our enemies don't trust them either:
http://arstechnica.com/business/2013/11/cisco-attributes-part-of-lowered-earnings-to-chinas-anger-towards-nsa/ [arstechnica.com]
Do yourself a favor and get yourself a PC white box and start routing with a LINUX source code stack.
At least then you can pick the hardware you want to trust and you can have a choice as to how far you want your security to go into the software stack audit.
But all of this is pointless.
As I pointed out before, it is IMPOSSIBLE to build a secure system anywhere
Still have to rely on the NICs (Score:5, Insightful)
Re: (Score:2)
Like that Intel NIC that was reliably going offline when receiving a "corrupted" packet?
Re: (Score:2)
Re: (Score:2, Funny)
[Posting Anon to preserve mods already made...]
I still have nightmares from that. We call it Intel NIC Debacle of 2013 (or sometimes just The Dark Times). Lost business and had many very angry customers because of that NIC. Kristian Kielhofner should be named some sort of geek Saint or something for finding the root of the problem.
Jesus Ad Hominem Christ! You got this close and didn't even think about naming him Saint NIC?!?
Prepare to be visited by the Ghost of Slashdot Past....
For VPNs, or for routing? (Score:5, Informative)
The answer depends on what you mean. As far as I'm concerned, a hardware router can probably be trusted to be a basic firewall/router. It's pretty unlikely that anyone will come up with a useful attack on a device that's just doing port blocking, NAT, and basic routing. At worst, somebody might DOS it or turn it into a well-connected zombie to aid in DDOSing somebody's server, but neither of those is compromising your data.
Now if you're passing unencrypted data across that router, you might have a problem, but then again, passing unencrypted data across any router outside your own intranet is a bad idea, so nothing new there. And if you're expecting the commercial router to provide a VPN, then the answer to whether it is trustworthy becomes "no", because its crypto implementation cannot readily be audited and verified to be trustworthy.
Re: (Score:2)
That pretty much sums it all up. Frankly unless you are some high profile location I would not worry much about a government based backdoor in your router. If they want your data bad enough they will find a way. You are going to do Tempest? Are you hardened for social attacks? What about all your PCs?
If you are worried, something like OpenBSD or Linux as a router should work. I am pretty sure if they are interested enough they will get the data one way or another.
Re:For VPNs, or for routing? (Score:5, Insightful)
I am pretty sure if they are interested enough they will get the data one way or another.
This...
Or has no one ever heard of rubber-hose cryptography?
If all else fails, they can break in at night and steal the information locally, or simply put a gun to your head.
When it comes to computer nerds, that last option probably has a 99.99% success rate.
Re:For VPNs, or for routing? (Score:4, Insightful)
As far as I'm concerned, a hardware router...
There is no such thing. A device that moves data from one location to another, using some policies to examine and transform it, is not just a "hardware" device. It's also software. And if it interfaces with software, then it can be compromised. Or haven't you noticed the news about D-Link routers? [slashdot.org] A lot of these routers have 2MB or less of flash, which makes it difficult to find a useful exploit, but "difficult" doesn't mean "impossible."
It's pretty unlikely that anyone will come up with a useful attack on a device that's just doing port blocking, NAT, and basic routing. At worst, somebody might DOS it or turn it into a well-connected zombie to aid in DDOSing somebody's server, but neither of those is compromising your data.
With just a little paranoia, I can imagine someone finding a way to get those routers to copy your traffic, or at least the headers, to some hostile entity. It doesn't take full knowledge of your traffic to destroy your privacy. [arstechnica.com]
A router is a type of computer. It's subject to all the same concerns about trustworthiness as any debate about proprietary and free software.
Re: (Score:3)
That's completely immaterial. A hardware router is distinguished from a software router by whether it is or is not a general-purpose computer. Hardware routers range from that little D-Link all the way up to Cisco boxes. In the most extreme designs, the hardware provides a dedicated I/O processor that performs the actual routing functions, allowin
Re: (Score:2)
I would be surprised if every single american made router can NOT be attacked by NSA to gain management console. Which means thay can inspect and re-route your data at will. And they can get the access inside your intranet. Same with british made (is there any?), probably israeli and maybe some chinese. IMHO best bet would be german or perhaps scandinavian ones. Same with VPN, german VPN is very likely without intentional holes.
How are you going to roll your own? (Score:3, Interesting)
If any of the above is compromised, you are no better off than with a hardware based router.
If you by hardware router mean a device that truly forwards packets in hardware without involving any sort of CPU, then your best guarantee is the economical one. It is cheaper for the vendor to manufacture hardware without snooping capabilities than with.
Re: (Score:2)
Re: (Score:2)
Take your cash, skills and efforts away from the tame junk "compromised" brands and build with more interesting products, projects.
And they ARE compromised. (Score:5, Interesting)
Modern laptops and desktops come with remote administration tools built into the chips on the board. (The vendors tout this as a feature, simplifying administration of a large company's workstations. It's easier and cheaper to build it into everything than to be selective, so it's in the machines sold to individuals, too.)
One example: Intel Active Management Technology (AMT) [wikipedia.org] and its standard Intelligent Platform Management Interface (IPMI) [wikipedia.org], the latter standardized in 1998 and supported by "over 200 hardware vendors". This is built into the northbridge (or, in early models, the Ethernet) chip).
Just TRY to get a "modern laptop" (or desktop), using an Intel chipset, without this feature. (I suspect the old Thinkpad is how far back they had to go to avoid it.)
You can't disable it: Dumping the credentials or reverting to factory settings just makes it think it hasn't been configured yet and accept the first connection (ethernet or WiFi, whether powered up or down) claiming to be the new owner's sysadmins.
If the NSA doesn't know how to use this to spy on, or take over, a target computer, they aren't doing their jobs.
Some of the things this can do (from the Wikipedia articles - see them for the footnotes):
Re: (Score:2)
If you replace a hardware router with a PC, you have to trust
If any of the above is compromised, you are no better off than with a hardware based router.
If you by hardware router mean a device that truly forwards packets in hardware without involving any sort of CPU, then your best guarantee is the economical one. It is cheaper for the vendor to manufacture hardware without snooping capabilities than with.
The flip side of that is that if you are a powerful agency - one powerful enough to control what's going on in overseas fabrication plants and suppress any signals coming out of them, you have to be able to set up a scheme that's subtle enough to go undetected without it either being subverted by or corrupting the:
Because Chthulhu knows, it's hard enough to get that stack operating reliably even without a secret agenda. If j
How about open-source firmware? (Score:2, Interesting)
I'm definitely in the "no" camp on this one, but how about after-market, open-source firmware? I run DD-WRT on my good ol' WRT54G, which I trust a heck of a lot more than the OEM code. How far does replacing the stock firmware go towards securing my home network?
Re: (Score:2)
I'm definitely in the "no" camp on this one, but how about after-market, open-source firmware? I run DD-WRT on my good ol' WRT54G, which I trust a heck of a lot more than the OEM code. How far does replacing the stock firmware go towards securing my home network?
It goes as far as you can trust your replacement code.
It won't protect you from hardware-based exploits except to the degree that you use the hardware in unexploitable ways. It won't protect you from fifth-column code in your OS if you use that code without inspecting it. But at least you should have a reasonably degree of trust in your own code.
And yes, I know the theory behind malware-injecting compilers, linkers and debuggers. But as long as you're not operating in a monocultural environment, there are s
The Wrong Question (Score:5, Insightful)
Re: (Score:3)
This! Mod parent way up! The question isn't whether your [insert endpoint here] is safe, but if the intermediate points are. Even if your own router is safe, what about the one upstream? I've assumed for a long time (way before Snowden) that all electronic communications are monitored, and when you realize that, and the insane difficulty of getting around that monitoring, you kind of give up. You have to decide what is important enough to secure from a worthy (non script-kiddie) adversary and versus le
Re: (Score:2)
OTOH, if you're doing something that the intelligence agencies (regardless of country) is interested in, your only real hope is to use the the 100% open software/firmware like the FSF advocated
The question is, are you trying to stay off the radar, or trying to avoid having the NSA hack your computer once you're on the radar?
If the former, the challenge is that they can miss and miss and miss, and only have to hit once. You have to hit every time. The odds of that over any period of time are nearly zero. A single mistake and all your efforts are for nothing.
If the latter, no amount of electronic protection is going to do you any good. If they really can't hack their way in, they'll just w
Re: (Score:2)
You shouldn't have to trust your upstream routers
No, instead you should be able to verify all of your hardware and software are valid. One way to do this is demand the VHDL and compiled chipset designs for all your hardware. This way one can benchmark things such as power draw or timing characteristics in reality and simulation, allowing some degree of verification that pattern matching code isn't running across your bits.
Unfortunately people are confused by the infinitely reproducible nature of information. This is the first generation of the online In
Re: (Score:2)
where is my "+1:alien" moderation button...
routerpwn (Score:2, Informative)
http://www.routerpwn.com/ [routerpwn.com]
I wouldn't (Score:2)
I wouldn't. [schneier.com]
Our team of scientists and Linux netwokring experts has an open, next generation router project [igg.me] up on IndieGogo right now, but we aren't getting much traction. I guess we missed product-market fit. To the point that we are have modified the campaign to ask people not to buy the router or if they do - risk us not shipping some of the more advanced features that we are working on in this product. We had hoped to release it all as open source but I just don't think that' going to be possible now, un
Re: (Score:3)
Some comments:
"Upliink"? Took me a while to notice there are two "i"s there for some bizarre reason. As a result, googling for it failed. If you're going to make up words, at least don't make them confusingly similar to normal ones.
Half a million is an awful lot of money. $430 is a lot for a router.
It's not clear at all what it does. IPv6 internet? What is that?
Sharing the connection with nearby people? Why would I want to?
Mesh networking. How is this going to scale? What performance and latency do you expe
Re: (Score:2)
Thanks for your feedback. Something I've learned is that marketing and complexity don't mix, so I agree our communication strategy is not optimal. We are trying to talk to too many audiences and doing a bad job with all of them. We'll try harder.
Half a million is an awful lot of money. $430 is a lot for a router.
It's a server/router hybrid. We need to be clearer about that. The specs are competitive with what you'd find in the market for regular computers, but we thought it would be distracting to break them down because some of them are subject to change.
It's not clear at all what it does. IPv6 internet? What is that?
Sharing the connection with nearby people? Why would I want to?
Because at scale,
Re: (Score:2)
You always talk about Internet to be a one-time cost.
That's only true if there is no (high speed) uplink to the rest of the world to be paid for, for example. Those don't come for free. And if you're really sticking to your own mesh network, it's going to be unusably slow. And people wouldn't be able to access staples like Slashdot, or Google.
Re: (Score:2)
Ok, since you liked it, I decided I'll think on this some more and give some more feedback. So:
Something I've learned is that marketing and complexity don't mix, so I agree our communication strategy is not optimal. We are trying to talk to too many audiences and doing a bad job with all of them. We'll try harder.
You need a good reason for why I would want this right off the start. And right now it's not there. Look at FON [wikipedia.org], who did part of what you are, much more successfully. The immediate question for something like this is "Why would I want to share my connection?", and FON answered "You'll earn money!". There, that's nice and sensible.
They also gave out their hardware at a ridiculously cheap price. They were selling th
Re: (Score:2)
Who cares? A consumer router is going to run well enough with either, and won't have a 10 page long list of firewall rules to slow things down.
I have a router running Linux and it deals with a 100 Mbps fiber line just fine. Running BSD on it isn't going to make any difference except for me having to learn how to do things in FreeBSD.
Re: (Score:2)
I really like the BSDs, especially Tinfoil [openbsd.org]. There will always be standalone servers. But we think that the future is partially about router/server hybrids with eg. big LRU caches. A great example of this. A busy router can easily download the same image file, 100K times a day. That's waste. In a perfect world we'd have a completely finished software system, that works everywhere, without hacks, and doesn't have to leverage the convenience of an OS that seems to have most of the market share out there. If it
Re: (Score:2)
Seconded...
We've worked on minimal hardware routers and iptables can't keep up with pF on the same hardware.
pF also allows more flexibility, and can do funkier layer 2 than iptables.
The ALiX boards in the Yawarras (http://www.yawarra.com.au/) are small, flexible, and FreeBSD supported.
We don't use them so much anymore since we run more VM host-based firewalls, and we've moved on from hosting various physical machines requiring firewalling between them (since a possibly compromised machine's firewall can't b
Would that the IETF knew (Score:4, Interesting)
This is a big (and, I personally fear, unfixable) problem for the IETF [youtube.com] and associated Internet bodies. Of course, router security is only a tiny piece of it. Given that RSA has been revealed as taking money from the NSA to weaken security protocols [cnet.com], who knows how deep the rot goes.
One big fight right now is in over the removal of NSA employed Chair of the Crypto Forum Research Group [ietf.org]. There will be more.
Trust for what purpose? (Score:4, Interesting)
For ensuring the safety of your outgoing traffic, it doesn't matter at all whether you can trust your router or not. It's just one step away from a router at your ISP, which you can't trust, and which can be assumed to be malicious.
It's a bit different for ensuring the safety of your internal network, though. If you think there might be any reason why the NSA, government or whoever might want to reach inside your personal network, then you certainly should avoid any closed solutions and keep it under as much control as possible. That router might well hiddenly allow people that know how to access your network without permission.
Router manufacturers also have been caught rewriting pages to insert ads. Here is one example of such a thing [theregister.co.uk].
You're doing it wrong. (Score:3, Insightful)
If you're worried about a router and if you can trust it, you've already done it wrong.
Your data should have been encrypted before it let the original application if its something you care about.
It shouldn't MATTER if you can trust the router, if it does, you've already failed.
Good question! (Score:2, Insightful)
Who keeps the keys to your kingdom? (Score:2)
If you are doing things that affect large powerful organizations in potentially negative way, you already know you are a target. Deal with it with hardened software, but don't forget that most secret information is lifted with social engineering (inside jobs of dozens of types.) Someone gives the combo to the safe away!
If you are not stepping on government, NSA or mega-corp toes, standard encryption techniques are probably just fine, but that is just one of the lines of defense.
Does it matter when the telcos are 0wned? (Score:2)
It's not just the hardware, it's the algorithms (Score:3)
All the crypto software I've looked into depends on big internal arrays of special numbers to do its work. If those numbers are compromised (which is what NSA contracted RSA to do, basically), then the whole end-to-end crypto channel is compromised.
And that's the problem. You can build an open-source hardware router with open-source software, to keep the possibility of hardware backdoors to a minimum, but if the basic crypto algorithm you use has been compromised from the get-go, none of it matters. I think that's going to be the next really difficult intellectual load to lift: vetting ALL of the current crypto algorithms in use today to make sure the algorithms don't have built-in compromises. Since that vetting has to be done by crypto experts, not just software engineers, that pushes the trust back up one step: which crypto experts do you trust?
Want to be 100% safe? Then forget the Internet. (Score:3)
No trust (Score:2)
I do not trust commercial routers, not because of NSA-weakened crypto, but because of plain old security holes like unclosed developper backdoors or web administrative interface full of CRSF vulnerabilities
I use a Soerkis [soekris.com] box with a PCI DSL board, and I run NetBSD [netbsd.org] on it
Nothing (Score:2)
Timothy and Ask Slashdot (Score:2)
"Trust no one." (Score:2)
According to Fox Mulder from The X-Files. ;)
Re:It can be a good thing too (Score:5, Insightful)
Like RSA or Microsoft?
Re: (Score:2)
When it comes to trustworthy, it seems nowadays made-in-China is the way to go. At least no NSA involvement there.
Re: (Score:2)
Yes. Trust China [google.com]. They don't spy [wikipedia.org].
Re: (Score:2)
Re:It can be a good thing too (Score:5, Interesting)
See, that's the theory, but it can not work in practice the way things are today..
Today, you will notice that an increasing number of business models reject the notion of "I'm the seller and you're the buyer". Most of the corporations with whom you do business don't really see you as the customer any more. For example. If you use Google, are you the customer or are the advertisers? If your data is compromised, that doesn't change anything about the relationship between the seller and the buyer. Same goes for banks, and for Microsoft, Apple, and most of the big tech corporations. While they may sell products to you, they have significant income streams that are deals with the government. In the next six years, Apple computers could have almost a trillion dollars in cash-on-hand. Are they a tech company or a bank? The money they make from their intellectual property doesn't come from you. The money they make from their "strategic partnerships" doesn't come from you.
You're going to buy their products regardless, so it's a lot more important to Apple that they have a good relationship with the government than with you. Because their beneficial sweetheart tax deals could bring in as much as the profit from selling consumer electronics.
Same goes for the telecommunications industry. When you've got telecoms involved in creating content, you're no longer the customer. You're not the consumer, you are the consumable.
This new relationship circumvents every aspect of the notion of "free market", at least any "free market" that involves you. And make no mistake: this new relationship where there is a third party that inserts itself between you and the company from whom you purchase an item is the model of the future. Video gaming, food, intellectual property (of course), transportation, right on down the line. You are being cut out of the equation. There is more profit in making the government happy than there is in making you happy.
Re:It can be a good thing too (Score:5, Interesting)
Bottom line is this: there is no longer a division between the corporate world and government. They are one in the same. They rely on each other and have no reason to take you into consideration.
This makes dealing with the problem as citizens ten times harder. Because if you attack one of the heads of this snake, the head at the other end comes around to bite you. And the current setup is sweet for both corporations and government so they've got no reason to want to change it.
true, except failed arithmetic re taxes (Score:2)
True, for some business models the user is the product. The advertiser is the paying customer. Broadcast TV and radio are examples.
You forgot how to multiply when you made this statement, though:
> Because their beneficial sweetheart tax deals could bring in
> as much as the profit from selling consumer electronics.
Assume a 100% tax break, the company pays 0% taxes.
That's zero percent of their profit. Profit = sales - expenses.
If they have no sales, they make no money, and paying 0% tax doesn't help t
Re: (Score:2)
Of course. I was typing faster than I was thinking.
I wanted to say that the strategic partnerships and intellectual property and (in Apple's case) the investment of their "war chest" can bring in as much profit than selling their products.
Off-topic, but if Apple wants to keep hundreds of billions in cash, they ought to become a bank.
Re: (Score:2)
NSA: Plz backdoor because terrorists. K thx bai. ...I'll call you back monday.
Company: No! We can't lull our customers into a false sense of security. It's unethical and the stockholders will destroy us if they find out.
NSA: But, but...$10 million contract [slashdot.org]?
Company:
Re: (Score:2)
How do you know that those are not genetically modified birds, subjecting you to a roost in the middle attack ?
Re: (Score:3)
I'm afraid my cat decreased your throughput by 5%
Re: (Score:3, Insightful)
Trust No One!
And I should believe you why?
Re: (Score:3)
Re: (Score:2)
THHGTTG
Re: X-Files (Score:2)
Re: (Score:2)
As Boeing vs Airbus showed well over a decade back the national security apparatus is for hire, so commercial stuff (like the Airbus passenger aircraft designs) is also potentially stuff they want.
Re: (Score:2)
"roll your own", ah but you didn't, and by suggesting that you did only make Ken Thompson sad. [bell-labs.com]
Re: (Score:2)