| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 13 Sep 2013 15:36:39 -0300 From: "Marcio B. Jr." <marcio.barbado@...il.com> To: coderman <coderman@...il.com> Cc: full-disclosure <full-disclosure@...ts.grok.org.uk> Subject: Re: Internet has vuln. Another bourgeois genius crying like a baby for his private interests are being harmed. Marcio Barbado, Jr. On Fri, Sep 6, 2013 at 5:34 AM, coderman <coderman@...il.com> wrote: > ''' > The NSA has undermined a fundamental social contract. We engineers > built the internet – and now we have to fix it... > > By subverting the internet at every level to make it a vast, > multi-layered and robust surveillance platform, the NSA has undermined > a fundamental social contract. The companies that build and manage our > internet infrastructure, the companies that create and sell us our > hardware and software, or the companies that host our data: we can no > longer trust them to be ethical internet stewards. > > This is not the internet the world needs, or the internet its creators > envisioned. We need to take it back. > > And by we, I mean the engineering community... > > One, we should expose. If you do not have a security clearance, and if > you have not received a National Security Letter, you are not bound by > a federal confidentially requirements or a gag order. If you have been > contacted by the NSA to subvert a product or protocol, you need to > come forward with your story... If you work with classified data and > are truly brave, expose what you know. We need whistleblowers.... > > Two, we can design. We need to figure out how to re-engineer the > internet to prevent this kind of wholesale spying. We need new > techniques to prevent communications intermediaries from leaking > private information. > > We can make surveillance expensive again. In particular, we need open > protocols, open implementations, open systems... > > > Generations from now, when people look back on these early decades of > the internet, I hope they will not be disappointed in us. We can > ensure that they don't only if each of us makes this a priority, and > engages in the debate. We have a moral duty to do this, and we have no > time to lose. > > Dismantling the surveillance state won't be easy. Has any country that > engaged in mass surveillance of its own citizens voluntarily given up > that capability? Has any mass surveillance country avoided becoming > totalitarian? Whatever happens, we're going to be breaking new ground. > ''' > - Bruce Schneier > http://www.theguardian.com/commentisfree/2013/sep/05/government-betrayed-internet-nsa-spying/print > > > > note from the editor: i'll believe we have made progress toward robust > crypto once every personal computing device has a robust hardware > entropy source. > (backdoor generators like RDRAND don't count, of course ;) > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists