top | item 36387489

(no title)

News-Dog | 2 years ago

I am reminded of basic concepts;

Zero Trust Security Model - Trust no One (Internet Security) : https://en.wikipedia.org/wiki/Zero_trust_security_model

discuss

p-e-w|2 years ago

Unless you are also building your entire hardware from scratch, including the CPU, and writing or auditing all firmware and device drivers, "zero trust" is a fantasy.

Zero trust means verifying everything. Not only has no living person verified the entire technology stack they are using, it is literally impossible to do so for any modern consumer device, since they all contain closed hardware and software that affects the trust model yet cannot be verified in any meaningful sense.

News-Dog|2 years ago

>"zero trust" is a fantasy. - Zero trust means verifying everything.
Not only has no living person verified the entire technology stack they are using,

it is literally impossible to do so for any modern consumer device..

Correct! - So the options are practice good privacy principles or totally disconnect and become a Hermit.

See; https://news.ycombinator.com/item?id=36387696

opportune|2 years ago

Maybe that commenter didn’t know what zero-trust means. Zero-trust in practice just means continuing to authenticate from within your “perimeter”, ie, assume an employee or machine is already compromised.

If you need unbreakable encryption and security that even the NSA (or the various vendors it works with to find zero day exploits) can’t hack you need to get off the fucking internet