WingNews

itsnowandnever|4 months ago

I think people don't understand what this means either. the nation-state "agencies" that can and will get into your network/devices can do so because they would employ tactics like kidnapping and blackmailing a local telco field technician. or if it's your own government, they can show up with some police and tell them to do whatever and most will comply without even receiving a proper court order.

so unless you're worth all that trouble, you're really just trying to avoid being "low hanging fruit" compromised by some batch script probing known (and usually very old) vulnerabilities

red-iron-pine|4 months ago

plenty of big telcos push back to gub'mnt orders. they usually get a warrant.

or they just pay the $2100 per API call to download it from the telco or social media company.

it's not improper if you agreed to give a company the ability to sell your data to anyone -- the government is anyone, and they have the money.

lisbbb|4 months ago

I like the "gray man" concept, but can't predict when you end up on the radar or why. As a young graduate student, I once wrote an article that rebuffed the government's "Total Information Awareness" trial balloon and suddenly found myself embroiled in much unexpected controversy, including some big name journalists e-mailing me and asking questions. You just never know when you stumble into something that you're not supposed to know about and what might happen.

shiandow|4 months ago

Given that choice I'd rather choose to be unhackable.

aa-jv|4 months ago

I think the more important maxim to follow is this: if you didn't manufacture your own sillicon, you are infinitely more hackable than if you did.

Alas, no matter how hard we try to trust our compilers, we must also adopt methods to trust our foundries.

Oh, we don't have our own foundries?

Yeah, thats the real problem. Who owns the foundries?

pydry|4 months ago

When has anybody ever been hacked via a foundry?

While having your own foundry is undoubtedly a good thing from the perspective of supply chain resiliency, if hacking is what you're worried about there are probably easier ways to mitigate (e.g. a bit more rigor in QC).

smithkl42|4 months ago

Nah, if I manufactured my own silicon, I'd be infinitely more hackable than I am right now - just like if I wrote my own crypto code. 99.9999% of people are going to be more secure if they just rely on publicly accessible cryptography (and silicon). Otherwise you're just going to be making stupid mistakes that real cryptographers and security folks found and wrote defenses against three decades ago.

andai|4 months ago

So the advice would be for an activist to choose extremely boring forms of activism? ;)

broodbucket|4 months ago

If you're at that level where some powerful entity really takes an interest in you, you just have to operate as if you're always compromised, I think.

INTPenis|4 months ago

That's right, just keep your head down, smile and nod, do your job and nothing will ever go wrong. /s

brigandish|4 months ago

A more charitable view would be to act like a zebra in a herd of zebra rather than a zebra in a herd of horses.

impossiblefork|4 months ago

I don't think that's the interpretation, but make your computer systems disconnected from what you do.

If relevant adversaries don't know which computer to burn the exploit on, then they won't burn it on the right one.

GreenWatermelon|4 months ago

You /s but this is actually valid advice for someone who just wants to get by in life and is content.

(no title)

discuss