Claims that NSA spooks are snooping on everyone's internet connections have alarmed libertarians and digital-rights activists around the world. But despite the fact that such electronic eavesdropping has been going on for decades, the leaks from whistleblower Edward Snowden could net IT vendors and the tech distribution channel …
About damn time.
About damn time
I would agree - but I see 1 major pitfall.. the unintended consequences of this will be local protectionism, vendors will milk this for every penny, my guess is they will make the HDD hikes a couple of years ago seem reasonable (after the asian flood, some drives doubled in price!).
Re: About damn time
I'd gladly paid more for locally made IT hardware, software and services. I'm tired of pissing away my nation's money to the USA. Canada can - and should - do more than supply them with raw materials that they then transform into finished goods and sell back to us. Canada should be crafting final goods out of our raw materials and selling that on to others.
That includes keeping our smart and educated people in-country for them to build, design and manufacture IT hardware software and services. Why the hell is the Canadian taxpayer subsiding the education of people who defect to the states?
Globalization lines the pockets of the richest of the rich. When has it ever helped the common man? We get laws to make it so that small businesses have to sell at the lowest possible prices, but we still pay import fees as SMBs or individuals that are absolutely crippling. The USA blithely ignores every law and regulation from every trade organization it's a part of, yet puts enormous pressure on our country - blackmailing us in many instances - to change our intellectual property laws from a "mad in Canada compromise" that was reasonable and good for Canadians to a US maximalist position.
I think it's time for a little protectionism. If I had my way, Canada would stop selling good to the states, start selling good to China and the EU and - ultimately - pull out of NAFTA and sever economic ties whit the US altogether. I would be willing to see a substantial reduction in my generation's quality of life to make that happen, because I believe - honest and true - that it would make the quality of life of our descendants significantly higher than it would be under an American regime.
The US has nothing to offer us that we can't do better ourselves, should we care to. It's time we started to do so.
That's assuming ...
That's assuming said firms are prepared to go head to head with the might of the US intelligence community.
Or, more likely, that's said firms are prepared to maintain a pretence of going head to head with the might of the US intelligence community, and that said US intelligence community are sufficiently able to squash leaks that would otherwise reveal this pretence.
Otherwise known as "business as usual".
Meanwhile, while we Europeans are busy looking for the "Not Made In USA" stickers, we should perhaps consider that Europe's largest cable internet provider is American owned.
Read "On Trusting Trust"
"on the basis that any compromise by the likes of the NSA or anyone else will be clear to the rest of the open-source community."
Ken Thompson described hiding a backdoor to login in the compiler binary in his Turing award address. The ultimate result was a trojaned binary that would recompile clean source for the compiler and login and insert the backdoor into login and the compiler when they were recompiled.
This may well be how NSA has compromised existing devices.
Re: Read "On Trusting Trust"
"and login and insert the backdoor into login and the compiler when they were recompiled."
All of this is well known, but given the chain of what is required to remotely login to a system it's just one step. For example to get into my system you'd need to get past the router firewall and/or port forwarding, if you managed that the sshd would have had to be compromised by the 'bent' compiler, meanwhile the router, at least, would have logged the access.
Do you see the point everything might be compromised but it starts to be :
a) a bit unlikely
b) possible to spot that access attempts are going on unless the router is compromised.
In any case it should be possible to sniff the traffic and see if anything unusual is going, unless you really think that all programs, compilers, and interpreters have been compromised on all operating systems for all possible processors.
Puts a whole new spin of the Trusted Computing Platform
Re: Puts a whole new spin of the Trusted Computing Platform
"Trusted" in the MS/Intel sense of the term was a simile for authorized as in DRM.
Remote monitored. Remote wipeable. Remote accessible.
MS/Intel's use of "trusted" was, as always, what they wanted it to mean.
"made in Germany"
Give it a few years, that will change to "made in the Fatherland"..
Meet the new boss, same as the old boss
The deep nature of the alleged NSA compromise is worrying for anyone who believes in that quaint concept of privacy or "reasonable suspicion". But swapping for the Chinese spies is not actually an improvement, so we have a long way to go before vendors can be trusted not to have backdoor'd things for whatever reasons..
Depend how worried you are about your data in the wrong hands.
Anyone who did not realize these issues if they were implementing a "cloud" solution from day one is an idiot.
Handwaving BS about "It's in the cloud" was rubbish the day some PR droid said it.
Re: Depend how worried you are about your data in the wrong hands.
From the first when I began to hear about 'The Cloud' it occurred to me that trusting any cloud provider was a little like trusting a bank not to make money with your deposits.
If you want your data kept truly private keep it off the internet if you have something to say but don't want any chance of it being overheard; don't say it.
In response to another part of the article about 'Made in Germany' I seem to remember not so long ago the German government trying to pass ever more legislation to snoop on it's own citizens along with the UK, France and probably most other European Nations in spite of the European privacy laws.
To paraphrase you; Anybody who believes they are safe from government snooping by staying out of the US is stupid.
Not so fast...
You know the difference between the NSA and other countries spy programs?
Not one damn thing. Except maybe that the NSA was outted. Go ahead and get that locally built router or sign up with your local cloud provider. It just means that your local government grabs your data first.
Regarding US based companies - they could absolutely say that their stuff isn't handing data to the NSA. As a matter of fact the government would prefer they did say that. For foreign ones you can bet your back end that they have similar laws, or understandings, in place.
«It just means that your local government grabs your data first.»
And then turns it over to the NSA, as our FRA, whose motto should be : «At the service of the US government since 1943 [under other names]», does here in Sweden....
- Review Is it an iPad? Is it a MacBook Air? No, it's a Surface Pro 3
- Game Theory The agony and ecstasy of SteamOS: WHERE ARE MY GAMES?
- Hello, police, El Reg here. Are we a bunch of terrorists now?
- Worstall on Wednesday Wall Street woes: Oh noes, tech titans aren't using bankers
- Kate Bush: Don't make me HAVE CONTACT with your iPHONE