• Posts 2
  • Member Since
  • Last Active
  • Name MNX
  • Location: United Kingdom
All Posts Topics Started
PRISM / Patriot Act questions
You guys are clearly experts in this stuff and I have no qualifications to judge on how good, bad or indifferent these guidelines are, I am just Joe Average end user who reads too many New York Times and Guardian articles.

It just doesn't sit right with me that an organisation that has no interest whatsoever in promoting secure systems that it then cannot infiltrate would issue such self defeating guidelines. Think about that for a moment, they spend millions trying to break various levels of RSA encryption, only on the other hand, showing their charitable side, they issue security guidelines that prevent them from doing their job.

Do you think Lavabit or Silent Circle used NSA recommended guidelines? Methinks not.....and they paid the ultimate price for not allowing the NSA access to their systems or the data therein.

But then...maybe I should stop reading the NYT, or the Guardian...or the Washington Post, the Economist...or any other decent and respected newspaper.

PRISM / Patriot Act questions
As a new user, it does not fill me with any confidence that, per your wiki, you use "NSA hardening guidelines". You kindly point readers to the NSA website, where this wonderful, altruistic organisation state :

"The NSA Information Assurance Directorate collaborates with operating system vendors and the security community to develop consensus-based security guidance."

Can you explain, given the last few months of revelations, how this is supposed to fill your users with confidence that their data is secure? The NSA isn't a charity; any "guidelines" or recommendations they make regarding security is almost guaranteed to ensure that anyone following those guidelines is completely the opposite of secure.

Your insights would be most welcome...

count post selected

Add a Website Forum to your website.