
Snowden: Privacy can't depend on corporations standing up to the government - Tsiolkovsky
http://www.networkworld.com/article/3046135/security/edward-snowden-privacy-cant-depend-on-corporations-standing-up-to-the-government.html
======
awinter-py
No surprise that security updates are the center of this conversation.
Software patching is a source of vulnerabilities turned off (exploitation from
fixed bugs) and turned on (update provider can be malicious).

When heartbleed broke that was evidence that the 'many eyes' theory of secure
open source software hadn't worked. Alternatively, the bug was found because
big corporations with security budgets were getting serious about holes, so
maybe 'many eyes' is starting to be true. Certainly apple's 'goto fail' and
RSA's key strength bribery are examples of 'not enough eyes' for closed
software.

~~~
Grishnakh
>When heartbleed broke that was evidence that the 'many eyes' theory of secure
open source software hadn't worked. Alternatively, the bug was found because
big corporations with security budgets were getting serious about holes, so
maybe 'many eyes' is starting to be true.

Heartbleed proved that just having software be open-source is not sufficient.
Having the source available to audit isn't all the helpful if no one bothers
to do the work to audit it, because they all assume someone else is going to
do it.

However, if there are entities willing to put in the effort, it's much better
for the code to be open-source because then it _can_ be audited, and this
auditing can be documented publicly (e.g., the fixes can be seen in git logs),
whereas with proprietary software you have no idea if the software has bugs,
you can't audit it if you want to, and you can only take the word of the
vendor that they've made it secure, and of course we know that isn't worth
squat.

~~~
awinter-py
Bytecode / binaries can be verified (for certain properties) using static
analysis. Open source doesn't make verficiation that much easier (at scale),
but it makes fixing a lot easier.

Also, until reproducible builds become commonplace, most linux users can't
verify that their binaries come from a specific version of the source. Binary
verification is the way to go.

~~~
Grishnakh
You only really need reproducible builds if you don't trust the source. So
far, there hasn't been any evidence that any open-source projects are
untrustworthy.

~~~
awinter-py
Doveryai no proveryai -- trust but verify. Wasn't sourceforge bundling an
adware installer for a while?

~~~
anonbanker
some of us are using verified gcc builds in Gentoo, and building stage3
installs in order to handle the trust aspect.

------
jeena
If we all used free software, would that even be a problem?

~~~
benevol
This, it's so important for society. If we want real democracy, software
_needs_ to be open-source.

Please everybody, never stop promoting open-source solutions to your friends &
family.

~~~
studentrob
Agreed open source is very important.

Does anyone here think all software should be open source?

I'm interested to debate someone about that. I can't see how that works unless
the whole world stops using money.

~~~
thomasahle
I think the main argument is that most customers, and certainly enterprise
customers, will pay for software even of the source code is available.

Also requiring all software to use an open source development model is
probably not necessary for security purposes.

~~~
dragonwriter
Enterprise customers don't pay for software so much as support and
accountability (that software firms often roll all this up into license fees
rather than separating it out is irrelevant to what is motivating the
enterprise purchase and justifying the cost.)

------
matheweis
"I didn't use Microsoft machines when I was in my operational phase, because I
couldn't trust them" ... I'm not really sure that open source should get a
free pass in terms of trust - it's not possible for you as an individual to
single handedly verify that the open source software is trustable either; you
need to assume that the group maintaining it has your best interests at heart.

~~~
ta0967
1\. i don't think that a "free pass" was necessarily implied 2\. how would you
put it? "i can't review windows source code because it's a trade secret. but
since i can't review GNU/Linux or *BSD source code (because it's too much)
either, meh."?

------
marssaxman
Snowden generally seems not to open his mouth unless he has something
worthwhile to say, so I imagine he might have addressed this in the actual
talk of which this article is such a brief summary, but: what choice do we
have? No, it's not great, but we typically use government power to check
corporations, so I don't see anything inherently wrong with using corporations
to check an unaccountable, runaway government.

~~~
rdancer
The choice is to either (1) hold all three branches of the government
accountable for enforcing the Constitution (or the Universal Declaration of
Human Rights outside U.S.), or (2) let slide even further towards tyranny, or
(3) there is no #3.

~~~
marssaxman
Well, yes, but how in practical terms are we supposed to accomplish #1? I see
no options. The US government is doing what it wants because it can, and has
grown increasingly obvious about it since they face no consequences beyond the
embarrassment consequent from perverting the democracy, which is easier to
solve by adopting a status-hierarchy mindset and not worrying about it than by
actually letting go of power once seized. They are not going to stop unless
someone forces them to, and major tech corporations are the only entities I
see capable of wielding force on the scale that might accomplish it. They
don't care what citizens think anymore - the total failure of the largest
protests in the history of the world to accomplish anything against the
blatant idiocy of the Iraq war proved that.

~~~
rdancer
Vote in people who would change that. Or get out while you still can get exit
visa.

------
vezycash
I was thinking about encryption the other day. It struck me that whenever the
topic came on HN we tended to see encryption as 100% or nothing.

I however think we should instead focus on creating good enough encrypted
communication for email, chat... for two reasons.

1\. It'll make things a little bit more expensive for the "watchers."

2\. It will create noise. I.e. right now, if one person is using encrypted
communication, he automatically becomes a target. With everyone using some
level of encryption...

3\. It'll serve as an intro to security. The same app that provides base level
encryption can give TIPS on how to become even more secure. Think Windows "Tip
of the day."

There's no perfect security. An insecure world-wide, easy-to-setup encrypted
communication is better than nothing. Because, it'll at least make people more
security/privacy conscious.

~~~
wyager
Why stop at making dragnet surveillance "a little bit more expensive"? It's
not much more effort to make dragnet surveillance impossible and directed
surveillance extremely expensive.

