

PRISM is not the problem - mzahir
https://medium.com/i-m-h-o/343b5d6c2da0

======
einhverfr
I agree but only to a point. I actually have a piece on my blog I will be
submitting here today which discusses the idea of a PKI for the current threat
model (resourceful organized crme and secret government surveillance. I have
an idea for how to build a PKI to help combat these and laid my ideas out
there.

But what is relevant for this discussion is that one of the goals has to be to
increase the effort of a security compromise and reduce the value of one.
Nothing is going to stop a government official spearphishing a target with an
appropriate warrant, but if you can force the issue to that level of attack,
and if you can make sure that the endpoints and only the endpoints are where
compromises are vulnerable to sustained secret attacks, then maybe we have a
chance. (It also means it is a lot easier to serve a warrant on the related
computers rather than evesdropping silently in the middle.)

