
Everything is broken (2014) - grey-area
https://medium.com/message/everything-is-broken-81e5f33a24e1
======
joesmo
Great article. This is the only way I can think about security. It leads to
only one conclusion. Nothing connected to a network is secure, therefore
nothing connected to a network is private. That's kind of sad actually, but
it's the maximum claim I can make about the security of any system, including
ones I manage and work on every day. If you need guaranteed security and
privacy, the only thing to do is to keep things offline. Otherwise, it's just
a matter of degree of ease of access to what is essentially public
information.

------
ChuckMcM
You know that feeling when, at some point, you realize you could have just
died there, and suddenly you are overwhelmed with all the things that could
kill you that are out there? This article feels like that.

There are relatively few ways to take over a western electric phone
([http://www.ericofon.com/catalog/classic3/images/2554/2500we_...](http://www.ericofon.com/catalog/classic3/images/2554/2500we_re.jpg))
it goes off hook by putting a load on the line, it dials by sending tones in-
band. There are ways to subvert it of course but if you care to learn them you
can figure out whether or not your device has been subverted. Of course there
are hundreds, if not thousands of ways to subvert an iPhone (or Android phone)
without the user being able to tell, ever.

The fundamental difference is of course complexity, and _programmability_
which adds an exponential factor to complexity.

------
weloytty
good article, it reminds me of
[http://www.hanselman.com/blog/EverythingsBrokenAndNobodysUps...](http://www.hanselman.com/blog/EverythingsBrokenAndNobodysUpset.aspx)

