As far as I'm concerned, the NSA are the enemy - so props to anybody who can poke a stick in their eye. I just hope this guy doesn't wind up in Guantanamo for the rest of his life.
What is interesting to me is that even super security gurus at NSA can't contain their most sensitive data (well, maybe tools aren't highest level?).
At some point I think we need a better security strategy than trying to stop data from leaving, and more about how to make sure data is useless outside of its domain.
edit: I say that now in retrospect that security and freedoms of data seem always at odds. DRM being a keen example. Just wish we had better options..
> and more about how to make sure data is useless outside of its domain.
This explains why most enterprise applications and platforms are a nightmare to work with. This class is called "UserView" oh but you see comrade it actually does not have any view or user, in fact its sole purpose is to be compiled and thrown away - nevermind the JIRA issues for bugs in it. Everything is "business logic" "business specific", noone who hasnt been at the place for 3-5 years can understand that this is not actulaly what it says it is.
This kind of feature was called before JCR, "Just for Curious Russians".
I would like to see a massive effort in research and development of unbreakable encryption, privacy tools, and general security.
Everyone, the NSA, rest of our government, all governments, all citizens of the world, all businesses should be protected. If we just spent a small percentage of what we spend on endless wars for profit, then I think we could mostly reach these goals.
I would like to think that we could still catch and prosecute criminals, and I include terrorists when I say criminals, without violating rights to privacy and our general rights.
But the more secure we make our devices, the more opportunities we create for them to be locked down. One person's security update is another's anti-jailbreak patch. Trusted computing can be used to protect against malware and to block users from saving Netflix streams.
I disagree with the notion of a computing system being “secure” in absolute terms, without reference to what the user wants to do with it. A system is secure if it's unlikely to compromise the integrity and/or privacy of information the user deems sensitive, which of course varies from one user to another.
Without reference to a specific user, all you can talk about is a computing system being restricted or unrestricted, and I don't want my computing devices to have restrictions imposed by someone other than myself.
DRM is surprisingly security oriented, if you think about it,the premise of DRM is not trusting the user, which is more extreme than most security models (allow the user root/admin access to the OS is anithetical to not trusting the user).
Much of the base terminology of DRM comes from the military, and it involves the generals "back home" being able to trust that a computer out in the field, containing sensitive data, will not allow non-authorized personnel, never mind the enemy, to access said data.
Because it works both ways. I can send my data to a server and have it do things to it without ever actually knowing it. You can't let me watch a video without letting me watch a video.
I think it's dependent on what the data is. We still haven't seen the JFK files... I'm guessing they were smart enough to only keep physical copies of that.
Uhm, per his story, he was working for "the enemy" and took his work home so he could get better at it. Shouldn't you be angry at someone so diligently working to harm you?
Well, I don't think we really know what happened yet, but yes, you have a good point IF that is the case. I have to admit, I let my own biases creep in and was probably assuming he leaked the stuff intentionally.
