This is so obviously true that I found the tone of the post confusing. It's similar to people's reaction to the comparative threat of keeping their email on Google Mail or some random webmail provider that's likely to lose their mail spool to SQL injection. I'm not arguing that the NSA threat isn't worrisome; it is. But other threats are in fact even worse!
> A government is far more likely to oppress you, deny you rights, blackmail you for political reasons, etc. because it has the resources to do so.
I don't know... you're asserting as a fact here that one is more likely to be oppressed or blackmailed by the USG than by a criminal. But for blackmail alone there are thousands of criminal cases per year in the US, and an incalculable amount of "oppression" caused by criminals generally. What are the numbers for USG cases of blackmail each year? I guess they wouldn't be tallied... But I'd have to estimate that they're somewhat lower.
Criminals and Governments have a long history rich for data mining. If someone wanted to do that study they could.
Asking for facts elides the far more nuanced question of whether it is good for the American Government Marketing Team to continue to operate a known blacksite when the American public is auditing security practices.
The problem with this line of thought is that large criminal enterprises have political goals, and sufficiently large governments have criminal elements with criminal goals within 'em.
who's more likely to work at the NSA? A man who respects the constitution or a criminal? as the NSA grows in both size and power the answer will become clear. As an nsa employee you'll quit or expose secrets when things get sketchy. the only people stick around will be... what exactly?
> Criminals by and large just want money, governments want power. That makes them a far more serious threat.
It's really, really easy to say this living in a place where the rule of law is reasonably robust. There are many parts of the world where this isn't the case.
I am living in Indonesia right now. I would say at first I agreed with you. However what I see as time goes on is that the rule of law in the US is largely an elaborate illusion.
The point of rule of law is supposed to be that the government is bound by the laws. Calling this "robust" with regard to the NSA is the equivalent of putting ones head in the sand....
>There are many parts of the world where this isn't the case.
There are even more parts of the world where the "rule of law" is what opresses people rather than criminals. Dictatorships, third world monarchies, banana republics etc. And sometimes, criminals and an opressive government go hand in hand, as in some latin american countries...
BTW, the district in Indonesia which has the best government is a monarchy (the Sultanate of Jogjakarta). It is a Constitutional Monarchy and the Sultan does not have legislative power (only executive power).
I will admit though that as an American it seems weird to have a Sultan of a small district in a larger parliamentary democracy. It would be like having a King of New Hampshire....
I see what you mean; there are two things that most interest me.
The first is "wow, did I just see them in action?".
The second is that journalists are consulting the wrong "experts" in situations like this. They think "cryptographers" are the experts in these Snowden leaks, but the real experts for most stories are incident responders, pentesters, reverse engineers, and even simple IT engineers.
As for being wrong, I'm sure if I could reveal more details, people might be able to debunk me. Sadly, I can't.
Actually, it's not just Huawei, it's pretty much all everything. Pretty much every router, telcom switch, storage system, etc. sold outside the United States comes with a support contract whereby the vendor's engineers can connect and manage the device.
Indeed, there's a recent legal case of a company selling stuff to Iran. The company said they weren't responsible, because it was resold by intermediaries. Yet, their support engineers were connecting in to manage the box.
The lede was really "here's what we saw", at least to the extent that we can reveal anything being bound by customer confidentiality agreements (which, frankly, isn't much, which kinda sucks for the reasder).
Sure, you're both saying that the least bad option is the best option, which is obviously true. But that's not really the argument, or at least not the end of it. Some of us would like to have options that are significantly better than the best existing option.
