Comment by tptacek
2 years ago
And? It could run on NSA servers and it shouldn't in theory much of a difference. (I would not use Signal if it ran on NSA servers).
The threat model assumes attackers have maximal control of the server environment.
2 years ago
And? It could run on NSA servers and it shouldn't in theory much of a difference. (I would not use Signal if it ran on NSA servers).
The threat model assumes attackers have maximal control of the server environment.
Assume US AWS servers are NSA servers.
You get that it's the literal opposite, right? There are actual rules, whether you believe NSA follows them or not, about NSA interfering with US servers. Not only are there no rules applying to overseas servers, but interfering with those servers is literally NSA's chartered mission.
Rules historically have not been an impediment to the NSA. Worst case, they can be ignored, best case, they can be interpreted with extreme creativity. Five Eyes partners are not subject to the same rules, and information can be shared freely with them.
This continued insistence (widespread - not just you!) on the benevolence and good faith of US intelligence, post-Snowden, doesn't make any sense to me.
5 replies →
I’m not in a position to know anything except unconfirmed rumors about the NSA.
Hence my position remains unmoved.
1 reply →