← Back to context

Comment by tptacek

2 years ago

You skipped whether you believe NSA follows them or not. Even if NSA ignores those rules, they have literally no rules about compromising foreign servers; they are required to do so, as part of their job.

Take a step back and note that nobody on HN is going to make an argument premised on "you should trust NSA to follow the rules". You can accept that as an axiom and have easier conversations here.

2 comments

tptacek

Reply
fsflover  2 years ago

> Even if NSA ignores those rules, they have literally no rules about compromising foreign servers

This is not good enough. Signal server is a single point of failure: NSA (and any other attacker, e.g., China) knows that the users can't go elsewhere, so it's very easy to target them all (thanks to the Signals's politics of walled garden). In case of Matrix, there are thousands of servers around the world, which you have to find and get into. They can run completely different software. This is not very scalable or easy.

baq  2 years ago

I guess this whole subthread is based on the assumption that non-US servers are somehow more safe than US servers; I completely agree that's obviously not true, I just want to point out that allies ratified shenanigans to pull between each other to stay compliant with internal regulations on paper but in truth have access to everything about everyone: https://en.wikipedia.org/wiki/Five_Eyes

...and this is the declassified part.