← Back to context

Comment by aleqs

5 hours ago

You have no control about where TLS is terminated when you're talking to a 3p cloud service (with services you don't control/run like cloud LLM APIs). You also have no control about what spyware is installed on/around VMs you rent (and there's a lot). Also when talking about encryption between servers within datacenters you seem to be missing that in order for such multi -stage/path encryption (separate certs/keys) to be possible the data first has to be decrypted at each point, not to mention every major US tech company generally cooperates with the NSA and gives them access to anything they request (including allowing the installation of dedicated hardware to intercept decrypted traffic as has been publicly exposed documented many times already).

Yours and others' claims that it's impossible and nonsensical is based on lack of understanding.

Yours and others' claims that things somehow got better after Snowden is just a completely baseless statement - if you actually looked into what happened post-Snowden - absolutely nothing was done to prevent NSA spying on any communications they want, in fact it got significantly worse.

1 comment

aleqs

Reply
strictnein  1 hour ago

> Yours and others' claims that it's impossible and nonsensical is based on lack of understanding.

lol, no, it's really not.

> Also when talking about encryption between servers within datacenters you seem to be missing that in order for such multi -stage/path encryption (separate certs/keys) to be possible the data first has to be decrypted at each point

Why would I want the data to be decrypted at each point and why would datacenters do that? Encrypting and decrypting data is expensive computationally, so that's not how things work at all. There's no need to decrypt data to know where it needs to go. That's why we have TCP/IP and other similar stadards.

The datacenters can maybe add another layer of encryption on top of my data as its moving around their networks, but there's absolutely no way for them to strip off my encryption.

> Yours and others' claims that things somehow got better after Snowden is just a completely baseless statement

Things didn't magically get better. A lot of people worked hard to improve the overall security posture of the industry.