On Fri, Jan 16, 2015 at 02:12:38PM -0800, Al Billings wrote:
>
> > On Jan 16, 2015, at 2:07 PM, Leif Ryge <l...@synthesize.us> wrote:
> >
> >
> > I did see two answers earlier, Iceland and Switzerland. There are many
> > other countries besides those two where it also seems very unlikely that
> > companies would be subjected to the sort of legal orders that we now know
> > US companies routinely receive. That obviously doesn't mean that TAO or
> > GCHQ's equivalent won't try to compromise them without their knowledge, but
> > that approach is obviously a much riskier and less reliable than the legal
> > means used in the US.
>
> What makes you think Iceland and Switzerland don’t have security and
> intelligence services that could have legal orders issued or that
> occasionally cooperate internationally with other organizations? Is it simply
> because Wikileaks managed to be in Iceland for quite a while?
>
> Al
Secret orders requiring technology companies to help spy on their customers are
unheard of in many countries, and something that would cause significant
public outrage were they found to exist, but they're something we've known
about in the US for at least a decade (long before Snowden or Wikileaks).
I'm sure similar orders exist in places where we don't know about them, but
given the possibility of leaks that each secret order entails I maintain that
it seems unlikely it's happening on a large scale in places like Iceland.
But, given that we can't prove that negative, it is obviously necessary to
remove single-points-of-failure in our software distribution systems.
Deterministic builds (with independent signers of each build in many legal
jurisdictions) and recording releases in public append-only logs (with notaries
in many different legal jurisdictions) are the two ways that I know how to
solve this problem. Either is good, and doing both would be better.
Hopefully in a few years everything will work that way. Probably the NSA will
try to sabotage some standards along the way, but I'm optimisitic that they'll
fail. However, until that reality exists, where we don't need to rely on
("trust") single entities to authenticate our software updates, I think
preferring to rely on 3rd parties in non-US countries is hardly unreasonable.
~leif
--
Liberationtech is public & archives are searchable on Google. Violations of
list guidelines will get you moderated:
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe,
change to digest, or change password by emailing moderator at
compa...@stanford.edu.
