I like Trisquel's stance on such updates. I'd rather have volunteer coders
solve the issues rather than the proprietary issuers.
It is clear that funny stuff is being baked into some chips.
http://www.nytimes.com/interactive/2013/09/05/us/documents-reveal-nsa-campaign-against-encryption.html?_r=1&;
Closing one vulnerability may simply be an excuse to put in some new ones for
later.
"If your goal is mass surveillance, you need to build insecurity in from the
start. That means working with vendors to add backdoors."
http://blog.cryptographyengineering.com/2013/09/on-nsa.html
I feel like a deer in the headlights at the moment. Proprietary anything
would not seem to improve things, especially now.
Google has toughened their position recently, supposedly to protect their
users interests, and then an article like this magically appears…
http://online.wsj.com/article/SB10001424127887323864604579069730686941454.html
What kind of arrangement was that? The headline and lead paragraph do the
damage; there doesn't seem to be much to the overall story though.
There probably is some kind of battle going on among the big guys. Therefore
I want my fixes coming from little guys, volunteers, free software and so on.
