Comments | siderea: [tech/security, privacy, p/a/s] Fwd: Everything Is Broken

siderea

[tech/security, privacy, p/a/s] Fwd: Everything Is Broken

Aug 04, 2016 16:21

This post, Everything Is Broken, by Quinn Norton, is excellent. Much of it I know, but there were some astute, surprising, and in retrospect obvious observations. E.g.: Then there’s the Intelligence Community, who call themselves the IC. We might like it if they stopped spying on everyone all the time, while they would like us to stop whining ( Read more... )

security, anthro, soc, privacy, tech, psych

Comments 7

Unknown Argument ext_3713399 August 4 2016, 21:46:47 UTC

I'm not sure I understand the author's argument in the second section you highlighted ( ... )

Re: Unknown Argument gipsieee August 5 2016, 04:46:11 UTC

Many* people have internet access through their local library, an educational institution's lab, or an internet cafe. And in those settings they do not have install privileges.

*Globally, possibly most is more accurate than many. Although at this point cell phones may have eclipsed that... and they present security nightmares of their own.

Re: Unknown Argument siderea August 5 2016, 06:39:21 UTC

So, how is a security expert saying, "you're boned" in response to, "I can't install anything", arrogant or myopic?

Because security experts aren't just describers-of-security. They are also makers-of-security-products. When someone says "I can't install anything", they aren't asking a question, they're pointing out a bug. When a "security expert" says "you're boned" in response to, "I can't install anything", they're saying, "you're boned because my profession couldn't be bothered to help peons like you." Which would be basically the definition of both arrogant and myopic.

I regularly use at least one desktop application on Windows to increase my security which requires no installation at all. I often wonder what other useful secure applications could be built not to require installation, but which at present do, because of lack of concern for the situation of people who can't install applications.

Re: Unknown Argument ext_3713399 August 6 2016, 00:39:59 UTC

I hadn't considered all the available options for non-installable applications. For example, if you are able to run putty.exe on your local computer, you can atleast encrypt communications via SSH. Which application(s) are you referring to ( ... )

ilaine_dcmrn August 4 2016, 23:43:27 UTC

a live cd or bootable usb drive is one possible rotue - though not in a corporate environment where booting external devices is blocked: http://voices.washingtonpost.com/securityfix/2009/10/avoid_windows_malware_bank_on.html

nuclearpolymer August 5 2016, 10:54:10 UTC

I was talking to someone about how the people working in the IC are different from an average sample of people, and the first significant difference they mentioned was that in the IC, everyone is constantly being monitored with every keystroke recorded and analyzed, and they all know it.

squirrelitude August 11 2016, 03:45:24 UTC

Thanks for that article! I've been reading more of these posts recently where software devs rant despairingly about the state of software quality. I think maybe things are coming to a head. I... kind of hope they are, even though I'm not sure what that will entail.