Someone at moz is getting a raise for getting this POS spam on here.

In my day a framework was a major piece of generic software used to deploy databases, large scale data flow and service millions of reequests per minute.

These days you write a fucking preprocessed CSS file, a few JS helper functions and it's a framework.

In my day, a framework was a number of interconnected standards, ledgers and transoms. Made from steel and the sweat of man.

These days, throw a bunch of fucking zeroes and ones together and it's a framework.

Moral hazard cuts both ways, including giving someone the benefit of the doubt. Opportunity for wrong-doing doesn't confer guilt, it just means we should take the possibility seriously.

Look at it this way: if every tech CEO is complicit without coercion (a strong possibility), the purpose of the article is to take away their shield, and convince the reader that those CEOs are morally culpable for not defending their customers. It's about calling the bluff by proxy.

What makes you think any of those companies want that?

They're happy where they are. Profits are good. This article is one of the most naive pieces I've ever read.

What do Google, apple, etc want now? For this subject to go away and so that their big mass of users forget about it, that is what they want.

AMD is probably cooperating with the government on the same level as Intel.

Any company with over 1k employees probably is. I'm just saying if there are any systemic backdoors in Intel chips, AMD probably doesn't have them because they are 5 - 10% of the market and the gov't doesn't care to jump through hoops to get them implementing whatever backdoor they want.

> It is really, really hard for me to see this as anything other than utter paranoia.

It is really really hard for me to imagine Intel not beeing 100% cooperative with the NSA.

You know who else cooperates with the NSA? The Linux community. You know, that whole "SELinux" thing? Yeah, that's an NSA project.

Turns out cooperating with the NSA doesn't automatically mean spying on the public, it could instead be hardening crypto security. Which is the NSA's other job, it turns out.

Yes and no better example than DES in which the NSA hardened DES against differential cryptanalysis and then reduced the key size from 128 bits to 54 bits so they could break it. Given the prior actions of the NSA is doesn't seem unbelievable that they would both harden and backdoor linux.

Who was arguing for 128-bit DES? Wikipedia says IBM wanted 64.

The original version of DES was called Lucifer and used a 128 bit key. http://en.wikipedia.org/wiki/Lucifer_(cipher)

The NSA choose the key size of DES since they were running the process (making DES 256 times weaker than a 64 bit key).

I assume he means "cooperating with NSA in nefarious ways if the NSA wanted".

> You know, that whole "SELinux" thing?

You mean that damned monstrosity I always disable? You're claiming it's not a plot to make Linux utterly unusable?

SELinux works well nowadays. You'd know that if you hadn't disabled it.

If I hadn't disabled it... which of the dozens of times it's gotten in my way on a new image? Most recently last week, by the way. I disable it because it prevents correct code from running in an already-secure environment. I don't bother beforehand, because I inevitably forget. And then waste ten minutes before I realize I need to turn off the magic "break everything" switch.

In the last seven days, has the fundamental incompatibility between SELinux's design and traditional Unix permissions and tools been suddenly corrected? Has tooling been created to allow us mere mortal sysadmins and engineers to understand and manipulate the byzantine SELinux configuration?

I didn't think so.

> which of the dozens of times it's gotten in my way on a new image

What was one recent example?

> an already-secure environment

Not possible.

> has the fundamental incompatibility between SELinux's design and traditional Unix permissions and tools been suddenly corrected

You mean labels? No, that's pretty fundamental to SELinux.

> Has tooling been created to allow us mere mortal sysadmins and engineers to understand and manipulate the byzantine SELinux configuration?

Try setroubleshoot.

> What was one recent example?

System Apache unable to listen on non-standard port.

> Not possible.

Tell me of a vulnerability on a fully-updated RHEL 6 image running only SSH and a basic Apache configuration serving static files which would be prevented by the stock SELinux configuration.

> You mean labels? No, that's pretty fundamental to SELinux.

Exactly. So my explicit decisions about file permissions must be duplicated. No thanks.

> Try setroubleshoot.

So, no.

The fact that there are few X86 chipmakers makes it more a problem. There are fewer arms for the NSA to twist.

>Google was caught pants down spying on everyone

If you're referring to the whole wifi thing, tell me, what information do you expect the street view car to be able to pick up in the 10 or so seconds it would have been associated with the AP? Their engineers have basically come out and said that was a fuckup, and I'm inclined to believe them because I find it hard to imagine what use that random data would be.

And to be honest, I'm more likely to believe a Google engineer rather than a namecalling troll who's virulently against them for no good reason.

You give your username zero credit.