> You don't see them going after servers, because the servers are far more vulnerable.
Really? Every kind of server? I'm sorry, but that's some ridiculous statement.
A device running proprietary software that governments have physical access to (after it was confiscated) is less vulnerable than (possibly) your own device running open source software that nobody except you has physical access?
Governments have seized servers, governments have hacked servers, governments have had colocation companies provide them with access to servers, governments have gotten warrents to enter private residence fuck with computer and then leave without target ever knowing. The NSA has probably gotten backdoors/vulnerabilities built into server chipsets / motherboards.
You are naive if you think any device is secure against a determined and well funded actor.
We are talking about relative security here. Do you really think that keeping stuff on your phone is more secure than keeping it elsewhere?
Let me remind you, than if I'm not mistaken in US law enforcement can search your phone without any sort of warrant. Let's assume that you keep your stuff just on your own PC at home, then that at least would require a warrant.
> Do you really think that keeping stuff on your phone is more secure than keeping it elsewhere?
I think it certainly could be and probably is. Apple seems to be taking phone security pretty darn seriously with combined hardware/software approaches.
Furthermore, my servers sit in a datacenter or my apartment that I rely on somebody else to look after. Really though, you could probably bribe/threaten/warrant your way into those places easily enough and just pull RAM/HDDs to your heart's content. On the flip side, my phone stays in my pocket or next to my bed. If you want my phone, you have to arrest me/steal it from me/whatever.
> US law enforcement can search your phone without any sort of warrant
During a lawful arrest, and the search has to be documented and relevant to the arrest. Furthermore, that assumes that they know my password (Which I'm not currently obligated to give to them).
The statement "servers are more vulnerable [than phones]" doesn't mean "every server is more vulnerable than every phone". It's a more general point; trusting any given server is a greater risk than trusting any given phone. The fact that you can harden a server against attacks doesn't mean that your data being stored in the cloud is safer because, on the whole, people don't do much more than the minimum. Phone manufacturers do do more than the minimum.
Nope. And in any case that's one area in which "security through obscurity" can be useful. Presumably you have your phone on your person, but the fact that you have a server somewhere has to be determined.
And if we are being completely paranoid, then you can have some form of Dead man's switch or "self-destruct" option. You have a right to make a phone call, right?
Not at all. That particular project uses https://github.com/GoogleChrome/chrome-app-samples/tree/mast... in Chome. It is a server, and it runs in Chrome. I've made an extension that works as an API so that external clients can connect to it to access the DOM and change parts of a webpage.
It'd be stupid, but there's no reason why you couldn't use a system like that, running in Chrome, listening on an IP address, to do pretty much anything a "real" server does. The user wouldn't know. It's just a server, or "the cloud".
Really? Every kind of server? I'm sorry, but that's some ridiculous statement.
A device running proprietary software that governments have physical access to (after it was confiscated) is less vulnerable than (possibly) your own device running open source software that nobody except you has physical access?