[palmotea]

It seems like its a place were there are some serious tradeoffs. You can choose to have visibility into your network traffic or can choose not to. If you choose yes, you create a single point of failure but have the ability to detect breaches elsewhere; if you choose no, you avoid the single point of failure but make it easier for an attacker to exfiltrate data undetected.

[vel0city]

I'm down for endpoints having to report whatever metrics to whatever servers and have their transactions highly audited. I'm down for their connectivity to be highly locked down. It's important to know what's happening on your systems and where data is flowing, I agree!

But in the end of I want Alice to talk to Bob and know they and only them are talking I'd like to guarantee that. Instead companies are spending tons of money and work hours doing Eve's work for her, installing her tools and getting it all nicely configured for when she logs in.

How many times do we have to backdoor our crypto systems to realize we're not building doors for just us but for everyone else as well?