|
|
|
|
|
|
by slang800
4230 days ago
|
|
|
Encryption doesn't quite solve everything here - the NSA can still demand the encryption keys, or demand direct modifications to the service like logging being installed. To solve this from a purely technical standpoint we'd need to design services where the service provider is a completely untrusted party - never allowed to see or manipulate user data on the backend, and all processing that requires decrypted user data would need to be moved to the client. We would also need a way to verify client code to ensure that malicious changes haven't been introduced. And finally, we would need a way to anonymize all requests to the backend. An architecture like this is pretty hard to implement, so it would be nice if we could just get the NSA to stop. |
|
|
The NSA will not stop because DC wants to spy on governors, lawyers, judges, companies, etc. NSA has been illegally spying domestically since its inception, which was itself an undemocratic exec order. Only Supreme Court will restrain, and doesn't protect against Chinese and Russian hackers. So encryption throughout consumer tech stack and net protocols is the only answer.