[diminoten]

> I'm talking about things that, according to leaks and official documents, they already did in the past and keep doing today.

Please cite an official document that shows the US government forcing GitHub to secretly modify the source code of a project in one of its repos.

As far as I'm aware, they've literally never done that, and to suggest they have means you have to show evidence that such a thing has taken place.

This is some Fox News level bullshit. "How do we know the FBI hasn't raped and murdered a girl in 1990? They've never come out and specifically stated they haven't!"

[celsoazevedo]

diminoten, you started by comparing one of @balls2you questions to a plan/plot/conspiracy. I commented saying that just because it's something you think that no government would ever do, doesn't means that they don't do it. I compared it to the NSA leaks, because until Snowden, everyone that talked about NSA (and other agencies) controlling the internet was called crazy. Now we now that those guys weren't that crazy.

I'm not saying that the US (or other country) government did change some code on some repo on Github, what I'm saying is: if they want, they can do it legally or illegally. Do you understand my comment now?

[diminoten]

I've always understood your comment, what I don't agree with is the need to state it now.

When we make statements, we do so with context, and in this context, stating "the US government could do X" is implying that, yes, in fact the US government did do X.

Furthermore, saying "we don't know they didn't" is a specious argument, at best, because it suggests they did do X, when in reality they're no more likely to have done X, than I am to have done Y, which is some arbitrary other thing which is, while in the realm of possiblity, a complete waste of time to consider.

There exists, within the set of possible things, a set of things which are not among the greater set of things one must consider. The US government secretly forcing GitHub to modify source code in one of their repositories is one of those things that we can safely not consider, even though it is, you're right, technically and politically possible.

[mikekchar]

On the other hand, consider a computer system. If you wish to have a secure computer system, you try to design it in such a way so as to make undesired behaviour impossible. For example, we spend a lot of effort looking at weaknesses in our systems and saying, "Well, someone could overflow this buffer here and get root access". Our reasoning is that if it is possible, it is probably only a matter of time before someone actually exploits it.

So while I completely relate to your feeling of trying to avoid conspiracy theory fantasies of "how do we know they haven't done that", I think it is probably not a good idea to say, "[this] is one of those things that we can safely not consider, even though it is... technically and politically possible".

Whether or not it has happened in the past, we probably don't want it to be possible and we probably should consider to consequences of what would happen if the government decided to take that action. 'Eternal vigilance is the price of liberty,' and all that rot.