On 20 January 2018 at 22:43, James Salsman jsalsman@gmail.com wrote:
The NSA surveillance which was reauthorized by Congress can not depend on eavesdropping alone with new HTTPS cyphers. It needs compromised hardware to work,
Meltdown suggests otherwise. In any case EternalBlue and Stuxnet made it clear that the hardware is irrelevant.
The reality is that the WMF doesn't have the resources to prevent a state level actor from gaining access to its servers. Switching to little used, little supported and more expensive hardware simply weakens the WMF position even further since attackers no longer have to factor in the risk of burning a valuable exploit. So not much changed since 2013.