Let me just suggest, again, that we should find out how much it would cost to avoid the most widely "baked in" vulnerabilities which are known to state and non-state actor. I can't imagine why that wouldn't be worth it. If the NSA wants private Foundation data, they could send a National Security Letter, ordinary subpoena, or bribe Zimbabwean police to send a subpoena from their Interpol FAX.
On Mon, Jan 22, 2018 at 12:45 AM, Craig Franklin cfranklin@halonetwork.net wrote:
I think, as Geni says, that even that isn't going to provide any effective barrier. If the NSA or other US Government spooks want to get into the servers, they will, regardless of what hardware it's running on, what software it uses, or what jurisdiction it is located in. Anything that the Foundation does to "protect" itself is just going to be security theatre. Anyone doing anything that the current or future American administrations might object to should keep that in mind. I assume that every place I go on the Internet is already compromised and act accordingly.
Cheers, Craig
On 21 January 2018 at 19:13, Yaroslav Blanter ymbalt@gmail.com wrote:
What about moving to another country? Still not an option?
Cheers Yaroslav
On Sun, Jan 21, 2018 at 8:38 AM, Lodewijk lodewijk@effeietsanders.org wrote:
- still don't see the relevance. If better technology is needed, it's
needed - that should be independent of any lobbying preferences. It looks like you're just pushing tangents again.
- You do realize that the FTC and the FEC are very different
organizations? But again, it seems you just used this statement as an opportunity to push a tangent.
Please don't do that.
Thanks, Lodewijk
On Sat, Jan 20, 2018 at 2:43 PM, James Salsman jsalsman@gmail.com
wrote:
- I don't quite see how your question about servers and switches
relates
to Stephen's statement. Could you explain for us mere mortals how you
link
the two?
The NSA surveillance which was reauthorized by Congress can not depend on eavesdropping alone with new HTTPS cyphers. It needs compromised hardware to work, such as has been included in Dell servers since the Foundation started purchasing them, and the design of which was overseen by the Foundation's CTO, who worked then at Intel. This provides us with the know-how, a teachable moment, and an excellent opportunity to specify and acquire replacement open source hardware which doesn't have the DIETYBOUNCE / System Management Mode OOB / iAMT and related backdoors.
https://www.schneier.com/blog/archives/2014/01/nsa_exploit_of.html
- I somehow missed the commitment by the WMF to research "FEC
requirements
of organized advocates for US political candidates' or anything that suggests that the WMF may advocate for specific political candidates
(which
seems a change of course that would be hard to sweep under the rug).
Could
you quote?
https://en.wikipedia.org/w/index.php?title=Wikipedia_ talk:Conflict_of_interest&diff=prev&oldid=815460492# Note_from_Wikimedia_Legal
https://en.wikipedia.org/wiki/User_talk:Slaporte_(WMF)# Research_topic_request
Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/ wiki/Mailing_lists/Guidelines and https://meta.wikimedia.org/ wiki/Wikimedia-l New messages to: Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe
Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/ wiki/Mailing_lists/Guidelines and https://meta.wikimedia.org/ wiki/Wikimedia-l New messages to: Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe
Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/ wiki/Mailing_lists/Guidelines and https://meta.wikimedia.org/ wiki/Wikimedia-l New messages to: Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe
Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines and https://meta.wikimedia.org/wiki/Wikimedia-l New messages to: Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe