[Crypto-chi] Micah Lee interviews Snowden
Dan Massoglia
dmassoglia at gmail.com
Thu Nov 19 20:30:01 UTC 2015
Somewhat peevishly, too. I mean dude did exfiltrate the goodies from the
NSA, help publish them, and get away with it. And peeked at their methods.
And qubes is really neat, though the point about sandbox escapes seems to
bely that that type of engagement (and expense) is not the rule for what
the agency does. So, like, although this wasnt the question, it seems like
we'd be better off teaching people about 2fa and pushing updates
immediately than trying to blow their minds with hypervisors and VMs. For
Linux too, harder kernal=gr8 but most people are or should worried about
sloppy password ID theft or Chinese SE or some shit.
Outtie
Dan
Ps i have not used qubes only read about it but i would like to does anyone
wanna try?
On Nov 19, 2015 1:55 PM, "Freddy Martinez" <freddymartinez9 at gmail.com>
wrote:
> Graecurity responded to Snowden here :)
> https://grsecurity.net/~spender/recommend_response.txt
>
> On Thu, Nov 19, 2015 at 13:43 Drew Fustini <pdp7pdp7 at gmail.com> wrote:
>
>> Recently published interview of Ed Snowden by Micah Lee which is more
>> technical than most other Snowden interviews:
>>
>> Edward Snowden Explains How To Reclaim Your Privacy
>>
>> https://theintercept.com/2015/11/12/edward-snowden-explains-how-to-reclaim-your-privacy/
>>
>> I found this part very interesting:
>> ===========================
>> LEE: What sort of security tools are you currently excited about? What
>> are you finding interesting?
>>
>> SNOWDEN: I’ll just namecheck Qubes here, just because it’s
>> interesting. I’m really excited about Qubes because the idea of
>> VM-separating machines, requiring expensive, costly sandbox escapes to
>> get persistence on a machine, is a big step up in terms of burdening
>> the attacker with greater resource and sophistication requirements for
>> maintaining a compromise. I’d love to see them continue this project.
>> I’d love to see them make it more accessible and much more secure.
>> [You can read more about how to use Qubes here and here.]
>>
>> Something that we haven’t seen that we need to see is a greater
>> hardening of the overall kernels of every operating system through
>> things like grsecurity [aset of patches to improve Linux security],
>> but unfortunately there’s a big usability gap between the capabilities
>> that are out there, that are possible, and what is attainable for the
>> average user.
>> ===========================
>>
>> cheers,
>> drew
>> _______________________________________________
>> cryptoparty-chi mailing list
>> cryptoparty-chi at groups.sshchicago.org
>> http://groups.sshchicago.org/listinfo/cryptoparty-chi
>>
>
> _______________________________________________
> cryptoparty-chi mailing list
> cryptoparty-chi at groups.sshchicago.org
> http://groups.sshchicago.org/listinfo/cryptoparty-chi
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://groups.sshchicago.org/pipermail/cryptoparty-chi/attachments/20151119/804f04a3/attachment.html>
More information about the cryptoparty-chi
mailing list