Remix.run Logo
tptacek 3 days ago

I think the whole US vs. non-US thing is total crap and there's nothing you can reasonably do with it in any direction, but I always think it's important to point out that US signals intelligence can lawfully compromise foreign communications; that's literally their chartered purpose.

stymaar 2 days ago | parent | next [-]

> I think the whole US vs. non-US thing is total crap

It's not. US companies can be subpoenaed in the US.

> I always think it's important to point out that US signals intelligence can lawfully compromise foreign communications; that's literally their chartered purpose.

Of course they can. But it's significantly easier to get a warrant to target a company under US jurisdiction.

tptacek 2 days ago | parent [-]

Foreign companies don't have to be subpoenaed. NSA can simply break in and take whatever they want, lawfully. In light of that, the warrant point you're making doesn't make sense: they don't need a warrant to go after foreign assets.

stymaar 2 days ago | parent [-]

> NSA can simply break in

You can't be serious …

The NSA can break in the same way the Mossad can assassinate you anywhere in the world. That doesn't mean it's a it's going to happen anytime soon unless you're an exceptionally high priority target. Authorities getting legal access to your personal informations from US companies on the other hand is routine practice. Equating the two is a crazy take.

By the way, you read the argument completely backwards in the first place: the original argument was that even if using an American company means the US law enforcement have full access to your data if they want to, your data is still pretty safe from anyone else there (unless, of course, if you are a high priority target again).

See the original sentence:

> Using e2e from a US-based entity means you are prone to spying from the US government, but at least you know you're reasonably secure against the IRGC, the Chinese intelligence service, the FSB, and so on.

Saying someone's argument is “total crap” without even having taken enough time to properly read the sentence you're criticizing is kinda lame IMHO.

tptacek 2 days ago | parent [-]

I am 100% dead serious and I kind of don't understand the rebuttal you're trying to write here.

stymaar 2 days ago | parent [-]

“Cryptography is useless because governments agencies will kidnap you and hit you with a wrench” isn't the hill I expected you to die on TBH.

> I kind of don't understand the rebuttal you're trying to write here.

Fill free to make the effort to read it (again).

tptacek 2 days ago | parent [-]

I have no idea who you're responding to because nobody on this thread has made that argument.

stymaar 2 days ago | parent [-]

Maybe if you made your point straight instead of making laconic remarks this discussion would be more constructive…

All I got from your few words is that apparently you consider the NSA breaking into a random foreign app a reasonable threat model to design around. Abduction from the CIA being only marginally more unlikely, why bother with anything?

Or maybe I misunderstood your point but then again when you can't bother writing down two consecutive sentences how am I supposed to read your mind?

tptacek 2 days ago | parent [-]

I can't help you with any of this, but again: the argument you made about cryptography and jurisdiction, nobody on this thread has taken the other side of.

stymaar 2 days ago | parent [-]

It's getting outright fascinating, why do you even stick in this conversation if you don't want to engage in it with more than one ambiguous sentence at a time?

delusional 3 days ago | parent | prev [-]

> there's nothing you can reasonably do with it in any direction

I wholeheartedly agree. That's why bringing nation state threats into these kinds of discussions is so pointless. If you want security from governments, the amount of security work you have to do is so far beyond what any reasonable person is willing to endure that it makes no sense to talk about on hackernews. That stuff is for real professional discussions at real professional congresses.