On Tue, Dec 31, 2013 at 10:04 AM, Hannes Frederic Sowa <[email protected]> wrote: > ... > There is a very big difference e.g. I (and a lot of other people too, I > guess) will react to vendors whose debug interfaces where just hijacked > by the NSA to install backdoors and where the vendors worked hand in > hand with the NSA to do so deliberately.
agreed. we've got some years to wait for a definitive full picture. http://cryptome.org/2013/11/snowden-tally.htm - 932 pages (~1.6%) of reported 58,000. NSA head claims 200,000 (~.40% of that released) > If such FUD is spread against vendors, which in my opinion, do actually have a > valid interest in trying to stop those back doors, what do you think will a > lot of members of this community do? vendor responses are fairly self evident. bad: RSA less-bad: Cisco good/proactive: SilentCircle etc,... we could get into details of what makes a good vendor response vs. one that is clearly weasel worded accountability deflection, don't think this list is the place however. > Until now I saw no facts that I distrust the major hardware vendors. then you're not paying attention :) > I don't want to see what the PR persons on those accused companies' twitter > feeds will have to go through now. I guess lots of overreaction is happening > now, which is not helpful at all. corporate media sucks to more or less degree; i feel bad for anyone who touches it. glad it's not my problem! best regards,
