[Cryptography] OneRNG kickstarter project looking for donations
ianG
iang at iang.org
Thu Dec 18 21:44:20 EST 2014
On 18/12/2014 23:39 pm, R P Herrold wrote:
> On Thu, 18 Dec 2014, Ray Dillinger wrote:
>
>> In fact it is known that they have done so - but as far as can be told
>> from the Snowden papers this only happens as part of TAO (Tailored
>> Access Operations). And TAO is used only as a last resort - when
>> there is a *specific* target whose information they have a pressing
>> need to get for some very specific reason, but whose computers they
>> can't otherwise break into.
>>
>> TAO requires deploying agents in the field to get to single targets,
>> so it is VASTLY too risky and expensive for the kind of ubiquitous
>> surveillance that constitutes the threat for ordinary users.
>
> memory fades, but as I recall one of the TOR team of the EFF
> had a new laptop from Dell's Asian point of dispatch make a
> 'dogleg stop' at Langley for a day before delivery in SoCAl
> per UPS tracking records ...
>
> per the popular press and self-reporting, fwiw, but such an
> approach is riskless and affordable
With a secure operation I know of [0], procedure for purchasing critical
hardware is to buy it from a random street seller, ex-stock, with no
warning.
Not that I'm saying this was always done. But it was written and that
was the intent.
iang
[0] http://wiki.cacert.org/SecurityManual#Acquisition
More information about the cryptography
mailing list