Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

It's been a few years I've given up on the idea of privacy with technology. The number of security flaws that get discovered daily is only the tip of the iceberg. I'm pretty sure some governments (or organizations) have had backdoors, be they hardware or software, in place for more than 20 years. We simply don't know about it yet (and probably never will). Would that actually be that far-fetched? I think not sadly. Even the Intel Spectre et Meltdown fiascos are a sign that we have no idea how to actually secure this stuff. And that's normal, the very definition of IT security is that nothing can be secure. Take the whole antiquated concept of processor rings for instance, we are adding a new level every other year now it feels like... I find it way more interesting (even if it is ultimately "worse") to adapt to the mentality that "nothing is secure" than "let's try and make it secure", which as stated is in itself a fallacy...


The more I understand software the less I trust it (given the current state of engineering practices). Meanwhile all my friends/family are scrambling to install all the latest new "smart home" gadgets and I just look like a paranoid kook trying to talk them out of it.


This. I've even had an in-law say, "My brother works for the Defense Intelligence Agency, and he uses smart devices in his home, so they must be safe!", with no consideration that tech may not be his specialty, or he doesn't follow the daily IoT fiascos, or maybe he just thinks he won't get hacked. Dunno. Meanwhile, my year-old thermostat still wants me to connect it to wi-fi, and that will never happen.


Wait, can you use a Nest without connecting it to the internet?


Dunno - my thermostat is not a Nest. Works great without the internet.


You're definitely not a paranoid.

However, IMO, the "cost" of ignorance such area is not that bad either. I will let them live their way to be honest.


> It's been a few years I've given up on the idea of privacy with technology.

The problem with tech is that it's modularity and dependency on other people/tools/hardware/etc ultimately requires trust.

> in place for more than 20 years.

Far longer than 20 years. The idea of trust, privacy and security has been discussed for a long time. The complexity of security on just on one specific technology ( compilers ) was discussed in the early 1980s by Ken Thompson.

"Reflections on Trusting Trust"

https://news.ycombinator.com/item?id=13569275

Compilers are just one part of a complex ecosystem. Now imagine having to check ABI or the physical chips/hardware themselves. Where you require sophisticated hardware.

The motto of technology is "In Trust We Trust".


I think the root of the problem is backwards compatibility and the fact that initially all these components were not designed with security in mind. So we're adding more insecure components in spirit of "move fast, break things" than fixing the debt incurred.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: