IMO the NSA should be split into 2 agencies.
One would be tasked with protecting the security of data, information, communications and networks of the United States government, its agencies and any entity deemed to be vital to national security. And this does include finding and fixing (or giving to vendors to fix) bugs in software being used by those entities it is tasked with protecting. And developing new protocols and algorithms and systems and hardware and software to protect the stuff it is tasked with protecting. And certifying software, hardware, algorithms, protocols and systems (developed in-house or externally) as being safe (or unsafe) for use in storing, manipulating, handling, transmitting or receiving the stuff it is tasked with protecting.

The other would be tasked with spying on threats to national security. Including monitoring communications, email, data, computers and software belonging to those threats. Yes that includes hacking into the computer of a bad guy who stole classified secrets or launched malware that compromised government systems.

This agency would have constraints placed on it so that it was only monitoring threats and not anyone else and so that it was not compromising global security in the course of carrying out its mission (e.g. it would be prohibited from trying to weaken the security of software/hardware/protocols/algorithms/etc in order to be able to spy on entities using those things)

Remember that when Truman created the NSA, a computer was a device that took up several rooms, there were only a handful in the entire world and only a small number of of people even knew what one was, let alone were able to use one. And the closest thing to digital communications networks were teleprinters. And the biggest threat to national security was a Soviet Tupolev Tu-95 bomber with a nuclear bomb underneath.

These days, computers are everywhere and being used for all sorts of things never imagined in the 50s. And the biggest threat to US national security is not a Russian bomber or missile but a terrorist with a suitcase bomb or hijacked airliner. Or a hacker from a foreign intelligence agency.

FPGA vendors probably don't want to open up their specs and stuff because they are worried that opening up everything will give their competitors the secrets to what makes their FPGA "good".

Patents may come into it as well (I dont know how the patent situation is in the FPGA marketplace). And possibly a desire to stop people from being able to just buy the FPGAs at x amount per unit and force them to pay up for the toolchain too.

https://www.openssl.org/docs/a... suggests that OpenSSL (the official upstream version at least) does in fact support DHE and PFS without EC.

The problem with replacing HTTPS is that you will need to maintain regular HTTPS for all those clients that cant upgrade to a newer browser. (which exposes web sites to these threats) And you have to convince browser and web server vendors to support the new HTTPS replacement.

Google would probably do it (on desktop, ChromeOS, Android and its custom web/SSL server software) especially if it made it harder for the kind of man-in-the-middle-using-fake-certificates type attacks the NSA have been using (the ones that let the NSA serve up fake copies of popular web sites as a vector to infect other machines). Opera and others that use the Google rendering engine would probably use the Google support.

Mozilla would probably do it if you could convince them that its not just going to be bloat that never gets used.

Apache would probably support it via a mod_blah and if they dont, someone else would probably write one.

Other FOSS browsers and servers (those that do HTTPS) would probably support it if someone wrote good patches.

But good luck convincing commercial vendors like Microsoft and Apple to support a new protocol. And the Certificate Authorities would fight hard against anything that made them obsolete (which any new protocol really needs to do)

What might be useful would depend on how bad the catastrophe is. If its something like the TV show "Revolution" where electricity magically stops working, different people would be useful vs a situation where electricity is still available.

I think the parent was referring to the IRS paying to make ReactOS a replacement for Windows and not Microsoft doing it.

If you search for "computer immersion cooling" with Google it will throw up a bunch of people (and companies) doing PC systems totally immersed in mineral oil and things as a way to get even more power out of a system (even more than regular liquid cooling gets you)

If OpenSSL is (as quite a few people who know what they are talking about have claimed) poorly written and hard to maintain, why no-one has tried to come up with a simple, easy to evaluate solution.

Or is SSL/TLS really that hard to properly implement?

Last I checked, no international flights are using Gogo.

And if you get paid electronically via bank transfer, its a good bet that the machines at both your bank and your employers bank that handle the transactions are mainframes of some sort.

Just introduce a 0.001% tax on all transactions
(not just shares but other traded instruments like bonds and commodities).

Anyone buying shares or bonds or whatever to keep long term will see almost no impact from the tax. Even on a million dollar transaction, the tax would only be $1000 (so even big funds or corporate buy-outs or whatever wouldn't be affected by the tax). It would make high frequency trading (and day traders etc) unviable though.

If he issues an executive order to undo the spying, it is likely that those in congress who want the spying to stay will refuse to support Obama on other things he wants.

There ARE phones out there that dont give the baseband processor and other hidden CPUs access to the main RAM. The Neo900 for example doesn't give the cellular radio module ANY access to the main ARM CPU or its RAM. In fact, design of Neo900 means that only the Linux software running on the main ARM CPU can touch the main RAM. And there is no reason you cant run 100% FOSS stack on that CPU.

So if your stuff is encrypted by software on the main CPU, any backdoors in the baseband or SIM or whatever have no way to compromise that.

Just be glad you yanks broke away from the motherland all those years ago otherwise you would probably be doing what us Aussies are doing and playing the one team sport on this earth MORE boring to watch than Baseball, Cricket.

If I had a dollar for every time I have heard of someone that has used a Microsoft product (Access included) for the wrong thing (or used the wrong Microsoft product) I would probably have enough money that I wouldn't need to work for such people anymore (to be fair, the last job I had was a job replacing an Access based system with a much better VB.NET/SQL Server system (my part was converting reports from Access to SQL Server Reporting Services)