Now contrast this statement from the recent "STFU" response to AT&T's shareholders. And the complete silence from Verizon, whose name was on the first round of the salvo.

At least these eight are making noise, rather than just hoping the issue fades from the public's consciousness. Here's wishing there was a telecom provider that wasn't so obviously in bed with the spooks...

It's not clear from the context whether you're calling the parent an idiot, or if that's how you normally sign your comments.
Many researchers have concluded that overuse of antibiotics is linked to the increase of MRSA. (citation)

If the files had been encrypted (after transcription, if needed), then this would be a case about overreaching warrants and illegal government actions, not a case about overreaching warrants, illegal government actions, and wrongful terminations, as that last item will undoubtedly be the end result of the intelligence DHS has collected on the whistle-blowers.

You are right in that she shouldn't have to protect herself and her informants from the government, but such is the imperfect world we find ourselves in while we try to dig our way out of it. She failed her informants. She should have known better than to depend on legal principle to protect her informants from the current administration.

Do they still require a paid license to forward a USB device to the guest?

That killed it for me when they added that "feature" a few years ago now... I think it was the first major release after Oracle took over.

Hah! That's Rich(ie)...

A bit AWK-ward, though.

I did say his research skills could use some polish. And I figure one more developer that is at least semi-aware of security is a good thing. Many don't even consider the security implications of what they write.

Yes, I did enjoy it. So you didn't. To each his own.

p.s. Vitriol is no way to go through life, son.

Jeff Cogswell is the author of several tech books including “C++ All-In-One Desk Reference For Dummies,” “C++ Cookbook,” and “Designing Highly Useable Software.” A software engineer for over 20 years, Jeff has written extensively on many different development topics. An expert in C++ and JavaScript, he has experience starting from low-level C development on Linux, up through modern Web development in JavaScript and jQuery, PHP, and ASP.NET MVC.

Good job, Jeff! Welcome to the exciting world of security research!

I applaud you for (re)discovering these techniques on your own. Your out-of-box thinking and problem solving are to be commended, but your research skills could use some polish. Please don't let the negative comments above discourage you from exploring this rewarding field of knowledge, however I would recommend you run your findings by some existing security folks before announcing your next big discovery, lest you find you're just rehashing something else that has long been known.

Seriously; good job! I enjoyed reading how you worked your way up to your conclusions, even though I knew from the start how it would end...

I should add that your sentiment of "we know better than you so you should trust us" is exactly what the government is spewing, and you see how well that's working.

While the kernel source is the epitome of transparency, and the NSA is the exact opposite, there will always be people who cannot or will not read the source. That does not mean they don't want to know some of the details so they can make informed decisions. That curiosity should be welcomed, not derided.

While I respect your technical prowess and make great use of your work, every time you go off like this, you move a little further down the "crackpot" scale. You know, the one anchored firmly by RMS...

Instead of blowing a gasket, why not nicely suggest that a read of the source code will show that rdrand is just one of the entropy sources used, and it is used in such a way that it cannot compromise the end result. Vitriol is no way to go through life, son.

I second that. And as your rules have built up, there are likely some that have never been used beyond when they were first put in. I'd instrument your next solution to identify outliers and cull them over time so your parser doesn't have to work so hard.

True. So if that's a concern, connect to that darkmail system via a VPN over TOR.

Those ellipses conveniently left off the rest of the quote instructing to allow access only via VPN or SSH. Good crypto is designed to defeat MITM and eavesdropping attacks. Listening in? Fine with me; all you'll get is ciphertext. Modify even a single bit and I'll be alerted.

The authors of those programs make it easy to verify by publishing the hash along with the source and encouraging people to verify their downloads. I expect your distribution's maintainer follows those protocols when building the released version. That build is automatically signed when built and verified upon download when installing it on your system.

As for trusting your compiler, I assume you're referring to Ken Thompson's seminal Reflections on Trusting Trust (PDF). It's an interesting academic exercise, but I'm pretty sure if such a compiler were out there and in common use, someone would have noticed. Especially now that there is a published way to detect it.

Installing the distro's version is likely safe, although you must realize you're opening up your circle of trust to include the distro's maintainer and server farm instead of just the original author(s) and their source repository.

The bad part of this is, until we get NSA's unconstitutional programs back under control, simply encrypting your emails may be enough to trigger their systems to preserve it.

I was thinking the same thing; Phil Zimmerman had it figured out decades ago. As long as both ends keep the snoops out of their computers, with PGP or GnuPG, all they can read is the envelope information between SMTP relays. As far as we know, anyway...

That method requires a little more technical skill than having some SaaS provider do it, but if you've got secrets to protect, that's a small price to pay. Use big keys and EC to help future-proof.

And for keeping even the envelope info private, just run a private email service of your own (with no external mail gateway), and keep the snoops off of it. Allow access only via VPN or SSH tunnels.

My favorite is Cole's Law...