Human rights violations doesn't only apply to "executions and kidnapping of babies". Ultimately human rights is about rights. Do we have a right not to be spied on by our own government? According to the US Constitution the unambiguous answer is yes. It's unfortunate that some that claim to stand behind that Constitution.. that claim to stand for freedom.. .that claim to stand for human rights... grossly violate the right to privacy... thus should be shamed as HUMAN RIGHTS ABUSER Watch how vast politicians, who wish to be re-elected, start respecting people's right to privacy if enough constipates and NGOS start using the word HUMAN RIGHTS ABUSE to describe mass surveillance. If we pansy around with our words..they'll just keep doing what they are doing.

With a theoretically absolute security and privacy (in terms of computing) we can certainly still trust our data to others. We could still provide personal information about ourselves to others. The point is it should all be based on voluntary interaction not others using backdoors to get to our personal data without our permission.

I'm not implying that everyone will abide by principles of security I describe. Companies will still produce close source software and hardware. Ignore security principles I'm describing. That is their right if they wish. However, their products should be labelled "NOT TO BE TRUSTED" because ultimately we have no way of knowing if they've put in backdoors. Transparency in product design is what creates security. This is why government now demand MS open up its source code. This is why the NSA doesn't run any binaries or firmware on its servers where it hasn't first looked at the source code. The NSA has security far better than our own precisely because its sticking to principles that we are not.

"Seriously? You're suggesting everyone trusts self-signed certificates as if they came from a CA that trades on their reputation for signing and delivering authentic security services?" You've misunderstood what I'm implying. Of course self-signed certificates are worthless by themselves but the current system of using centralized CAs is flawed because CA servers are being compromised. Security validation should be offloaded to P2P. This is not some fantastically unproven idea. Bitcoin blockchain functions off P2P security. With the right tweaking of SSL, CA's could be made redundant. Any system that depends on a centralized server... that can be compromised by an NSL... is inherently insecure architecture. NOT TO BE TRUSTED. With P2P and server side zero knowledge protocols NSL's largely become worthless pieces of paper.

Without absolute privacy we will have not have privacy. There is no in between state for security. We either have security or we don't. That's Bruce;s entire argument (and he's spot on). Of course average people people don't have the skills and resources like NSA and GCHQ but the technology for average Joe to snoop is out there too (if one is willing to hire a black hat)

"Remind me-- how many "open-source" processors, hard drives, SSDs, and SoCs do we have out there? Who do you trust to build your chips? You gonna label Intel's fabs "not to be trusted"? And if so-- which "FOSS Fab" do you plan to use?" You are speaking in terms of pragmatic reality in present. Pragmatism is precisely why systems are insecure today. I am speaking in terms of principles to get us where we want to be.. real security.

1. "No way to tell whether the provided source code matches the provided firmware"
Yes there is. See point about hash checking. Even firmware can be hash checked if the architecture is correct..

2. binary code will vary depending on the specific architecture, optimizations, and libraries during compilation. 2) a hash can be falsified as easily as a binary.
See point about using P2P technology to validate hash rather than central servers.

3. At least an order of magnitude less effective than open source, and we've seen that even "important" OSS like openssl can go decades without independent code review.
If apps are isolated from OS this can still be largely mitigated. (other than bugs in OS and firmware). Obviously until the day comes software is sophisticated enough to find all possible security errors zero day exploits will be a problem.

4, people will get frustrated when they lose their private key, and 5 years of family snapshots disappear.
Minor issue, Biometrics can be used to get around this problem. Furthermore if someone is too lazy to that one day they might misplace their keys they have no one but themselves to blame. Absolutely no different than users that don't bother backing up their data then complain the computer is somehow to blame.

5. Because you'd rather trust 1000 amateurs to secure all of their systems than one professional to secure his server
Absolutely yes. Your flawed assumption is that everyone is an amateur. The more eyes get to see the code, the more trustworthy it will become when experts also review it. Obviously there will be things that slip through but P2P based security is highly preferable to servers (which already know is a big fat target for intelligence agencies). Far harder to break into 100,000,000 systems without anyone noticing than just 1.

6. "Yeah, ranks right up there with executing journalists and kidnapping babies."
Mockery like that suggests you don't really see privacy as a human right. It is. And it has very real consequences to freedom when we don't have it. As for your ad hominem.. you destroy your own credibility.

Schneier is of course right. Unfortunately megalomaniac politicians around the world are violating the very rights their are supposed to be protecting which is why Bruce is naive is thinking this attitude will change any time soon. Thus the only path to security must come come through private sector. 1 Companies that sell software... better have all code open sourced (not same as free) or should be labelled "NOT TO BE TRUSTED". (including firmware.. Bios, NICs, HDD, GPU, riouter,s switches, etc..) Code (including scripts and updates) is then compiled locally and before first execution hash checked automatically against non-centralized database (p2p technology similar to bitcoin block chain) 3. All hardware sold with precise technical diagrams... or should be labelled "NOT TO BE TRUSTED" 4. All encryption always on client side. Virtually all major current email providers should be labelled "NOT TO BE TRUSTED" (salute to ProtonMail) 5. Get rid of centralized authorities for security (looking at you SSL) Centralized servers have big fat sign that say "NOT TO BE TRUSTED". P2P. 6. Create new network protocols (to replace www, ftp, imap, etc..) that are designed from ground up on zero knowledge principle. Websites not using it zero knowledge proof... "NOT TO BE TRUSTED" https://en.wikipedia.org/wiki/... 7. Shaming lists on NGOs (applause to EFF). Any politician that votes for mass surveillance or doesn't adhere to above principles. put on NGO lists as "HUMAN RIGHTS VIOLATORS" and NOT TO BE TRUSTED"..

http://mediamatters.org/video/...

To be fair, the majority of Republicans aren't as extreme as wackjobs like Coulter. That said, there is significant number of fringe Republicans that have much in common with North Korean communists. - Racist. Fringe conservatives hate immigration because you see their own proud slave owning ancestors didn't immigrate to America. They've been here since the invisible spaghetti monster created them along with the dinosaurs (you know, 6000 years ago). You're only a "real" American if you're white and part of their Christian master plan. Native Indians, Blacks, Arabs, Hispanics, Asians. even non-western European whites... pffff.. all "fake" Americans. - Super "patriots" whose definition of "patriotism" amounts to demonizing ever other nation on earth. (see above for any exclusions) - North Korean communists hate religious extremists. Fringe Republicans also hate religious extremists...unless its a religion they approve. God hates fags and non-white folk after all. - Have a great leader they idolize to point of cult worship. Comrade Bush was never wrong (and never farts). - Wildly support mass government surveillance like communists. It's particularly ironic when alleged constitution loving fringe Republicans grossly violate the constitution by supporting Orwellian government surveillance. Right to privacy? You must be a terrorist. - Heavy handed use of force. Endless rhetoric for wars against this nation or that. Hey lets invade another country for non-existent nukes... while simultaneously wanting to expand already one of the largest stockpiles of thermonuclear weapons in the world. The invisible space leprechaun said is OK for Americans to have WMDs. - Support use of torture.. or as communists in North Korea like to call it "enhanced interrogation". Feeding prisoners through their anus is a "medical procedure". - Communists and fringe Republicans both claim to support democracy and their citizens , -- while simultaneously supporting policies that promote extreme inequality. etc.

You're spot on with your suggestion that terrorism should be used as an excuse by the government to censor media (or for draconian mass surveillance) but you made a gaff by saying "Muslims" rather than "extremists" or "terrorists". This is not to deny for a moment that there are a large number of Muslim extremists (including some of the alleged allies against terrorism that shamelessly continue to have theocratic states -- that in practice end up indirectly pumping out terrorists). However, stereotypes are stereotypes. If we all lump in moderate Muslims with savages like ISIS we not unfairly judge them but alienate a potential ally against Islamic extremism. Moderate Muslims, like moderate Jews and Christians, have learned to take a more metaphoric or even philosophical interpretation of their religious works. Those that inflexibly follow stone age religious doctoratines verbatim, whether Muslim, Jews or Christians, are the real problem. Those that use force to oppress the rights of others (including any atheists that want to forcibly end religion albeit foolish) should be either mocked, imprisoned or (as a last resort) killed in defense of freedom.

And If its not the children... its the catch all of terrorism. At the height of the cold war, faced with thousands of nuclear weapons, the government didn't peer into everyone snail mail. We used to condemn the communists for mass surveillance. Now the NSA and FBI are getting into game.. Someone needs to reacquaint the government with this little thing called the Constitution. Hopefully one of these days someone will organize a big march in Washington to shame the politicians and bureaucrats that have been supporting this sort of behavior.

Mice everywhere squeak with joy. "We're number 1. We're number 1. We win the prize" Oh wait a sec...

Gates has a valid point. Taxing corporations takes money away from job creation and innovation. Most people don't realize that countries like Sweden have both solid industry and social services precisely because they have a very low corporate tax rate mixed with a high person income tax rate. (thus encouraging capital investment while simultaneously addressing extreme inequality) On the other hand, corporations currently use their lower tax to do things that amount to consumption rather than capital investment. For example if the CEO wants' a private jet to fly to Hawaii instead buying it with their own taxable salary, they'll put on the tab of the company as a "business expense". Want to hide personal capital gains? Just keep the funds in an executive company investment plan. Ideally corporations should face zero tax and consumption should be the target -- but in practice in most instances because of these loopholes taxing corporations too little hurts the public coffers even further. If we want to change that a review of the tax code to close these loopholes must be the first step. Not sure how Sweden manages it but it would be a good thing to take a close look. https://sweden.se/society/why-... https://en.wikipedia.org/wiki/...

Addendum: Data protection also includes protecting one's data from prying eyes of corporation and government organizations that forget the human right to privacy. Mass surveillance is a human rights violation even if its being done against another country. End industrial scale back doors. Period. This would require open sourcing windows already. (not the same thing as free) The NSA , by proxy politicians, seem intent on destroying American technology jobs (since no one with half a brain stem would trust American tech to protect their data at this point) . Ergo - companies have to put the power to protect data in the hands of users. Encryption should be on the client side. Updates should be from servers were the code being updated is visible to everyone. Code should be compiled locally before first use. (and checksums validated). There should be no way for a company to update a remote computer without user agreement. This by extension makes it harder for government to do so. Its still not foolproof (since the KGB... uhmmm... NSA... is sneaking things into firmware and probably even hardware but MS should be at least doing its part. Tech companies like MS (Apple, Google, etcl) need to top taking orders on data sharing from a government that has clearly overreached. Combine efforts to show corporations can also be a force for good political change too. Taking this stuff to court until laws exists make it legal for manufacturers to produce protects that make it impossible to spy out of the box. If the spooks, fbi, et al.. want to gather intelligence, do it the way they used to do it. Physical infiltration. Leg work. Human resources. We are not here to serve the government. The government is here to serve us. I'd rather have criminals and terrorist get away with it more often than a Orwellian surveillance state. Cries about "the childen" and "terrorism" aren't justification to take our freedoms away.

Data protection. One reason why MS has lost its appeal isn't just because of the rise of mobile. Its because MS has stopped innovating in useful ways around the OS. Bringing back the start menu and windowing of store apps is great but really represent fixes rather than enhancements. Major GUI tweaks are mostly gimmicky at this juncture. Most typical users spend their time using apps not switching between them.

A windows file system that deals with bitrot, provides quick system restores, and bulletproof data recovery is long overdue. If ZFS and Btrfs can exist in the Linux world with a small budget, I'm sure the largest software company in the world can pull off a nextgen file system too. Protecting data on PCs is still ad-hoc, Most consumer users can't be bothered to automate their backups even with existing utilities in Windows. They do silly things like back up manually to USB keys... occasionally. The vast majority don't have secondary drives.

PCs should just do data protection right out of the box without user input. Ideally the OS should even encourage the existence of secondary drive with a notification upon first use. (scold the manufacturer as inferior product for not putting it in with a warning... your data isn't safe) Sell Windows with cloud backups as a built-in feature (with opt in question during initial use). Hook customers in with free backups for first year.

Add more robust virus and spyware protection. Create a far better firewall (something like peerblock's list system baked into the system). Make it easier to clean out the system of unwanted apps... without having to reinstall everything again. Windows store is a step in the right direction but it shouldn't mimic Apple's and Android's Orwellian control freak model (that also sucks up the profits of app developers) Reverse the model. Apps that are installed in windows instantly also become store apps aligned to their personal account. This way anyone can install anything on their system and immediately have a full system recovery even if the hardware dies. Get the job done.

With the rise of mobile, at this juncture Microsoft is no longer in a monopoly position. The DOJ should allow it to add security and data stability features to the desktop without having a cow. If competing companies don't like it, tough. Free enterprise. Either do it better or get out of the way of those that can.