Because the US government has requirements about what it accepts.

You can't just implement whatever algorithm you like, then sell a router with that to the government. It must comply with whatever standard the government decided to adopt. And given that the government buys a lot of things, it wouldn't make economical sense to make equipment you could never sell to them.

This snowballs, and effectively sets a global standard for encryption. Sure, in your home you can do whatever you like, but the important thing is the security of the internet as a whole, and all of that is made of hardware and software that wants to be able to be used by the US government, and as such must support whatever standard it decides to adopt.

It's got nothing to do with the private key.

NSA goes to Verisign (for instance). Says "please sign our key for google.com". Verisign signs it. NSA intercepts traffic between google.com and you. Browser deems cert as valid, as Verisign signed it, and you seem to be connecting to google.com.

The CA system is weak because so long the connection is signed by a CA in the browser's list, the browser doesn't care which it is, even if it changes on a daily basis. If you can convince any CA in the list to sign what you need, you have a way to set up a MITM attack the browser won't warn you about.

The important thing isn't Google's servers, but the Certificate Authorities.

All that the NSA has to do is to get some CA to emit certificates for Google's domains. Then they can easily place themselves as a man in the middle, and the user won't notice.

No access to Google's servers necessary, then.

Thanks for reminding me of another reason why I don't buy your products

That was in 1975. The NSA that did that isn't necessarily the NSA that exists today. Just because they did something good nearly 40 years ago, dosn't mean they have anywhere near the same ideas now.

Internal priorities, people with the ability to push their agenda, and external factors can have easily changed in that time. Hell, most of the people from back then are probably dead by now.

Also, while they did make it stronger against differential cryptanalysis, they got the key length reduced, which means that today, DES is terribly weak, and 3DES is needed to patch it up.

This fits in quite nicely in what you say though. The thinking might have been that differential cryptanalysis makes cracking much easier, but a reduced key length would still require NSA-sized resources to break.

Ammunition for the plasma rifle and fuel for advanced aircraft.

Some may scoff at this, but this is exactly the sort of thing SL for.

Look around in there, you'll probably find something to your liking.

This is for positioning satellites relative to each other. The applications are things like telescopes made of several spacecraft to create a mirror larger than what is practical to launch in one piece.

But this isn't an engine that will allow a satellite to stay in orbit without fuel. They still need a traditional engine with propellant for everything besides adjusting the distance between nearby satellites.

> What harm comes from a corporation moving its servers out of the U.S.?

Economic harm to companies providing hosting in the US. Which are generally large companies with lobbyists that can affect US politics.

> Vote the fuckers out that approved this nonsense and reform the system back to what its mandate is/was supposed to be!

That would be lovely, but doesn't work for people who run servers in the US, but aren't US citizens. The only way we have to push the US government around is indirectly like this.

You load your own key during your setup procedure.

Extra benefit of that if the employee leaves, the corporation can decrypt their disk.

Anywhere else, really.

Europe seems to take this stuff a lot more seriously.

But that's not really needed. What's needed here is to put pressure on the US government, and pulling business out of the US will do just that. Even if the net is still being spied on, enough harm to US corporations will get the lobbyists' attention.

It doesn't have to be outside my control. It only has to be outside of my laptop's control, which is a crucial difference.

A TPM that came with my keys printed on a piece of paper, and which would allow me to replace the keys it uses would do just fine for what you say.

I don't want to turn it off. I want not to have it. I want it this way so that I can't possibly be counted as part of the TPM market share.

Besides, once it's there, it's trivial to remove the option to disable it, so the option likely won't be stay there for long, once it's widely distributed enough.

No, I think America is pretty apt here.

Obama isn't the dictator of the US. Congress, lobbyists, the NSA and other people are also at fault here, as well as the general population for not being vigilant enough. This sort of thing doesn't happen just because Obama wants it, other people have to agree.

In principle, I think nuclear power is a perfectly sound idea that can be implemented safely and reliably.

But that's in principle. In practice somehow it turns out to be managed by complete morons that even after getting involved in the center of a huge scandal, still manage to show amazing incompetence and disregard for public safety, even when they know perfectly fine that the whole world is paying attention to them, and is already extremely distrustful.

And this state of affairs doesn't do their own industry any good. It's precisely crap like this what results in the replacement of nuclear with coal.