If there's a need for cash, it will exist in some form.
If the governments of the world get rid of cash, meaning all of our transactions are identifiable and traceable by gov'ts and corporations an immediate black-market cash system of some kind will spring up. Of course, they'll make it illegal, and if caught then you'll go to jail just for buying something legal but embarrassing. Then various methods will be invented to help ensure people aren't caught as easily.
IMHO UEFI is one of the dumbest things in a long history of dumb "innovations" in computer history. It adds complexity to a process which should be very simple and stripped down to the most basic needs: Booting a OS.
It's the implementation of UEFI/EFI/TianoCore that I find most problematic, and not the idea of having a console operating system.
I work regularly with servers that provide most or all of what EFI does, and within the console, though these servers provide it with considerably less confusion and hassle.
Having an embedded console can be very handy to have a functional operating system available in the firmware. Whether this is troubleshooting the server, or the boot process, or baseline server configuration without having to fire up an operating system or a diagnostic.
What's not so handy (with EFI) is the complete grab-bag user interfaces, nor the confusing array of consoles that can exist (the Shell, the menus, the BMC, and increasingly often a management widget), nor limitations around the callbacks. And the byte-code engine concept that was intended to avoid having to implement console (and boot) drivers for each new widget never really got traction.
Simply having boot drivers available as callbacks for the operating system would have been very handy for folks writing or porting an OS. Debugging in the bootstrap environment stinks.
IMHO, EFI just isn't a well-designed user interface. It seems to be a scatter-shot collection of pieces that were duct-taped together into a technology demonstration. And I'm not entirely certain the folks that originally built EFI ever intended the manufacturers present it to the end-users to use it as the primary console, either.
I am actually of the opinion that UEFI isn't "complex" enough—the best BIOS I've ever used is OpenBoot, with the Forth interpreter. Simple in some ways but very very flexible, more than enough to blow your while leg off. And yet more pleasant to use than anything else.
I would go work there just to try to find out what this vaunted decryption breakthrough is. Do we all have to stop relying on ssh to secure communications, or something?
Most likely most of their breaks consist of widespread implementation of very specific techniques on problematic protocols (say timing attacks). Even with the ability to straightforward break certain primitives, it's computationally intensive, so widespread crypto usage still hurts their dragnet ability. And they certainly can't engage in widespread active attacks, so I doubt they care very much about digest/signature algorithms. And why would they waste time snooping SSL banking sessions just to screen scrape the HTML when having the banks/FinCen setup a DB mirror is much easier?
Even if you were to find out, what good would it do? Let's say the worst case scenario was true, and all block ciphers are extremely busted, and their contents decrypted and mined along with everything else. Would you basically forfeit your life to be a patriot of humanity and publicize that fact? (Especially given how much kool-aid you had to drink to find out in the first place, and how overwhelmed you'd be by the reality of an industrial spying operation). If such a break really is the case, the private sector will figure it out over time. Meanwhile, IMHO, the only thing a freedom-preserving person can do is assume the abstract concepts of cryptography are feasible, and build systems with the primitives we currently have. Don't worry about them reading your present communication in the future, because if we're to the point where they're casually arresting people based on their ideas, we're boned anyway.
Also, to anyone who thinks "US laws protect citizens from spying", your wishful fairytale is only deceiving yourself. I'm sure NSA views the whole process akin to a quantum computation, where they massage the data on everyone using massive vector operations (which they don't consider interception on individuals, as it's a mechanical process), and then a kind of decoherence step where they read the answer. If your completely-between-citizens correspondence is interesting, it's reflected in the interest level of a cross-border relationship, and the latter is reported. They start a specific investigation (with the sham-court rubber stamp) and see the whole picture eventually. And yes, I know the NSA isn't interested in widespread de facto criminality, but if the only reason the details of your personal life aren't being scrutinized by another human being is that you are just not interesting enough, exactly how could you claim that you aren't being spied on?
If such a thing exists, they wouldn't share it internally either. It seems they are already collecting data across many protocols and encryption schemes, and very few people would get to know reliably which were cracked or how.
That said, the various security clearances you'd have to pick up would virtually guarantee serious compensation in the private sector, if/when you chose to leave. There are a lot of positions that can't possibly be outsourced or filled with H1-B workers.
Yes there was an online chalenge lookig for recruits to GCHQ (the UK NSA equivelent) and the starting pay was £25k which given the skils required fro that sort of job is very poor pay.
Is that £25k training pay or introductory pay. When I was applying for an Air traffic controller position, training pay (18 months) was £13k. But duty pay was much higher and, according to the ATCs at the interview day, overtime regularly pushed it into £50k-60k at the busiest airports.
I have a feeling the £25k isn't the complete story and there might be other compensation not mentioned.
Nope its civil service (you dont get big pay rises) this is for entry level grads and 25k is low discounting the fact that ML and Crypto is worth more as a specialisation than bog standard Java by the numbers graduates.(and GCHQ you would have to go through the DV process and work in the middle of nowhere)
Oh and for the past few years there have been pay freezes in the civil service which will be continuing for the life of this parliament.
I didn't downvote you, but my guess is that your (pre-edit) comment adds little to the conversation, and could nearly as easily have been expressed by upvoting the parent (which, IMO, also fails to add much to the discussion).
If they weren't using all that power to spy on US citizens, it might be a bit more palatable. You can make a case for being nosy when it comes to people who aren't covered by our own Constitutional guarantees, but when it comes to US citizens, due process is something I consider awfully important. (And no, "national security letters" are not what I consider due process.)
Obviously not everything the NSA does is a problem from a Constitutional standpoint, but still... the odds of being ordered to do something I would find grossly unethical are too high for me to want to work there.
Worse still, I could see myself modifying my own ethics over time for the sake of staying in my employer's good graces. How many people can honestly say they would never fall prey to that temptation?
A shame, too, because I'll bet they still have some of the coolest toys around, even in the present age of commoditized supercomputing.
The NSA is relatively careful not to do blanket spying on US citizens, at least not directly, outside of specific legally approved programs (the NSLs, combatants, those engaged in communications with a foreign power, etc.). I agree the NSA and military/intelligence overreaches, but the people within NSA do make some effort to obey the law. The right place to change this is with the legislature (and judiciary) -- if there were stronger laws against domestic spying, the NSA would follow them.
It's also quite reasonable (and I'd say honorable) to not work for them, if you think either they're doing something immoral, or it would negatively affect you. I support a lot of the NSA's mission (cyber defense for the US and USG, specific international activity against enemies of the US), but certainly would like to see greater privacy protections in the US, and to protect private citizens (vs. governments) globally.
The problem, Ryan, is that when you have a huge super-secretive military government organization whose people "make some effort to obey the law", there's absolutely nothing stopping them from, one day, with no fanfare, choosing to start ignoring the law when and where convenient.
There are no checks or balances on their power and the potential abuse thereof. They operate in a legal vacuum, with carte blanche to do whatever they decide is necessary. Even THEIR BUDGET is classified information. We're not even allowed to know how many tax dollars they're spending to do illegal shit they're not telling us about.
You can support their mission 100% (I do), and still think that they should be entirely disbanded for this reason alone.
Only criminals would operate in this sort of LEGAL environment.
You've obviously never worked for a government agency if you think anything could 'just happen' one day.
It's hard enough to get things done that you ARE legally allowed to do, let alone anything remotely questionable.
I think you're confusing government agencies that have oversight of some kind with those that operate unchecked, like the military intelligence services (NSA, CIA, etc).
They have decades-long histories of doing illegal shit.
Tell that to a country that has had a military coup, or similar. One day the military obeys civilian orders, the next day they don't. Same could happen with NSA. One day they obey the law, the next day they don't.
Wouldn't have to be the whole agency, just some small, but connected, group. They could sell information to foreign countries or, maybe more likely, companies or do all sorts of other socially destructive but personally profitable things.
Of course it doesn't literally happen overnight. But would we know about it if NSA/CIA and similar started going rogue? Seems to me that the government would cover up any extra-legal activities that were discovered so we'd never know until it was too late.
You've obviously never worked for a government agency if
you think anything could 'just happen' one day. It's hard
enough to get things done that you ARE legally allowed to
do, let alone anything remotely questionable.
That's pure BS. I know of a couple of companies which had done work for gov't agencies which were screwed by powerful individuals in said agencies doing blatantly illegal things. In both cases, the companies involved refused to go along, and paid the price. 7 years down the road, they were "cleared", but the companies' owners had suffered great financial and personal devastation. Nothing happened to the gov't individuals save promotions.
There was a scandal when the NSA's high-volume tap at AT&T came to light. Such a tap at a core router counts as blanket spying. The reaction to it, increased powers and retroactive immunity, speaks volumes.
The very idea that something like “retroactive immunity” can protect someone from the consequences of breaking the law is a bit mind-bending. Whoever comes up with this stuff, it is to protect a culture of unaccountability and disregard for the law.
Out of interest - why do you consider it more unethical to spy on people from one arbitrary geographical area as opposed to people from another? What if they agree not to spy on anyone from Utah and only spy on those suspicious people from other states?
So you might not allow spying of NSA personnel above a particular sensitive grade or something.
And if you're worried about families of NSA personnel being spied on, they might not come from your arbitrary geological area and so are currently fair game.
> So you would be quite happy that All American Terrroists are safer than forign Actors?
Maybe it goes without saying, but yes, yes, a thousand times yes.
The U.S. Constitution guarantees the rights of everyone in the United States, whether citizen, immigrant, or undocumented, whether law-abiding or terrorist. It specifically guarantees a right to trial, and forbids government searches without a warrant based on probable cause.
The founders knew that government can eat away at vague promises of freedom, and so they guaranteed not only "due process of law" and security from "unreasonable searches and seizures," but also specific mechanisms for protecting those rights from the government. They guaranteed those rights to everyone on our shores.
Personally I hope for a day when everyone in the world is entitled to the same rights. But until that happens -- yes. The law demands that all human beings will be safe on our soil, unless and until they are punished by due process of law. May we find the courage to live up to that demand.
When privacy advocates are as honest as Moglen, they recognize that the biggest problem facing them is not governments or Facebook but those damn, stupid people who keep letting their privacy be invaded. Sure, people will say they want privacy, when you ask them using that loaded word, but time and again when faced with the choice between revealing information and getting some small thing of value, they reveal the information. But underneath the Moglen viewpoint is a huge disconnect: If privacy is about individuals exercising power over one's own information, and the vast majority of people consistently decline to exercise that power, then what the hell are privacy advocates advocating for?
If the governments of the world get rid of cash, meaning all of our transactions are identifiable and traceable by gov'ts and corporations an immediate black-market cash system of some kind will spring up. Of course, they'll make it illegal, and if caught then you'll go to jail just for buying something legal but embarrassing. Then various methods will be invented to help ensure people aren't caught as easily.
Such is the way of things.