Computers can never be 100% secure. It’s just a matter of how many zeros one is ...

wakawaka28 · 2025-08-30T23:24:29 1756596269

They can be close enough to 100% as you like. Even if that was true, it does not excuse the morons who built the stuff for easy spying instead of reasonable security.

JumpCrisscross · 2025-08-30T17:59:11 1756576751

> when physical access to the hardware is so easy (for nation states)

So where is our deep, persistent infiltration of China?

tlb · 2025-08-30T18:22:24 1756578144

Unknown to the public. The NSA doesn't announce when it has pwned other countries (except sometimes much later) and China doesn't reveal intrusions the way US agencies and companies are required to.

everybodyknows · 2025-08-31T02:49:15 1756608555

A few years back the whole US humint network in the PRC was lost, agents killed, due to use of antiquated security tech.

h3half · 2025-08-31T21:42:50 1756676570

Do you have links where I can read about that? Sounds interesting

beeflet · 2025-08-30T18:46:03 1756579563

>Computers can never be 100% secure.

This is ridiculous defeatism. You are going to need more 0's than exist in the global economy to crack many cryptosystems.

bongodongobob · 2025-08-30T18:53:28 1756580008

I don't need to crack crypto, I just need to find an admin that can be blackmailed.

beeflet · 2025-08-30T18:59:41 1756580381

Then design the system so that there is not a single source of administrative failure.

breppp · 2025-08-30T19:33:38 1756582418

and also make sure to design a system without any bugs

beeflet · 2025-08-30T23:08:29 1756595309

You should look into cryptography. It actually is possible to design open systems provably without bugs or single sources of failure. It's possible to build mechanisms of plausible deniability that are largely immune to rubber-hose attacks.

It's also possible to design systems with an intermediate level of security. With your attitude, you might as well leave your house unlocked because any competent locksmith could break in.

breppp · 2025-08-31T05:28:27 1756618107

I am aware of cryptography, but how does strong cryptography prevents these?

https://www.heartbleed.com

https://www.blackduck.com/blog/understanding-apple-goto-fail...

beeflet · 2025-08-31T19:10:11 1756667411

Side channels are prevented through security audits. There is not an infinite well of bugs in any codebase that will always be exploitable.

Once you patch the bugs, they are patched. You eventually reach a state where there is no more surface area for bugs.

breppp · 2025-08-31T22:32:50 1756679570

I'm sorry, that's not aligned with reality. Possible states in a system grow exponentially with lines of codes added and no one can expect or prevent all the failure states leading to security issues

bongodongobob · 2025-08-31T20:09:53 1756670993

I feel like you've never worked at a company that has decades of tech debt and has more than just a handful of devs.

bongodongobob · 2025-08-31T03:46:12 1756611972

Lol, ok hotshot.

Veserv · 2025-08-30T17:59:02 1756576742

You only need to spend barely 7 zeros to defeat any organization in the world. About half of a single tank to defeat any commercial IT system no matter how much they spend on “security”.

beeflet · 2025-08-30T18:47:54 1756579674

Then let them spend it instead of giving your data away for free

Veserv · 2025-08-30T19:52:31 1756583551

That is what they did. Salt Typhoon is what they got. This will continue to happen until critical software systems are secure against state actors and requires tens to hundreds of billions of dollars to compromise instead of millions to tens of millions (in the hardest cases).

busterarm · 2025-08-30T19:05:00 1756580700

It's a lot cheaper to just kidnap and interrogate someone with the access you need.

And that's only if blackmail didn't work.

beeflet · 2025-08-30T19:06:55 1756580815

Okay then make them do that instead of giving your data away for free