[ExI] Revealed: how Microsoft handed the NSA access to encrypted messages

[Eugen Leitl]

On Sat, Jul 13, 2013 at 05:37:57PM +1200, Andrew Mckee wrote:
> On Fri, 12 Jul 2013 10:03:45 +1200, J.R. Jones <mrjones2020 at gmail.com> wrote:
> 
> >What OS do you run?
> 
> Technically irrelevant if you happen to be using an Intel cpu of recent vintage, 
> since they each come with a network accessible backdoor in its on chip microcode rom.

Of course we would like to have trusted hardware. However, compromises
of your NIC, CPU or GPU are not effective if you keep your secrets on
an airgapped machine or network (and go to the point of reducing TEMPEST 
emissions), and use sneakernet to transfer only safe formats.

Paranoia is sure fun, but at some point you have to titrate it
down to functional levels.
 
> Like to leave your modem/router on all the time?, is your PC always on, or left 
>
> in a software rebootable power state?, have you in the past engaged in anti-government behavior?

Of course you're running danger of stepping into a deliberately placed
honeypot, and have your traffic inspected by a wiresharc instance on
a mirror port, watched by a clueful party. 

You typically don't drop a nuke on a toddler in a sandbox, as you can 
only use it once. There are far easier ways to compromise your system
if you control upstream traffic, with some plausible deniability to
boot. 
 
> If so, then don't be too surprised to find your PC powers itself up in the wee hours with the harddrive rattling away to itself.
> 
> I'm afraid the technical means for a certain government to snoop on anyones computer has been around for several years at least.

Not anyone. Most people, yes. Everybody, no.