• Possibly linux@lemmy.zip
    link
    fedilink
    English
    arrow-up
    1
    ·
    4 months ago

    I feel like it being founded by ex CIA people is really not important. They aren’t actively working for the CIA and chances are they know the threat they face. Best to just ignore that part and focus on the technical details. At the end of the day any server you don’t control shouldn’t be trusted.

    • ☆ Yσɠƚԋσʂ ☆@lemmy.mlOP
      link
      fedilink
      arrow-up
      4
      ·
      4 months ago

      I feel like it’s very important in terms of understanding the potential goals and motivations of people working on a particular piece of technology. Just because they say they’re ex-CIA absolutely does not mean they’re not actively working for them. While technical issues are obvious here, that’s not always the case. For example, there’s a famous case where NSA suggested using a particular configuration that made SSH vulnerable. There was nothing that would jump out at anybody as being nefarious because you had to already know that a particular exploit existed to notice it. However, questioning the intentions of the NSA in this scenario would’ve helped avoid the exploit.

      https://thehackernews.com/2015/10/nsa-crack-encryption.html