I mean can you actually protect against the NSA? After Stuxnet, I fully trust that nation/state actors can infect whatever they put their mind to - I'd rather at least have control over my machine
If your adversary is a nation state, you've already lost.
Which gives me another opportunity to quote from my favourite Usenix paper:
"In the real world, threat models are much simpler (see Figure 1). Basically, you’re either dealing with Mossad or not-Mossad. If your adversary is not-Mossad, then you’ll probably be fine if you pick a good password and don’t respond to emails from ChEaPestPAiNPi11s@ virus-basket.biz.ru. If your adversary is the Mossad, YOU’RE GONNA DIE AND THERE’S NOTHING THAT YOU CAN DO ABOUT IT. The Mossad is not intimidated by the fact that you employ https://. If the Mossad wants your data, they’re going to use a drone to replace your cellphone with a piece of uranium that’s shaped like a cellphone, and when you die of tumors filled with tumors, they’re going to hold a press conference and say “It wasn’t us” as they wear t-shirts that say “IT WAS DEFINITELY US,” and then they’re going to buy all of your stuff at your estate sale so that they can directly look at the photos of your vacation instead of reading your insipid emails about them. "
Figure 1:
Threat: Ex-girlfriend/boyfriend breaking into your email account and publicly releasing your correspondence with the My Little Pony fan club
Solution: Strong passwords
Threat: Organized criminals breaking into your email account and sending spam using your identity
Solution: Strong passwords + common sense (don’t click on unsolicited herbal Viagra ads that result in keyloggers and sorrow)
Threat: The Mossad doing Mossad things with your email account
Solution:
• Magical amulets?
• Fake your own death, move into a submarine?
• YOU’RE STILL GONNA BE MOSSAD’ED UPON
Most of that time he was in a series of caves located in a fairly apathetic nuclear power's boarders.
He was also trained and equipped by the CIA.
So, if you're willing to live in caves where they can't easily search for you after being trained and equipped by the best of the best, sure, you might live slightly longer.
Doesn't seem like a tenable circumstance to me though.
to be fair, he did lose eventually, and it took the CIA impersonating a vaccine distribution program to take blood samples to find him, which is pretty fucking omnipotent if you ask me, although sowing distrust in vaccine distribution did have some unintended consequences...
You're right, that's a fair call, but still he's a person with possibly the most recognised face on the planet at the time and really it took that long? He's not in a cave, he's living in a mansion in a city with servants and staff.
There's plenty of completely unknown actors who I'm sure are on their radar, along with modern serial killers who despite leaving physical evidence have still evaded capture.
I've had brief dealings with cyber side of policing from reporting incidents and a few friends in the services, they all seem incredibly capable but have questionable amount of resources to do the job (along with not getting private sector wages).
Some seem repeat this phrase like it's a done deal but their job ain't easy, there's a huge amount of bad people out there in the world and there's only so much focus an agency can have. Think a little bit of realism is needed when someone mindlessly repeats such things.
zzz, this guy who wrote this piece is either a tool or an agent.
people give up their security too easily...
the same applies to the threat model absolute bullshit. the threat model makes people think inside the box, meaning, they already accepted, by thinking inside that box, that there are people/entities they can't defend against.
