> And EFI is a good thing, especially considering the monster dumpster fire that is UEFI?
Well it may be a dumpster fire, but it is the finest, most consistent flame we've gotten from the firmware dumpster; which is why it is fast becoming the only standard firmware interface in actual use. UEFI is fast becoming the standard for ARMv8, it's creeping back to ARMv7, and it's becoming popular with RISC-V.
You will either learn to love it, or you will suffer forever. Mark my words, UEFI will still be booting your machine in 2040, when the President is literally a deep fake controlled by a troika of Jack Dorsey, Jeff Bezos, and Priscilla Chan.
It was FORTH, which most developers really hated. Sometimes the end users even got exposed to bits of FORTH poking out, for example in the syntax for booting.
We really just wanted a nice clean 64-bit BIOS, with all the datatypes 64-bit. The BIOS is pretty decent if you strip out redundant interfaces, segmentation, and never-used functionality. Adding extra functionality to firmware is madness. Firmware needs to initialize key hardware like RAM, load a boot loader, and get out of the way. Firmware doesn't need to be practically an OS.
The old 16-bit BIOS was actually working OK. Sure, it was nasty to program for, but almost nobody had to deal with that.
Tradecraft hasn't changed much. It has been fairly well tested. Operational security and information security have not changed much... They have become more difficult with cell-phones and small internet connected devices.
I think another big difference and a subject that probably would be included in a redo is understanding how all of the modern data generating systems can reveal covert activity through the analysis of metadata and how to "hide in the noise" of this.
The geospatial correlation of burner phone to actual identity if one does not practice good sanitation as far as locational security when accessing wireless networks as an example.
I treat my cellphone as though I have an always-on homing beacon on me that can not be trusted to be off even when it says it is off. And that's not even a smartphone, so I can still remove the battery if I want to. Now throw ANPR, face recognition, cheap DNA synthesis, ubiquitous video surveillance, public transport ID cards and a some more modern goodies into the mix and it takes real work just to move from 'A' to 'B' without leaving a trail a mile wide.
They aren't good. Hence the dragnet approach of collecting all data, and then waiting for Google or some such entity to come up with the research for mining methodology.
I’m going to presume you’re not conducting illegal activity such that you’re worried about getting caught. Given that presumption, what risks are you trying to mitigate by treating your cell phone as you describe?
Knowing what companies are on the market. My cell phone location would pretty much tell you who is being invested in or about to be sold. That could really cause trouble.
William Binney once said in an interview that one could also analyze which pair (or cluster) of cellphones went off together, and then analyze possible rendezvous.
I think one way to circumvent this is to force all participants to keep the cellphones in their offices/homes, and then meet elsewhere at a predetermined time, with no one carrying phones.
As many security professionals often say, it's not about whether I do any illegal activity, it is also about whether someone can "impersonate" me for various crimes like phishing. The less sensitive information people know about you, the safer it is for you.
I live in a country which retains phone location data for 2 years and can be warantlessly accessed by hundreds of government agencies down to tiny local councils and has zero oversight.
Would love to "mitigate" the risks of that information falling into the wrong hands whether legally accessed or not, sadly it's too much effort so I don't.
Last time I tried to order a purism... I waited for 4 months and then took about a few weeks and multiple payments for a refund. Have they worked out their supply chain issues yet?
I like to think of bitcoin as the censorship resistant settlement layer on which payment networks/systems can and are being built (like lightning network, which just passed all tests). There are some pretty sweet video demos of lightning network/payment channels in action.
Don't forget that it's now possible to broadcast bitcoin transactions via satellite - without internet...
That could very well be the thing, and there's certain value in that, however IMHO that value is limited because:
1) the market value of a settlement system handling is much, much lower than that of a retail payment system with a comparable value (not number) of transactions. If the "payment of the future" is a side-chain that uses bitcoin as the settlement layer, then that side-chain will be the value creator and get almost all benefit of that value, not bitcoin. Offering payment services to consumers and businesses is a huge value proposition; offering settlement services to institutions or technological payment networks is a lot of value as well but there's less market lock-in and network effect so that's going to be much more commoditized and more vulnerable to competition with established channels.
A consumer is only going to use a few payment methods for convenience reasons; a sophisticated institution (no matter if it's a bank or simply a large corporation selling stuff) or a realistic payment network is easily going to use all possible ways to settle their debts with institution B and is going to route every transaction among the cheapest route possible for that deal. Currently bitcoin is order of magnitude too expensive compared to other real time gross settlement systems (e.g. Target2 starts with ~dollar per transaction and becomes cheaper with more volume), so only transactions that require censorship resistance would be settled through bitcoin and all others would not. Even if we're not talking about institutions but a purely technological solution, using bitcoin as the settlement layer is something that can and will be switched to a different layer if that's more attractive.
2) The properties of bitcoin (irrevocability, pseudonymity, censorship resistance) are benefits to many consumer use-cases and markets, but not particularly relevant to large-volume settlement systems. Anyone who has thousands or millions of payments to aggregate and route through a gross settlement system would generally prefer revocability (partners of payment networks explicitly designed revocability in the protocols they designed, because they wanted this feature); they don't care about pseudonymity because they're large enough that they can't hide, and they don't care about technological censorship resistance because they anyway can't advertise/sell their services if they violate that censorship - they're too large to hide, and they'd be visited by angry men with guns if they tried that. Settlement layer has an entirely different target audience than consumer payments, and that audience has entirely different needs - ones that Bitcoin doesn't fulfill particularly well.
I.e. bitcoin can be used to, for example, smuggle capital out of China avoiding capital controls, and there's value in that use-case; but if it's used as a settlement layer for a service or process smuggling capital out of China, then that wouldn't drive up/maintain the price of Bitcoin nearly as much, and having a censorship-resistant settlement layer doesn't enable you to offer censorship-resistant payments unless all your other money flow is also censorship-resistant.
This was addressing the parent poster's proposal of a single, quite particular (and IMHO not in popular opinion) use-case of it purely as the settlement layer for other payment network(s); but there seems to be no consensus about the main use case, at the very least I see camps of 'value store', 'decentralized payments for the masses' and 'payments that can't be restricted' which already each have some conflicting requirements.
