When your router’s chips are made in China, flashed in China with closed source firmware and the money you pay goes to Chinese companies, then it’s backdoored.

When your router’s chips are made in China, flashed in China with closed source firmware and the money you pay goes to American companies, it’s bulletproof.

Just open your “secure” “American” router and look where they are made and flashed. I bet it’s not USA.

We are going at 560,000 miles an hour trough the unrelenting darkness of space, and just decided to destroy our life support system.

Life is a cycle. I am suffering today so i can afford to suffer tomorrow. Makes sense.

Life is only worth living if you are a masochist.

Nothing will change as long as we are piloting decaying, constantly hurting meat-bags trough a world of artificially created horrors like war, hunger, poverty and natural horrors like disease, aging and drought.

Whenever you feel overwhelmed by life, lay down on your bed, close your eyes, and listen to this.

Here some info about how much and what kind of user data is being sold (GPS position,…), and the legality of it all.

Extracting the keys locked to an TPM is supposed to be impossible, so you do not need to worry about somebody stealing your keys.

TPM sniffing

If you are having sensitive information stored using closed-source software/OS, you can stop reading right here. This is your biggest vulnerability and the best thing you can do is to switch to FOSS.

For those that have already switched:
It made me think about how to improve the resistance of large FOSS projects against state-sponsored attackers injecting backdoors.

The best thing i came up with would be to have each contribution checked by a contributor of a rival state. So a Russian (or Chinese) contributor verifies a contribution by an American.
The verifying contributors would have to be chosen at random in a way that is not predeterminable by an attacker, otherwise a Chinese-state contributor will contribute harmless code until the next verifier will be a US-based Chinese spy. Then they will submit a backdoor and have it checked by an American citizen paid by China.
Also the random number generator has to be verifiable by outsiders, otherwise a spy in the Linux-Foundation can manipulate the outcome of choosing a favorable verifier for a backdoor.

This can obviously only be done as long as there are lots of contributors from rivaling states. If the US decided that Linux can only allow contributors from USA/EU, then this model can not work and Linux would have to relocate into a more favorable state like Switzerland.

What one should keep in mind that even if the US would ban all foreign contributions and the foundation would not relocate, Linux would still be more secure than any closed source OS, as those foreigners can still look at the code and blow the whistle on bugs/backdoors. It would however be much more insecure than it is now, as the overhead for finding bugs/backdoors would be much larger.