utopiah

It's a tricky situation to navigate.

There is the technical aspect, namely is it actually feasible, but itself wrapped within an economical and political context, as I've highlighted in another thread on this post.

On one hand we learn from Snowden's leaks about an entire surveillance apparatus, we might also have a conceptual understand of limitations via articles like "On trusting trust", plain incompetence and shortcuts for large companies, so all that and more invite us to be very prudent. Those are actual justifications for questioning what hardware, if any, can be trusted.

Yet... one can't go from those justifications to speculate. Yes there might be flaws, intentional or not, in both the design or the production or both of chips. Still, it's not because it's conceptually possible, or even that it happened before, that it does happen today and at scale.

Your System76 is an interesting example and it's a bit like my Banana Pi tinkering, or even more limited (yet exciting IMHO) the Precursor. Namely it's a very costly trade off today to "work" with hardware one can (at least try to) understand better, hopefully itself leading to better privacy and security. In the end most of us believe the trade off for more affordable performances trumps that deeper understanding.

I must express myself quite poorly. It is not a point about technical knowledge, in fact if you were to know more about the topic than I do, I would expect you to even more be upheld to higher standards and thus not promote a bad solution, even more so assume it's the only one. I can't imagine that even a PhD student who is supposedly at the frontier of knowledge in their very narrow field would assume no alternative is possible, or will ever be. This even more the case without having both a complete understand of the landscape but also about OP's actual needs, which is probably hard to express clearly and thus leading to a lot of assumption. Here maybe a simple loud alarm from a BT speaker going out of range might be enough.

My whole point is that abandoning hope, and leading others to do so, is worst than actively finding for a barely OK compromise.

Anyway I don't want to invest more energy on this discussion unfortunately so simply wishing you the best, thanks for the clarifications.

I imagine it's like everything else, you can only realistically verify against a random sample. It's like trucks passing a border, they should ALL be checked but in practice only few gets checked and punished with the hope that punishment will deter others.

Here if 1 chip is checked for 1 million produced and there is a single problem with it, being a backdoor or "just" a security flaw that is NOT present due to the original design, then the trust in the company producing them is shattered. Nobody who can afford alternatives will want to work with them.

I imagine in a lot of situations the economical risk is not worth it. Even if say a state actor does commission a backdoor to be added and thus tell the producing company they'll cover their losses, as soon as the news is out nobody will even use the chips so even for a state actor it doesn't work.

They asked for an alternative to airtags. I provided one.

And even though I'm not OP I'm genuinely grateful for that.

Doesn’t matter if they were compromised because like I said, everyone is eventually.

No! That's the whole point of this Privacy community! If someone is using, using home automation as an example, Apple HomeKit or Roomba or Google Home they will eventually get compromised BUT if they are using something local, e.g Zigbee with HomeAssistant they WILL never get compromised because by the very local only architecture of that solution no data is leaving the home and thus can NOT be compromised.

The ENTIRE reason d'etre of this community is not to say "Oh well... the default solutions are imperfect, we have to shrug and accept the statu quo" but rather provide genuinely alternative.

I understand a lot of people can enter into a learned helplessness mindset imagining that only poor solutions exist and thus, better pick the least worst one, but by doing that we are giving power to Big Tech, surveillance capitalism, etc.

Please do NOT say that "everybody gets compromised" when you actually mean that "the vast majority of people who accept to use a popular solution with trade offs that are not good for privacy". It sounds like a finicky difference but it's actually totally different because it shows that it's not inevitable.

By taking shortcut in your language you limit what's conceived as possible by others who are asking for help, again, in a Privacy focused community.

True yet still not OK.

That's also why a lot of us do try to avoid, as much as is realistically feasible, to provide any data to any company that should store it. Hence why a lot of questions here are about self hosting, no cloud, etc. It's not paranoia, it's because companies cut corners and as you correctly point out, fail to keep us safe. So it's not about Tile specifically, they are just yet another poor example. Let's not defend them nor this kind of practices. If people in the Privacy community are OK with that, we have a rather deep problem.

The same way you would do it with a black box while optionally taking as many shortcuts as one is comfortable with by virtue of assuming having a better understanding of it's been built?

Get it audited by tools, e.g OneSpin, or people, e.g Bunnie, that one trusts?

I'm not saying it's intrinsically safer than other architectures but it is at least more inspectable and, for people who do value trust for whatever, can be again federated.

I assume if you do ask the question you are skeptical about it so curious to know what you believe is a better alternative and why.

Buying other hardware that you (well... not me ;) can inspect and verify, e.g RISC?

For now the performances are pretty terrible BUT one can imagine, assuming they have the right discipline and mental model doing what's actually personal on a verifiable processor, e.g browsing and reading emails, and what's not, e.g watching a TV show on another machine with CPU/GPU with an unverifiable architecture.

PS: I have a Precursor and a Banana Pi BPI-F3 with SpacemiT K1 8 core RISC-V chip and that's the main idea behind them both, i.e knowing, as a community, how it works all the way down.

I... agree but isn't then contradicting your previous point that innovation will come from large companies if they only try to secure monopolies rather than genuinely innovate? I don't understand from that perspective who is left to innovate if it's neither research (focusing on publishing, even though having the actual novel insight and verifying that it does work), not the large companies... and startups don't get the funding either. Sorry if you mentioned it but I'm now confused as what is left.

They just provide the data. They can question the methodology or even provide another report with a different methodology but if the data is correct (namely no fabricated) then it's not up to them to see how it's being used. The user can decide how they define startup, i.e which minimum size, funding types, funding rounds, etc. Sharing their opinion on the startup landscape is unprofessional IMHO. They are of course free to do so but to me it doesn't question the validity of the original report.

Neat.

Warning disclaimer : I'm not a cryptographer.

I actually tinkered with https://github.com/open-quantum-safe and it's actually quite simple to become "post-quantum" whatever. The main idea being that one "just" have to switch their cryptographic algorithm, what one uses to encrypt/decrypt a message, from whatever they are using to a quantum-resistant (validated by NIST or whomever you trust to evaluate them) and... voila! The only test I did was setting up Apache httpd and querying that server with Chromium and curl, all with oqs, while disabling cryptographic algorithms that were not post-quantum and I was able (I think ;) to be "safe" relative to this kind of attacks.

Obviously this is assuming a lot, e.g that there are not other flaw in the design of the application, but my point being that becoming quantum-resistant is conceptually at least quite simple.

Anyway, I find it great to demystify this kind of progress and to realize how our stack can indeed, if we do believe it's worth it now, become resistant to more threats.

Please clarify, as I asked in https://lemmy.ml/post/20245112/13688624 I don't see how that's relevant. They are sharing opinions from startup CEO or numbers that are about large "old" (much earlier than the boom, e.g Ant, Shein, ByteDance). That's certainly interesting but does not contradict figures from the article.

Research happens through university, absolutely, and selling products at scale through large companies, but that's not innovation. Innovation is bringing new products, that is often the result of research yes, to market. Large companies tends to be innovative by buying startups. If there are no startups coming from research coming from universities to buy, I don't see how large companies, often stuck in the "innovator dilemma", will be able to innovate.