This text is not a news report, it’s a technical one about this specific bug. It shows how the attack develops and suggest mitigations at the kernel development level.
The bug itself is small and it lead to a whole system compromise, and the title is very good to guide us to the point they are trying to make… memory corruption is a problem and that needs to be addressed at early stages even, even if the overhead seems not worth it.
This kind of text work is called essay, it doesn't need to follow the rules of writing an article because it's not one.
The author probably knows how complicated it's to write (he is a professional writer), and still manages to do it good enough to get some prizes for his work https://en.wikipedia.org/wiki/Cory_Doctorow#Awards
The critics are valid, the solutions are not (for activists, as it's it focus)
Conversations.im was (or is, haven't checked in a month) logs encrypted chats on cleartext by default, and history shows why that is a bad idea [0]
Until today I haven't seen a single XMPP that protects metadata, the roster is always on cleartext, to support omemo you are storing yet more info always, etc.
If the answer to Signal issues is XMPP, there is a lot of work to do before to even suggest going this path.
While you are not lying, and mailing lists should be avoided if you want to share secrets, most of the times you need a mailing lists not to do that, but to simplify communications.
At least in the global south, most of radical activists groups have strong "no-internet policies" for any type of secret, and no cellphones ones for their work. They have learned with their own history what they can or can't do, learned how to deal with IRL infiltration, and even learned how to communicate without any kind of contact or even agreements between groups. To survive and act against dictatorships or invading armies is not easy, they had to be smart.
But still, because travelling is expensive and networking today is a need for some of those groups or collectives, they can communicate with each other talking about their resolutions or activities, which are not secret (as I already said, it's assumed there can be a IRL infiltrate) but they are also not public.
You can see SMTP and mailing lists as a huge security risk, and they are, it's just not very common to see people that assume the opposite around here.
Also, sometimes, some activists can deliberately use a mailing list as a public expression channel because it is important that these things can be eared by everybody.
I see it as sticking posters in the street. There is no reasons to use Facebook or Google Groups for most of the Riseup (public) Lists users, not because they want something secret and hidden, but because they don't want to play with some companies rules and appreciate to be a part of a network run by volunteers more than to use profitable fake-free services.
Because it makes sense, not because it is more or less secure.
I didn't downvote you, but there are different reasons why you would like to use a wildcard certificate and even if those reasons are not aligned with your goals they shouldn't be dismissed.
I know two, at least. For a small communitary school in my city, teachers and students keep blogs in a wordpress multi user server, for storing data or doing webdev examples. They have a subdomain setup and cannot use ssl as the domain name will always be unknown by the person who creates the blog and the wildcard is too expensive for something they do in their free time.
I'm sure your points are valid, but you cannot define the thread model of others so easy. And don't get mad by downvotes, upvoting or downvoting is pretty boring
I haven't live in a lot of oppressive regimes, but usually this is not how it works. I lived two close examples
When i was a kid a friend of my grand mother was arrested because a neighbor said he was a communist. He was tortured for a week and his party, kind of center/right wing took him out as they were a close party to the current government. Oppressive regimes usually don't need evidences.
A friend of mine was arrested for two years, accused for terrorism. The proofs? a war and peace copy (not even a photocopied book) and a guns and roses poster. And this was in "democracy"... so stupid proofs are also used, and whatever can be a proof, like a book about cubism was considered that was a book of cuba's ideology.
Tor has been for years looked by "regular"/"normal"/"common" people as a tool for drug dealers or child molesters. The switch to a human rights tool doesn't seem to really put it more into the illegal line.
Anyway, oppressive regimes do whatever they want, Tor can avoid some of the spying but if the state is already taking your computer you are screw up with Tor or without it.
I think you're missing his point. Many people in oppressive regimes, including oppressors, are interested in a bit of extra privacy. Regime might even be able to get around it since a lot of "privacy" tools are bullshit. A tool saying it's specifically designed to defeat oppressive regimes is practically an attack on them. Even possessing it says you're fighting the regime. So, eliminating all such tools or people using them is a logical response for oppressive regimes.
And people on Pieter's side of this issue probably think it also logically follows to prevent that mental connection from happening in government officials' minds. Just gotta change how it's branded.
I understand the point, what I am saying is that things don't work this way, neither in my personal experience (which i told) and neither in the areas i work (i work for a human rights organization, which doesn't recommend any software btw). There is a difference on what you think people should react and what people really react.
If it's as concepts, "human rights" triggers less alarms than anonymity, first because while I don't know which regimes you consider oppressive there is a big probability they themselves think they comply and/or promote human rights. Iran for example have a Islamic Human Rights Commission and proudly promote it. Israel would be another country that fits this example.
Then we have that anonymity could mean something it scares them the most, which is not human rights defenders but spying. Tor is already in a bad list for this reason, same as any anonymity software. The biggest threat those countries face is still military intervention or terrorism. A friend was arrested while taking pictures in Palestine, when questioned he was asked if he had Tor or i2p installed, PGP or any encryption software on his laptop. They didn't took his laptop away, but that was before the switch to "human rights" brand.
Then there is another vector we can take, Tor as circunvention. Another friend when visiting sudan got a pamflet to not use Tor, VPNs or Proxies when asked for the visa. The hotel made the same requeriment. This was 4 years ago. The reason was not that Sudan has been in the list of the worst human rights offenders but that you could access immoral content with it.
So, while I understand the point, it doesn't seem to have a backed reality to be sustained.
I agree with you, there is no alternative to StartCom right now in wildcard certs. While GNOME got a free account to get those certs, the last time i checked is still the cheapest way to get wildcard certificates (60 usd for unlimited wildcard certs).
It also removes the complexity of having to deploy let's encrypt certificates every X months without storing the LE's account key online. But if they release certificates for anybody claiming to be you there is no advantage in this area.
I have used nitrokeys and FST-01, the FST-01 beats the nitrokey in speed and in freedom, i currently use two of them, one with rsa 4096 and one with 25519 (for decryption you need libgcrypt 1.7). The nitrokey beats the FST-01 in the case, it's by default more weareable without need to make your own one.
It seems there is a big plus when you use a board made by the person who makes gnuk which is the same person who makes the smartcard gnupg code.
Nitrokey Start uses GNUK 1.0 firmware and its hardware is very similar to FST-01. The microprocessor should be identical so that its performance should be identical too. This applies to Nitrokey Start only, the other models differ.
The bug itself is small and it lead to a whole system compromise, and the title is very good to guide us to the point they are trying to make… memory corruption is a problem and that needs to be addressed at early stages even, even if the overhead seems not worth it.