@nprofile1q...
Not a Delta Mike Zulu?

@nprofile1q...
At least we know where to aim.

@nprofile1q...
Fuck this fascist collaborationist bullshit. You know full well this isn't going to end here.

@nprofile1q...
There was definitely a broad base of support then for military action and security — one which was viciously abused in ways that we are still now seeing the fallout from domestically, let alone internationally.

That's said, as others have, I cannot let that statement that everyone was all in go unchallenged — tens of millions of us were dead set against it and in the streets trying to stop what was in the end as predicted — another round of pointless warfare that left the country and the world a much worse place.

@nprofile1q...
@nprofile1q... @nprofile1q... @nprofile1q... and like, sure, building on convenient stacks with no properly documented security model is fast if your system will also have no documented security model and no security validation. But then you don't have a secure messaging tool, you have a vibes messaging tool.

@nprofile1q...
@nprofile1q... @nprofile1q... @nprofile1q... and why would bittorrent not have threat model? Certainly, I'd expect that a safety critical app using it as a transport layer would need to take the time to figure what threat model it de facto implemented and make sure that was suitable for how they were using it. That's much more expensive than doing it the other way around, though, and leads to dangerous cases where the upstream does not know what security properties of their system downstream users are depending on them, leading to nasty and hard to fix vulnerabilities when they're broken without notice. Which is why folks building systems where security matters usually build on tools with a proper security engineering foundation.

@nprofile1q...
@nprofile1q... @nprofile1q... @nprofile1q... Yes, that actually is a red flag, very literally. Especially if folks are suggesting it's the right stack to replace tools where a breach may result in many many deaths.

@nprofile1q...
@nprofile1q... @nprofile1q... @nprofile1q... Not having a baseline way of explaining what the set of threat models and security guarantees it's designed to be able to meet is a red flag, especially on a complex, reconfigurable protocol stack. It means that if someone wants to use it for something real, they have to start from scratch in analyzing the security properties of each element in the configurations they might use, then analyze how those elements interact, etc. The same thing applies with trying to figure out if this protocol stack is or can be appropriate to solve a given particular problem.

In a lot of cases, it's going to be easier to start from scratch and build simpler, smaller components designed directly around the security guarantees and architecture your specific project needs. The expensive part of a piece of software is not the code, it's the team that has a living, detailed model of the code in their heads — a technical model, a user experience model, a security model, and a performance model, at a minimum. To be worth seriously adopting, a protocol stack should at the very least attempt to make this legible to developers.

@nprofile1q...
@nprofile1q... right, after digging around for a while I see no threat model or even vague notions of what "secure" means to them. Also, it looks like this is some more cryptocurrency-led bullshit?