Open letter to tech companies (eff.org February 26, 2014 by Yan Zhu)

Security experts call on Tech companies to DEFEND against surveillance.

Open Letter to Tech companies includes 10 principles to protect users from NSA sabotage:

Kind regards, REBOL.

http://anewdomain.net/2014/04/12/ted-rall-big-tech-can-regain-trust/

Kind regards, REBOL.

This one goes out to Melih & Co., of course.
Would ALL of those 10 EFF wishes ever apply / or at least in the near future seem possible to COMODO?

1. Provide public access to source code whenever possible, and adopt a reproducible build process so that others can verify the integrity of pre-compiled binaries. Both open and closed source software should be distributed with verifiable signatures from a trusted party and a path for users to verify that their copy of the software is functionally identical to every other copy (a property known as "binary transparency").
  1. Explain choices of cryptographic algorithms and parameters. Make best efforts to fix or discontinue the use of cryptographic libraries, algorithms, or primitives with known vulnerabilities and disclose to customers immediately when a vulnerability is discovered.

  2. Hold an open and productive dialogue with the security and privacy communities. This includes facilitating review and responding to productive criticism from researchers.

  3. Provide a clear and secure pathway for security researchers to report vulnerabilities. Fix security bugs promptly.

  4. Publish government request reports regularly (often these are called “Transparency Reports”). Include the most granular reporting allowed by law.

  5. Invest in secure UX engineering to make it as easy as possible for users to use the system securely and as hard as possible for users to use the system unsafely.

  6. Publicly oppose mass surveillance and all efforts to mandate the insertion of backdoors or intentional weaknesses into security tools.

  7. Fight in court any attempt by the government or any third party to compromise users’ security.

  8. Adopt a principle of discarding user data after it is no longer necessary for the operation of the business.

  9. Attempt to protect as much data-in-transit as possible with strong encryption in order to prevent dragnet surveillance. Follow best practices for setting up SSL/TLS on servers whenever applicable.

Kind regards, REBOL. :slight_smile:

unfortunately as Kim Dotcom said “You can’t trust US tech companies anymore. Everything is backdoored by the #NSA.” https://twitter.com/KimDotcom/status/401040655683579904
From PRISM and now Heartbleed bug that NSA exploited for some time secretly, RSA authority undermined by receiving 10mil USD for backdoor, etc etc…
Even developers of the FreeBSD operating system say they no longer trust computer processor chips manufactured by two of the top tech companies !!

http://rt.com/usa/snowden-leak-rng-randomness-019/

Hi Mark1,

as I said before:

This one goes out to Melih & Co.

Still waiting for an answer, btw. :slight_smile:

Please keep in mind though: COMODO can in NO WAY, NOT EVEN by any ethical means be made responsible for any possibly unethical U.S. law.

Any U.S. residing company should, on the other hand - especially if presenting themselves to a WORLDWIDE customership - in fact RESPECT certain legislations VALID in those other countries / nations as well.

If not applicable to certain companies, well… then those companies should - sad but true - restrict promoting and usage of their products and keep on with / return to a former regional level of trust.

Any “product” that tries to undermine other democratic countries’ laws, should be BANNED in those countries because of being not in accordance with THEIR law(s), especially if personal (i. e. privacy) and / or human (i. e. dignity) rights are concerned. No, I am not explicitely talking “human rights” as such, sadly not, cause there’s still a long road to travel for many people / politicians / the masses etc., I am talking TARGET VALUES shared with the public by intelligent, ethical people who DO REALLY CARE… not about their pockets being filled with gold, but for mankind’s welfare.

Any product that contradicts its own very promise by not applying to certain ethical standards, should NEVER be TRUSTED by those who deeply believe in such standards.

What the NSA (and quite a bunch of other investigating “organizations”) have already done to harm that very thought of mankind “living in freedom and peace” or at least constructive, somewhat friendly conversation, will hopefully be told in huge details to later generations, if there will be any…

So… yes, still waiting for an answer, officially done if possible, and by p. m. if not possible.

Again, it’s not Comodo’s fault what has happened in our world, but “freedom of speech” shouldn’t just be an obsolete phrase.

Kind regards, REBOL. Melih anywhere? :slight_smile: