http://sel4.systems/FAQ/proof.pml

Qubes uses virtual machines to let you manage separate “security domains”. A virtual machine (VM) is basically a tiny operating system running inside of your real operating system. If your VM gets hacked, the attacker is able to access the files and read keystrokes in that VM, but not in other VMs or on your host computer. In Qubes all software (besides the desktop environment) is running inside of VMs, and you can easily and efficiently make as many as you need for whatever purposes you need. It’s also designed in such a way that if one VM gets infected with malware, the malware won’t be there the next time you reboot that VM.

https://pressfreedomfoundation.org/blog/2014/04/operating-system-can-protect-you-even-if-you-get-hacked

Rather than risk getting caught messing with everyone’s updates, my bet is that the NSA has compromised the microcode update signing keys giving the NSA the ability to selectively target specific computers. (Your operating system ensures security of updates by checking downloaded update packages against the signing key.) The NSA then can send out backdoors disguised as a Windows update for “security.” (Ironic but possible.)

That means you don’t need backdoors baked in the hardware, don’t need Intel’s buy-in, don’t have discoverable rootkits, and you can target specific systems without impacting the public at large.

http://www.democraticunderground.com/10023377711#post1

Snowden to the Guardian 2 days ago:

“Recently, I’ve been spending a lot of time thinking about press freedom issues in addition to the ordinary individual’s private communications, and I’ve been partnering with civil liberties organisations to see where we can contribute and try to create new tools, new techniques, new technologies that will make sure our rights are protected regardless of the status of law in a given jurisdiction.

Imagine an app or a cell phone or an operating system for a cell phone or a small device, anything that would allow people to have free and ready access to meaningfully secure communications platforms that don’t require sophistication to use and operate”.

http://www.theguardian.com/world/2014/jul/18/-sp-edward-snowden-nsa-whistleblower-interview-transcript

“What the investigators found inside Nasdaq shocked them, according to both law enforcement officials and private contractors hired by the company to aid in the investigation. Agents found the tracks of several different groups operating freely, some of which may have been in the exchange’s networks for years, including criminal hackers and Chinese cyberspies. Basic records of the daily activity occurring on the company’s servers, which would have helped investigators trace the hackers’ movements, were almost nonexistent”

http://mobile.businessweek.com/articles/2014-07-17/how-russian-hackers-stole-the-nasdaq

http://m.europe.wsj.com/articles/merkel-says-spying-on-allies-is-a-distraction-need-to-build-trust-1404999459?mobile=y

http://www.theguardian.com/commentisfree/2014/jul/11/the-ultimate-goal-of-the-nsa-is-total-population-control

http://www.theregister.co.uk/2013/03/01/post_cryptography_security_shamir/

http://www.wired.com/2011/06/chips-oy-spies-want-to-hack-proof-circuits/

Vertical integration of the entire manufacturing chain would bring up trust in the manufacturing process, enabling many Trojans to be controlled.

http://sdm-blog.mit.edu/2013/10/security-threats-in-integrated-circuits.html?m=1

… is what we need as a society for our critical civilian and military uses. 
The nation(s) and/or companies that will standardise them first may well also benefit from the huge benefits of being first mover advantage in offering techs that are substantially more user-trustworthy than anything available today.

http://www.darpa.mil/Our_Work/MTO/Programs/Trusted_Integrated_Circuits_(TRUST).aspx

Check out @ioerror’s Tweet: https://twitter.com/ioerror/status/484727016915083264

http://tante.cc/2014/01/16/blackphone-build-hardware-software-broken-promises/

I would add to such great post that they will never have the resources to have control of sw, hw and manufacturing of such a full featured device. It would run into the hundreds of millions of $ or more.

The only way to achieve such levels of assurance with single or double digit millions of $ is through extreme hw and sw minimization, and a very small and thin form factor handheld devices that does not claim to replace the users ordinary smartphone, but complement it and uses it as an hostile environment to get on the net via bluetooth:

User Verified Social Telematics.

…. computing solutions that would make such knowledge useless because they are so simple in sw and hw to afford and allow for extreme verification of all hw and sw involved at all stages,  including manufacturing.

Former NSA chief Alexander, and who knows how many others, can make millions in consulting only because the It industry and experts have not even started working on computing solutions that would make such knowledge useless because they are so extremely simplified in sw and hw, to afford and allow for extreme verification of all hw and sw involved at all stages, including manufacturing and design of any critical components.

Possibly, the main problem is the same that has prevented us to see how far NSA had gone. There is a problem in the dynamics of IT security media and blogs, similar to other sectors, where a range of acceptable opinions are created, out of which all are paranoid.

Experts are still differentiating between mass surveillance and targeted surveillance. Whereas if what the most pessimist day about hardware vulnerabilities is true, than large scale undetectable targeted surveillance may be so low cost to render any encryption tools we are using or improving useless for the masses (or at least for its most active citizenry).

https://www.schneier.com/blog/archives/2014/06/could_keith_ale.html?utm_source=twitterfeed&utm_medium=twitter

http://www.wired.com/2014/06/remote-control-system-phone-surveillance/

The famous Blackphone is about to be http://www.pcworld.com/article/2362060/blackphones-coming-in-three-weeks-will-ship-in-millions-backers-say.html”>launched in 3 weeks:

Zimmermann. “If NSA really, really wants to get into just your phone … they’re going to get into your phone,” he said.

If this is supposed to be the best privacy-enhancing device out there, then “really, really” is terribly generic.

Tell us. How much would it cost them to get in it and what discoverability risk would they (or others) run into?!

Not having any control of manufacturing phase, nor of much prioritization firmware, and not having nearly enough verification on hw and sw components, how can you even assess such cost?!

If you can’t even begin to assess it for your blackphone, then, from what’s emerged with snowden, that cost may very well be so low that NSA may just by default get into each single Blackphone, just because its typical client is likely to have something of value to wrote or say!

http://www.theregister.co.uk/2014/06/12/safe_in_our_hands_security_industry_takes_a_hit_from_snowdens_year/

“The problem isn’t that we know the NSA is doing these things,” added privacy expert Bruce Schneier. “The real problem is that we don’t know what else the NSA is doing. Internet companies – hardware, software, service – simply cannot be trusted anymore.”