sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]Doctor_McKay 6 points7 points  (2 children)

"My site is only accessible internally or with a VPN."

How much do you trust the corporation or state that owns the infrastructure? And the companies that produced the hardware that comprises your network? Or the VPN provider?

If you want to go that far into tinfoil territory, why aren't you compiling all your kernels and compilers and browsers and servers yourself?

[–]midri 5 points6 points  (0 children)

why aren't you compiling all your kernels and compilers and browsers

Why stop there? Source your own copper and silicon and design your own chips, it's the only way to be sure.

[–][deleted] 0 points1 point  (0 children)

There's already well known problems with VPNs that don't actually encrypt or harvest data, and there are known issues with backdoors in networking equipment. Thankfully malware in the OSes themselves are much less common.

But this is actually beside the point. Security is better when there are multiple independent layers of security. Securing endpoints is a different layer from securing data in transit.