Re: Possible deadly flaw - compromised software
The "random noise file" doesn't defend against the attack described - just deliberately not using the full random capabilities available.
Closed source security software is a misnomer. You have no way to analyse what a program is doing, or whether it's not waiting for some flag in the code to be activated (haven't NSA-named variables been found in Windows before now?). Until that point, it just does thing normally, afterwards it does what it likes and isn't being watched.
If you want any semblance of security, you must encrypt yourself using software you trust. Then you can send the resulting message over any computer, connection or service that you want, because only the intended recipients will be able to read it.
But relying on the OS for security is probably not a good idea at all. However, it also has access to all of memory for the entirety of a program's runtime. That means it's game over anyway.
If you want to be "secure" against a well-funded hostile adversary, securing information that that adversary wants (e.g. terrorist-related info etc.), you can't do things on a general purpose, closed-source OS. That's just ridiculous to even suggest.
And more and more stuff is being done in hardware - from AES acceleration and beyond, even on the Z14 mainframe that had an article yesterday. You have *no idea* if that's being done properly. You don't even know if it's using random numbers at all.
And for a long while, Debian was using certificates with both very limited Diffie-Hellman parameters and low value exponents in the keys chosen. So even open-source isn't safe, because nobody is really looking for such things.
And at the end of the day, your data needs to be accessible and you don't memorise 4096-bit keys. Your encryption strength is then only as secure as your access to the machine anyway and most hacks occur through privilege escalation of a process already allowed access to the encrypted data (e.g. database interfaces!).
This kind of encryption really secures only communication in transit, but we confuse it for encryption of all kinds of things. And I don't really believe there are many casual hackers out there sniffing raw packets off the Internet and then breaking the AES streams, even in government. Still our biggest problem is the software used to secure the system, by far. Because while you still have websites that don't hash and salt your password with a decent algorithm, and then never store your original password, and then run off-the-shelf webstores or CMS software, your data always going to be at risk.
It's much easier to compromise one of the endpoints that to bother to try to break an encrypted communication. And any encrypted data saved to disk is only as secure as the weakest credential used to access it (e.g. your network token, your fingerprint - STUPID! -, your memorisable boot password, etc.).