Re: This 're-build public trust' bollox...
I think it is very likely that the experts you heard from are great guys, and are genuinely not trying to tap, monitor, etc. It is even possible that everyone in NCSC is.
But the only way to earn trust is to completely separate NCSC from GCHQ, and make sure that NCSC staff are highly motivated and well trained not to trust what GCHQ are telling them, just like everyone else. This will be particularly hard for those who have the necessary security clearances to be briefed on secret threats by GCHQ: they will need special training to understand that just because they cannot reveal highly sensitive threat information, that does not mean they should trust the GCHQ guys.
Then NCSC might be able to start building trust. They could start by insisting that every threat, no matter how secret or how useful to GCHQ, will be publicly revealed in no more than 1 year. Revealing a few war stories at a conference is not useful and is not going towards building trust.
Biting the hand that feeds IT
