No, you are. I'm talking about donations directly to a project through paypal, without an intermediary like kickstarter that offters the "money back" guarantee.
Ask yourself this question: same guys that raise $250k on Kickstarter for a board game sell that board game on their own web site and make jack shit. Why?
Because of the reasons outlined in my previous post, and that I repeat below.
Kickstarter adds nothing to the project. Why does the cash register ring only on Kickstarter but not on the project's own web site?
If you're unable to read, or to comprehend what is written, what's the point of asking? I'll answer again, in case it sinks in this time: because kickstarter doesn't allow obviously bad projects, doesn't take my money if the project doesn't make enough, and isn't under the control of the project's owner, allowing tricky questions to remain visible to potential donors.
On the project's own site, none of those things are assured. There's no guarantee that a failed project will give me my money back, there's no guarantee that the people who run it will not pretend inconvenient questions aren't being asked, and there's no guarantee that the project achieved a minimum amount of planning to make sure it at least has some chance of succeeding.
Better hope Indiegogo likes your project or it will get buried and rendered invisible by about day three.
You have to get it noticed by other websites of course. Like Slashdot, for instance.
Crowdfunding sites do absolutely nothing to help indie projects get off the ground. They collect their cut while they make rude gestures, and that's it.
Crowdfunding sites are about the only reason why I pay those projects in the first place. If it's not on kickstarter or on indiegogo, your chances of getting my money are very close to 0.
Frankly, I can't understand why anyone uses those sites. They're going to do all the work themselves. Why not keep all the money?
For the project starter, it offers a way to host the information, communicate with contributors, and receive money. All those things take time to do on your own, and the people doing the project would rather spend time on it, and not on setting up Apache, web sites, and working out how to deal with card payments.
For the contributor, it offers a filter that rejects the obvious crap. Also provides an intermediary that helps me waste less of my money. If a random project needs $100K to be viable and I donate through paypal, if they only make $10K, I can't really expect to get my money back. On kickstarter, that is assured.
On the project's own site, they control the interaction. They can ignore annoying questions and pretend everything is going great. On sites like kickstarter and indiegogo they can't do that, and it works as a great indicator to potential contributors about whether there's anything fishy about the project.
And I also don't believe for one fucking second that a bunch of clowns can put up a web page and raise $250,000 for a board game in four weeks. The fragrance coming off that shit makes my scam alarm strip naked and run into traffic.
And that's precisely why kickstarter and indiegogo are so awesome. You see what the project wants upfront. You lose no money if the required amount is not reached. People digging into the details of the project can post about it, and you can read their warnings.
There is still considerable risk of course, but so far I've not seen anything better than this. It's certainly loads better than to just send money through paypal to some random person.
Ok, since you liked it, I decided I'll think on this some more and give some more feedback. So:
Something I've learned is that marketing and complexity don't mix, so I agree our communication strategy is not optimal. We are trying to talk to too many audiences and doing a bad job with all of them. We'll try harder.
You need a good reason for why I would want this right off the start. And right now it's not there. Look at FON, who did part of what you are, much more successfully. The immediate question for something like this is "Why would I want to share my connection?", and FON answered "You'll earn money!". There, that's nice and sensible.
They also gave out their hardware at a ridiculously cheap price. They were selling those at a Linux convention and though the pretty much unanimous opinion was that the idea was silly, a lot of people still got one, because it was so cheap.
It's a server/router hybrid. We need to be clearer about that. The specs are competitive with what you'd find in the market for regular computers, but we thought it would be distracting to break them down because some of them are subject to change.
Does every single person need a server? I don't think most people do. There's also questions like how does this work, exactly? If I bought this thing and hooked it up, who is it serving to? Myself and perhaps whoever finds an open AP and connects to it? Seems like a waste of money. I don't really have anything to serve to random passers-by.
Why have a powerful router? Why not something with the power of a Raspberry Pi, that you stick a SD card or flash drive into, if you want? The few people needing a serious server capable of more than serving cat photos can buy it separately.
Because at scale, the idea turns your internet acquisition cost into a one time cost.
Only if there are tens of millions of these things around. Otherwise you pay for this and you pay your usual ISP.
Sharing your connection: For better performance and your privacy.
Many ISPs have rules against this. How does sharing your connection and allowing random people to torrent things improve performance? It maybe improves privacy in the sense of confusing what you're accessing and what other people do, but these days that means that one day the police will break in, grab all your hardware and try to figure out whether it was you or not who downloaded child porn. There's a good reason why few people run tor exit nodes.
Oh yeah, this thing apparently runs tor. If it runs an exit node, you're not going to have better performance at all, as well as making it risky for the owner. If it doesn't, and this is successful, you're going to overload the tor network.
I admit there are critical mass issues, and this is a very legitimate criticism of the project. Our strategy to bootstrap this network is to run our network over the regular internet until such time that it spreads to someone near you in physical proximity.
Is it really going to work in a city? I live in one. My wifi signal is junk at the most distant room and I finally had to give up and just run some cable. Pretty much every single house with internet access in a city has a wifi router, because that's what an ISP gives you. Which means every possible channel is already clogged. I don't see this reaching any useful distance.
It's also a very niche, geeky, and expensive thing. I'm sure that in my building I'm the only person who has the slightest chance of being interested in such a thing, and given the wifi quality around here it can't possibly reach any nearby ones.
I don't think it's nonsense. We are trying to turn internet acquisition into a one time cost. It's a high price, why we were asking people to get in touch with internet.org for us and ask them to talk to us. We've now made con
"Upliink"? Took me a while to notice there are two "i"s there for some bizarre reason. As a result, googling for it failed. If you're going to make up words, at least don't make them confusingly similar to normal ones.
Half a million is an awful lot of money. $430 is a lot for a router.
It's not clear at all what it does. IPv6 internet? What is that?
Sharing the connection with nearby people? Why would I want to?
Mesh networking. How is this going to scale? What performance and latency do you expect? How likely is it that two users will find one another? You need a huge amount of deployed devices for this to work, especially for ones in fixed locations.
There's some nonsense in the video about the number of people in the world without internet access. A $430 device sold in first world countries won't do anything to address that.
It's an enormous mish-mash of things. Android, mesh networking, some nebulous IPv6 internet, a web browser, an API for I don't know what... seriously, I'm well versed in tech, but I have no clue what is all this about. And that is a bad sign.
TL;DR: it's unclear what it does, why would I want to participate, and it's very expensive. Why aren't you developing alternative firmware for cheap wifi routers, for instance?
Who cares? A consumer router is going to run well enough with either, and won't have a 10 page long list of firewall rules to slow things down.
I have a router running Linux and it deals with a 100 Mbps fiber line just fine. Running BSD on it isn't going to make any difference except for me having to learn how to do things in FreeBSD.
For ensuring the safety of your outgoing traffic, it doesn't matter at all whether you can trust your router or not. It's just one step away from a router at your ISP, which you can't trust, and which can be assumed to be malicious.
It's a bit different for ensuring the safety of your internal network, though. If you think there might be any reason why the NSA, government or whoever might want to reach inside your personal network, then you certainly should avoid any closed solutions and keep it under as much control as possible. That router might well hiddenly allow people that know how to access your network without permission.
The Oculus, as awesome as it is, only works well with linear movement. It's great for space, mech, plane and car sims. Basically any game where you're in a cabin. Once you want to walk around like a real person you find out that you can't turn around, and moving the camera out of sync with the head is disorienting.
I considered getting an Omni, but in the end decided not to because: it's very heavy and would cost a fortune to ship, it takes a lot of space that I don't have, and I'm not sold on the whole slippery surface with special shoes thing.
But I do absolutely think that an omnidirectional treadmill would be a great addition. Just probably not this particular one.
It is entirely unimportant whether he's a coward or not. He released information that needed to be released, and that had an effect.
"anyone with half a brain realizes that the very definition of a spy agency is that it spies on people" -- of course, but there are some important bits here:
1. For a long time, people thought it only spied on foreigners. Americans supposedly had a right to privacy and needed a court order 2. Then people figured out that Americans were spied on too, and tried to go to the courts to stop it. But the courts refused because you need to have evidence of it happening. And how do you get evidence of that a secret government program is spying on you?
It's ridiculous to pretend that Snowden didn't release anything new. If he didn't, why are we talking about this? Why is there a panel, and why is the industry trying to convince the US President to have it stopped?
The squirrel on speed is part of the problem, the other is turning around, which is going to be needed in pretty much any FPS.
Something as simple as walking around corners in HL2 doesn't work. On the first turn you can sort of manage, but it's uncomfortable. On reaching the second corner in the same direction you have to look backwards from where you started, and are getting tangled in whatever wires you're attached to. Using a keyboard doesn't work.
So the alternative is using the mouse and moving the camera while your head is in place -- that's right when nausea starts setting in.
Navigating a 3D world comfortably seems to almost require an omnidirectional treadmill, unfortunately.
My findings so far is that anything that's like a FPS where you have to run around like mad and turn around constantly is going to make you very sick, very fast. And HL2 also has things like the screen freezing when the next area is being loaded, which is absolutely vomit inducing.
What seems to work best is constant linear movement, like the roller coaster. The next best thing is slow, reflexive games, where you move at human speeds and have time to gawk at the environment.
I think FPSes are going to need something like the Virtuix Omni. With that, you can turn around completely without forcing the camera to move out of sync, and that should fix most of the problem.
It's not really clear what it's doing. The photos show square bits of metal, and no signs of any kind of additive manufacturing. This looks more like a computer controlled metal cutter. Which is nice and all, but not really a 3D printer.
When I heard "metal printer" I thought it was a laser sintering machine or something of that kind.
SSDs aren't for mass storage. You're better off with hard drives or tape for that.
SSDs are for blindingly fast performance first, everything else second. Install your OS and applications on a SSD. Keep your movie and music collection on a hard drive.
The same trick would work with powerlines or any other infrastructure. And the practice would fail for another reason: near everybody these days has a cell phone with GPS.
Assuming there's indeed no benefit to them, I don't see the point to this.
All it does is to maintain ideological purity for its own sake. This alternative is less convenient, a slower means towards the same end, and on the long term has the same result, just slower.
Nope, not solved. All it means is that the 100000 morons using "password" as the password won't have the same hash. So the attackers won't be able to find out which accounts share the same password and focus on those, and won't be able to use a pre-computed dictionary.
It is however trivial to hash "password" 38 million times for each salt, on modern hardware probably in seconds.
The salting does provide an improvement, but when you have 38 million accounts, breaking even 1% already gives you a huge amount of successes. Salting doesn't do much against checking the list against the 100 best known passwords. 3800 million is a small number for a GPU accelerated password cracker.
Hashing doesn't help that much with a database this large.
Simply check the 38 million for "password", "secret", and the username. Guaranteed to have an enormous amount of successful hits that way.
I wouldn't be surprised if a million were trivially breakable in this manner, in just a few minutes if not less. If you can make $1 from each, that's a nice chunk of cash you just got.
The main advantage of this is moving protocol knowledge out of the kernel into userspace.
Which means that the kernel doesn't need a million modules that understand the various bits of various protocols. If something new comes up, the userspace compiler can patched to deal with it.
It should also make the kernel part much smaller and easier to make secure.
AES-256 on my old laptop works at 65 MB/s. AES-128 goes at 90MB/s. This might be a bit of a problem if you've got a gigabit LAN and are using it to full capacity, but given that googling stuff amounts to about 24K there's no way that is making a noticeable difference.
Because the US government has requirements about what it accepts.
You can't just implement whatever algorithm you like, then sell a router with that to the government. It must comply with whatever standard the government decided to adopt. And given that the government buys a lot of things, it wouldn't make economical sense to make equipment you could never sell to them.
This snowballs, and effectively sets a global standard for encryption. Sure, in your home you can do whatever you like, but the important thing is the security of the internet as a whole, and all of that is made of hardware and software that wants to be able to be used by the US government, and as such must support whatever standard it decides to adopt.
NSA goes to Verisign (for instance). Says "please sign our key for google.com". Verisign signs it. NSA intercepts traffic between google.com and you. Browser deems cert as valid, as Verisign signed it, and you seem to be connecting to google.com.
The CA system is weak because so long the connection is signed by a CA in the browser's list, the browser doesn't care which it is, even if it changes on a daily basis. If you can convince any CA in the list to sign what you need, you have a way to set up a MITM attack the browser won't warn you about.
The important thing isn't Google's servers, but the Certificate Authorities.
All that the NSA has to do is to get some CA to emit certificates for Google's domains. Then they can easily place themselves as a man in the middle, and the user won't notice.
Slashdot Mirror
Do you really want me to make a list of all the bullshit projects that have shown up on Kickstarter in the last few months?
Sure, if it makes you happy.
No guarantee that a successful project will ship anything either.
According to the updates and comments of the project you linked, it shipped. Tsk.
$700,000 for this?
Well, when 5000 people buy something in the ~$100 and above dollar range, yes, the result is a lot of money.
What are you whining about, are you jealous?
No, you are. I'm talking about donations directly to a project through paypal, without an intermediary like kickstarter that offters the "money back" guarantee.
Ask yourself this question: same guys that raise $250k on Kickstarter for a board game sell that board game on their own web site and make jack shit. Why?
Because of the reasons outlined in my previous post, and that I repeat below.
Kickstarter adds nothing to the project. Why does the cash register ring only on Kickstarter but not on the project's own web site?
If you're unable to read, or to comprehend what is written, what's the point of asking? I'll answer again, in case it sinks in this time: because kickstarter doesn't allow obviously bad projects, doesn't take my money if the project doesn't make enough, and isn't under the control of the project's owner, allowing tricky questions to remain visible to potential donors.
On the project's own site, none of those things are assured. There's no guarantee that a failed project will give me my money back, there's no guarantee that the people who run it will not pretend inconvenient questions aren't being asked, and there's no guarantee that the project achieved a minimum amount of planning to make sure it at least has some chance of succeeding.
Better hope Indiegogo likes your project or it will get buried and rendered invisible by about day three.
You have to get it noticed by other websites of course. Like Slashdot, for instance.
Crowdfunding sites do absolutely nothing to help indie projects get off the ground. They collect their cut while they make rude gestures, and that's it.
Crowdfunding sites are about the only reason why I pay those projects in the first place. If it's not on kickstarter or on indiegogo, your chances of getting my money are very close to 0.
Frankly, I can't understand why anyone uses those sites. They're going to do all the work themselves. Why not keep all the money?
For the project starter, it offers a way to host the information, communicate with contributors, and receive money. All those things take time to do on your own, and the people doing the project would rather spend time on it, and not on setting up Apache, web sites, and working out how to deal with card payments.
For the contributor, it offers a filter that rejects the obvious crap. Also provides an intermediary that helps me waste less of my money. If a random project needs $100K to be viable and I donate through paypal, if they only make $10K, I can't really expect to get my money back. On kickstarter, that is assured.
On the project's own site, they control the interaction. They can ignore annoying questions and pretend everything is going great. On sites like kickstarter and indiegogo they can't do that, and it works as a great indicator to potential contributors about whether there's anything fishy about the project.
And I also don't believe for one fucking second that a bunch of clowns can put up a web page and raise $250,000 for a board game in four weeks. The fragrance coming off that shit makes my scam alarm strip naked and run into traffic.
And that's precisely why kickstarter and indiegogo are so awesome. You see what the project wants upfront. You lose no money if the required amount is not reached. People digging into the details of the project can post about it, and you can read their warnings.
There is still considerable risk of course, but so far I've not seen anything better than this. It's certainly loads better than to just send money through paypal to some random person.
Ok, since you liked it, I decided I'll think on this some more and give some more feedback. So:
Something I've learned is that marketing and complexity don't mix, so I agree our communication strategy is not optimal. We are trying to talk to too many audiences and doing a bad job with all of them. We'll try harder.
You need a good reason for why I would want this right off the start. And right now it's not there. Look at FON, who did part of what you are, much more successfully. The immediate question for something like this is "Why would I want to share my connection?", and FON answered "You'll earn money!". There, that's nice and sensible.
They also gave out their hardware at a ridiculously cheap price. They were selling those at a Linux convention and though the pretty much unanimous opinion was that the idea was silly, a lot of people still got one, because it was so cheap.
It's a server/router hybrid. We need to be clearer about that. The specs are competitive with what you'd find in the market for regular computers, but we thought it would be distracting to break them down because some of them are subject to change.
Does every single person need a server? I don't think most people do. There's also questions like how does this work, exactly? If I bought this thing and hooked it up, who is it serving to? Myself and perhaps whoever finds an open AP and connects to it? Seems like a waste of money. I don't really have anything to serve to random passers-by.
Why have a powerful router? Why not something with the power of a Raspberry Pi, that you stick a SD card or flash drive into, if you want? The few people needing a serious server capable of more than serving cat photos can buy it separately.
Because at scale, the idea turns your internet acquisition cost into a one time cost.
Only if there are tens of millions of these things around. Otherwise you pay for this and you pay your usual ISP.
Sharing your connection: For better performance and your privacy.
Many ISPs have rules against this. How does sharing your connection and allowing random people to torrent things improve performance? It maybe improves privacy in the sense of confusing what you're accessing and what other people do, but these days that means that one day the police will break in, grab all your hardware and try to figure out whether it was you or not who downloaded child porn. There's a good reason why few people run tor exit nodes.
Oh yeah, this thing apparently runs tor. If it runs an exit node, you're not going to have better performance at all, as well as making it risky for the owner. If it doesn't, and this is successful, you're going to overload the tor network.
I admit there are critical mass issues, and this is a very legitimate criticism of the project. Our strategy to bootstrap this network is to run our network over the regular internet until such time that it spreads to someone near you in physical proximity.
Is it really going to work in a city? I live in one. My wifi signal is junk at the most distant room and I finally had to give up and just run some cable. Pretty much every single house with internet access in a city has a wifi router, because that's what an ISP gives you. Which means every possible channel is already clogged. I don't see this reaching any useful distance.
It's also a very niche, geeky, and expensive thing. I'm sure that in my building I'm the only person who has the slightest chance of being interested in such a thing, and given the wifi quality around here it can't possibly reach any nearby ones.
I don't think it's nonsense. We are trying to turn internet acquisition into a one time cost. It's a high price, why we were asking people to get in touch with internet.org for us and ask them to talk to us. We've now made con
Some comments:
"Upliink"? Took me a while to notice there are two "i"s there for some bizarre reason. As a result, googling for it failed. If you're going to make up words, at least don't make them confusingly similar to normal ones.
Half a million is an awful lot of money. $430 is a lot for a router.
It's not clear at all what it does. IPv6 internet? What is that?
Sharing the connection with nearby people? Why would I want to?
Mesh networking. How is this going to scale? What performance and latency do you expect? How likely is it that two users will find one another? You need a huge amount of deployed devices for this to work, especially for ones in fixed locations.
There's some nonsense in the video about the number of people in the world without internet access. A $430 device sold in first world countries won't do anything to address that.
It's an enormous mish-mash of things. Android, mesh networking, some nebulous IPv6 internet, a web browser, an API for I don't know what... seriously, I'm well versed in tech, but I have no clue what is all this about. And that is a bad sign.
TL;DR: it's unclear what it does, why would I want to participate, and it's very expensive. Why aren't you developing alternative firmware for cheap wifi routers, for instance?
Who cares? A consumer router is going to run well enough with either, and won't have a 10 page long list of firewall rules to slow things down.
I have a router running Linux and it deals with a 100 Mbps fiber line just fine. Running BSD on it isn't going to make any difference except for me having to learn how to do things in FreeBSD.
For ensuring the safety of your outgoing traffic, it doesn't matter at all whether you can trust your router or not. It's just one step away from a router at your ISP, which you can't trust, and which can be assumed to be malicious.
It's a bit different for ensuring the safety of your internal network, though. If you think there might be any reason why the NSA, government or whoever might want to reach inside your personal network, then you certainly should avoid any closed solutions and keep it under as much control as possible. That router might well hiddenly allow people that know how to access your network without permission.
Router manufacturers also have been caught rewriting pages to insert ads. Here is one example of such a thing.
No, this kind of thing will be needed.
The Oculus, as awesome as it is, only works well with linear movement. It's great for space, mech, plane and car sims. Basically any game where you're in a cabin. Once you want to walk around like a real person you find out that you can't turn around, and moving the camera out of sync with the head is disorienting.
I considered getting an Omni, but in the end decided not to because: it's very heavy and would cost a fortune to ship, it takes a lot of space that I don't have, and I'm not sold on the whole slippery surface with special shoes thing.
But I do absolutely think that an omnidirectional treadmill would be a great addition. Just probably not this particular one.
It is entirely unimportant whether he's a coward or not. He released information that needed to be released, and that had an effect.
"anyone with half a brain realizes that the very definition of a spy agency is that it spies on people" -- of course, but there are some important bits here:
1. For a long time, people thought it only spied on foreigners. Americans supposedly had a right to privacy and needed a court order
2. Then people figured out that Americans were spied on too, and tried to go to the courts to stop it. But the courts refused because you need to have evidence of it happening. And how do you get evidence of that a secret government program is spying on you?
It's ridiculous to pretend that Snowden didn't release anything new. If he didn't, why are we talking about this? Why is there a panel, and why is the industry trying to convince the US President to have it stopped?
The squirrel on speed is part of the problem, the other is turning around, which is going to be needed in pretty much any FPS.
Something as simple as walking around corners in HL2 doesn't work. On the first turn you can sort of manage, but it's uncomfortable. On reaching the second corner in the same direction you have to look backwards from where you started, and are getting tangled in whatever wires you're attached to. Using a keyboard doesn't work.
So the alternative is using the mouse and moving the camera while your head is in place -- that's right when nausea starts setting in.
Navigating a 3D world comfortably seems to almost require an omnidirectional treadmill, unfortunately.
Apparently Hawken finally added support after promising to for a very long time
Going to try it out now.
Yep, vehicles are awesome.
The only really playable part of HL2 in the Oculus is the part in the airboat. It feels amazing.
Yep, I agree. HL2 is a bad fit for the Oculus.
My findings so far is that anything that's like a FPS where you have to run around like mad and turn around constantly is going to make you very sick, very fast. And HL2 also has things like the screen freezing when the next area is being loaded, which is absolutely vomit inducing.
What seems to work best is constant linear movement, like the roller coaster. The next best thing is slow, reflexive games, where you move at human speeds and have time to gawk at the environment.
I think FPSes are going to need something like the Virtuix Omni. With that, you can turn around completely without forcing the camera to move out of sync, and that should fix most of the problem.
It's not really clear what it's doing. The photos show square bits of metal, and no signs of any kind of additive manufacturing. This looks more like a computer controlled metal cutter. Which is nice and all, but not really a 3D printer.
When I heard "metal printer" I thought it was a laser sintering machine or something of that kind.
SSDs aren't for mass storage. You're better off with hard drives or tape for that.
SSDs are for blindingly fast performance first, everything else second. Install your OS and applications on a SSD. Keep your movie and music collection on a hard drive.
The same trick would work with powerlines or any other infrastructure. And the practice would fail for another reason: near everybody these days has a cell phone with GPS.
Assuming there's indeed no benefit to them, I don't see the point to this.
All it does is to maintain ideological purity for its own sake. This alternative is less convenient, a slower means towards the same end, and on the long term has the same result, just slower.
Why go with the least efficient approach?
Nope, not solved. All it means is that the 100000 morons using "password" as the password won't have the same hash. So the attackers won't be able to find out which accounts share the same password and focus on those, and won't be able to use a pre-computed dictionary.
It is however trivial to hash "password" 38 million times for each salt, on modern hardware probably in seconds.
The salting does provide an improvement, but when you have 38 million accounts, breaking even 1% already gives you a huge amount of successes. Salting doesn't do much against checking the list against the 100 best known passwords. 3800 million is a small number for a GPU accelerated password cracker.
Hashing doesn't help that much with a database this large.
Simply check the 38 million for "password", "secret", and the username. Guaranteed to have an enormous amount of successful hits that way.
I wouldn't be surprised if a million were trivially breakable in this manner, in just a few minutes if not less. If you can make $1 from each, that's a nice chunk of cash you just got.
The main advantage of this is moving protocol knowledge out of the kernel into userspace.
Which means that the kernel doesn't need a million modules that understand the various bits of various protocols. If something new comes up, the userspace compiler can patched to deal with it.
It should also make the kernel part much smaller and easier to make secure.
Whatever your problem is, it's not with SSL.
AES-256 on my old laptop works at 65 MB/s. AES-128 goes at 90MB/s. This might be a bit of a problem if you've got a gigabit LAN and are using it to full capacity, but given that googling stuff amounts to about 24K there's no way that is making a noticeable difference.
Because the US government has requirements about what it accepts.
You can't just implement whatever algorithm you like, then sell a router with that to the government. It must comply with whatever standard the government decided to adopt. And given that the government buys a lot of things, it wouldn't make economical sense to make equipment you could never sell to them.
This snowballs, and effectively sets a global standard for encryption. Sure, in your home you can do whatever you like, but the important thing is the security of the internet as a whole, and all of that is made of hardware and software that wants to be able to be used by the US government, and as such must support whatever standard it decides to adopt.
It's got nothing to do with the private key.
NSA goes to Verisign (for instance). Says "please sign our key for google.com". Verisign signs it. NSA intercepts traffic between google.com and you. Browser deems cert as valid, as Verisign signed it, and you seem to be connecting to google.com.
The CA system is weak because so long the connection is signed by a CA in the browser's list, the browser doesn't care which it is, even if it changes on a daily basis. If you can convince any CA in the list to sign what you need, you have a way to set up a MITM attack the browser won't warn you about.
The important thing isn't Google's servers, but the Certificate Authorities.
All that the NSA has to do is to get some CA to emit certificates for Google's domains. Then they can easily place themselves as a man in the middle, and the user won't notice.
No access to Google's servers necessary, then.