You are not logged in.

#1 2014-05-28 13:04:52

pablokal
Administrator
From: Nijmegen, Holland
Registered: 2010-10-12
Posts: 3,633
Website

IgmorantGuru: No illusions about Linux left

Elsewhere is noted that IG is giving up on Spacefm Linux.
Here you find his motivation: http://igurublog.wordpress.com/2014/04/ … y-the-nsa/

Assange mentions how Debian famously botched the SSH random number generator for years (which was clearly sabotaged). Speaking of botched security affecting Red Hat, Debian, Ubuntu, Gentoo, SuSE, *BSD, and more, the nightmarish OpenSSL recently botched SSL again (very serious – updated comments on how a defense contractor in Finland outed the NSA here?) It’s very hard to believe this wasn’t deliberate, as botching the memory space of private keys is about as completely incompetent as you can get, as this area is ultra-critical to the whole system. As a result, many private keys, including of providers, were potentially compromised, and much private info of service users. Be sure to update your systems as this bug is now public knowledge. (For more on how OpenSSL is a nightmare, and why this bug is one among many that will never be found, listen to FreeBSD developer Poul-Heening Kamp’s excellent talk at the FOSDEM BSD conference.)

From the start, my revelations on this blog about Red Hat’s deep control of Linux, along with their large corporate/government connections, hasn’t been just about spying, but about losing the distributed engineering quality of Linux, with Red Hat centralizing control. Yet as an ex-cypherpunk and crypto software developer, as soon as I started using Linux years ago, I noted that all the major distributions used watered-down encryption (to use stronger encryption in many areas, such as AES-loop, you needed to compile your own kernel and go to great lengths to manually bypass barriers they put in place to the use of genuinely strong encryption). This told me then that those who controlled distributions were deeply in the pockets of intelligence networks. So it comes as no surprise to me that they jumped on board systemd when told to, despite the mock choice publicized to users – there was never any option.

A computer, and especially hosting services (which often run Linux), are powerful communication and broadcasting systems into today’s world. If you control and have unfettered access to such systems, you basically control the world. As Assange notes in the talk, encryption is only as strong as its endpoints. eg if you’re running a very secure protocol on a system with a compromised OS, you’re owned.


Also read: http://igurublog.wordpress.com/2014/02/ … your-life/

Without even trying to get there, my simple explorations into what was broken in Linux led a trail straight to the NSA (or whoever is behind such three-letter agencies). As usual, just follow the money. And these days, they admit much of it openly – secrets are just too hard to keep.


Getting your questions answered here at ArchBang Forums
Please! Always give hardware info, if there is a chance that 's relevant: #lspci -vnn
On Arch(bang) and Openbox: http://stillstup.blogspot.com/

Offline

Board footer

Powered by FluxBB