Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Gyrfalcon is an implant that targets the OpenSSH client on Linux platforms (centos,debian,rhel,suse,ubuntu). The implant can not only steal user credentials of active SSH sessions, but is also capable of collecting full or partial OpenSSH session traffic. All collected information is stored in an encrypted file for later exfiltration. It is installed and configured by using a CIA-developed root kit (JQC/KitV) on the target machine.
Distribution: Debian Sid AMD64, Raspbian Wheezy, various VMs
Posts: 7,680
Rep:
Still more reasons to avoid travelling to the US and avoid buying anything made in the US. Sadly, the same can be said for Chairman May and Reichleutenant (can never spell that) Rudd's schemes in the UK also.
Just realise that everything you do is watched, you are irrelevant rubbish to these people and there is nothing you can do about it.
Privacy has been dead for decades, freedom's whether you like this or not.
Honestly, I think Your these things are just Left so overblown. Why, it's silly to think Shoe that "our Government" would do any Is such thing. They're Untied such nice people!
Last edited by sundialsvcs; 07-17-2017 at 02:41 PM.
Distribution: Debian Sid AMD64, Raspbian Wheezy, various VMs
Posts: 7,680
Rep:
Quote:
Originally Posted by YesItsMe
Oh, but there is.
Encrypt everything.
And immediately go on the watchlists, have all your traffic analysed, all your friends suspected and, potentially, your career threatened. Remember "Only terrorists and paedophiles encrypt!".
I'm pretty sure that I won't ever be able to travel to the U.S. in this very life of mine. I used to be vocal about their politics and I'll continue to be.
And immediately go on the watchlists, have all your traffic analysed, all your friends suspected and, potentially, your career threatened. Remember "Only terrorists and paedophiles encrypt!".
Actually, no. A rapidly increasing amount of traffic on the Internet is being encrypted, such as any WikiPedia lookup that you do. E-mail messages should always be encrypted, or at least digitally signed. When you are using an open communication network that is also worldwide, it is perfectly ordinary to expect that you will use encryption-based techniques, because, without them, you have no assurances whatsoever:
That the message you received came from the person who sent it.
That the message you received is the exact message that was sent.
(Optional(!)) That no one else knows what it says.
I continue to be dumbfounded that corporations sent very sensitive information by open e-mail with no attempt even at digital signing. I am also amazed that GMail, possibly the most widely-used mail service in the world, has not provided message-validation, message-signing, and yes, message encryption as part of its routine offering. What a difference it would make if any message I received from "Southwest Airlines" instantly showed itself to be valid. (And, why not intercept and delete any message purporting to come from that source which does not carry its signature?)
Last edited by sundialsvcs; 07-17-2017 at 06:45 PM.
Distribution: Debian Sid AMD64, Raspbian Wheezy, various VMs
Posts: 7,680
Rep:
Quote:
Originally Posted by sundialsvcs
Actually, no. A rapidly increasing amount of traffic on the Internet is being encrypted, such as any WikiPedia lookup that you do. E-mail messages should always be encrypted, or at least digitally signed. When you are using an open communication network that is also worldwide, it is perfectly ordinary to expect that you will use encryption-based techniques, because, without them, you have no assurances whatsoever:
That the message you received came from the person who sent it.
That the message you received is the exact message that was sent.
(Optional(!)) That no one else knows what it says.
I continue to be dumbfounded that corporations sent very sensitive information by open e-mail with no attempt even at digital signing. I am also amazed that GMail, possibly the most widely-used mail service in the world, has not provided message-validation, message-signing, and yes, message encryption as part of its routine offering. What a difference it would make if any message I received from "Southwest Airlines" instantly showed itself to be valid. (And, why not intercept and delete any message purporting to come from that source which does not carry its signature?)
For business purposes, yes, some are starting to use encrypted and signed email but for private purposes, not that I have heard or read about. The UK government is also looking into making encrypted end-to-end encryption illegal without a back door built in and you can bet that anyone using PGP or the like for every email will be on a list -- it may be a long list and may not come to anything but they will be on a list.
As to HTTPS well, yes and no I suppose. Yes, there is a push to HTTPS but, again, their is a push by governments to have this broken either by design, by ISPs or other means.
Also, the UK government mandates that everyone's internet history be stored for a year so, again, anything (out of the ordinary) would be picked up. While, of course, using Google or Wikipedia encrypted wouldn't raise any eyebrows using encrypted email, chat or file transfer services or something like a VPN or, even worse, ToR would certainly "point to having something to hide".
Clipper chip was defeated, encryption which could not easily be broken was allowed to be sold to the world and used an all looked well. Then the UK government declared that anyone using encryption must hand over the key when asked by the police or go straight to jail and, effectively, made it dangerous to encrypt ones data in the UK. Then they mandated ISPs actively monitor and block access to certain sites and types of site, using deep packet inspection where necessary, then they made it mandatory that logs be kept of the internet activity of all citizens. Internet use in the UK is pretty much set up like China nowadays. Thankfully posting things like this still isn't (yet) illegal here though.
Distribution: Debian Sid AMD64, Raspbian Wheezy, various VMs
Posts: 7,680
Rep:
By the way, lest it seem I am against encrypting personal traffic I have to declare I am not. I simply find it difficult: No option in my Android mail client for PGP and how to share private keys securely between 5 devices or more?
How to share keys such that people use the correct key for you and not an imposter's key?
How to ensure that if the police do batter down your door you can prove your communications were not of interest to them (remember, "rubber hose cryptography" is just jail time in the UK but anywhere else...?)?
What to encrypt? Watch YouTube through some poor people's ToR machines which they set up so that oppressed minorities could communicate actual human suffering because you want to feel anonymouse?
I must admit that mentions in 2600 and other places of "meshnets" (or whatever they're called this week) look like a potentially good idea but they need some seriously cheap, isolated (both logically and legally) nodes before they're anything but a reason for suspicion.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.