Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
@Tazza - I fully appreciate your point of view. However, this is not a technology issue, it's a political/life choices one.
Anyone with a brain must be concerned about the clear losses of freedom we are experiencing - pretty much worldwide.
What it comes down to is choosing your battles and deciding where you can do the most good.
For most people, standing up to the government as an individual (encrypting, etc.) would have very little impact and a very high cost. This isn't a game.
Joining a political movement to oppose these measures might have far more impact. It's really hard to tell if there's any solid ground left from which to make a stand.
We are seeing the price of standing up when you can make an impact as an individual. Chelsea Manning attempted suicide several times after being tortured extensively. Julian Assange and Edward Snowden are more or less living in political bunkers for the rest of their lives. And they each had some support from others - at least after the fact.
With stakes like these, we cannot presume to tell anyone else what choices they should make.
No one should throw away their life for nothing. There needs to be a clear path (at least from their personal point of view) to a reasonably likely positive outcome of some sort. And they each have to choose to make that sacrifice - because that's what it is.
Distribution: Debian Sid AMD64, Raspbian Wheezy, various VMs
Posts: 7,680
Rep:
Quote:
Originally Posted by josephj
For most people, standing up to the government as an individual (encrypting, etc.) would have very little impact and a very high cost. This isn't a game.
I this being my feeling. I recall, years ago, a suggestion that potentioal "trigger phrases" such as "bomb" and "asasinate" (and some more specific ones related to terrorism) be included in all email footers (preferably with the rest of the message encrypted) to annoy yhe people in Echelon. Now such things may well end up with the sender and recipient having criminal records and the tabloids ensuring they never work again.
Suits often think money can patch anything, including a severed artery. For them, public safety and national security is just some product to be traded and sold.
As long as there are suits in charge of private data collection and storage, profitability will always be more important than security.
Personally I'd trust the government and the military to map everything around me, but it depends on whether or not they outsource IT security to a private company.
I wouldn't trust such a company with my trashcan, there's nothing they can do to convince me the data is secure and not being sold to a dozen different companies.
My opinion is that outsourcing security of data collected (by the government) to a commercial company should be considered treason and MP should enforce it.
(BTW I'm nowhere near the states, but my entire country is in Msoft's pocket for quite some time.)
Products that map silently are the problem, but products that map you but someone else agreed to the terms instead of you are the real problem.
There are things that map the guy who agreed to terms on the thing that mapped you, and as a user there's no way to tell where the data is or where it's going.
IT sec needs to put military in charge, not a bunch of economists who only think of their pockets and how to extend them.
I'd rather stay a patriot and do time in prison for what I believe in, than betray everyone in the country by selling their personal lives to advertisers.
That said, I've done nothing against the government or military law. If they'd ask, all my keys would be waiting for them, I would even help them around the tripwire in my system.
My problem is just that certain foreign and domestic firms think they have the privilege to do the exact same thing the government does and store all my data without my permission.
It's the outsourcing I have a big problem with, someone makes a profit on data and then just lies about how it was leaked to save face, where they should've been charged with treason.
There's no "undo" button for that. It isn't security anymore at this point.
Distribution: Debian Sid AMD64, Raspbian Wheezy, various VMs
Posts: 7,680
Rep:
Quote:
Originally Posted by elcore
I'd rather stay a patriot and do time in prison for what I believe in, than betray everyone in the country by selling their personal lives to advertisers.
That said, I've done nothing against the government or military law. If they'd ask, all my keys would be waiting for them, I would even help them around the tripwire in my system.
My problem is just that certain foreign and domestic firms think they have the privilege to do the exact same thing the government does and store all my data without my permission.
It's the outsourcing I have a big problem with, someone makes a profit on data and then just lies about how it was leaked to save face, where they should've been charged with treason.
There's no "undo" button for that. It isn't security anymore at this point.
You do realise that your government treats you as a terrorist until proven otherwise? That just giving then one key makes them think you have others?
Religious terrorism is about as far away from my personal morality as it is possible to be but governments are not looking to stop it theykre torturing people picked up by civilians with guns because they get turned on by it, somehow. Really, read the links I posted and try to defend the perverted scum weho torture innocent people because they like it and for no other documented reason.
You do realise that your government treats you as a terrorist until proven otherwise?
There's more than enough proof, I know nothing about religion and have not left the country for like 30 years.
I think you missed my point, I don't know how it is on your island, but here they just outsource IT so any security we do downstream is moot.
Basically, the ms terms of service are accepted upstream for those like me, who don't accept the ms terms. Don't care about no religion.
So where did the data come from? It was collated from a number of browser plugins, according to Dewes, with the prime offender being “safe surfing” tool Web of Trust.
Funny story. Feels almost like the 'data broker' guy is unaware his telemetry-enabled OS leaks private data he was supposed to be responsible for, in plain text.
I'd bet a $10 they'll blame the person who reported the hole, like they did the other day with that poor Hungarian kid who altered the ticket price on a website.
Fell sorry for the person who had to parse my youtube music playlist though, probably had nightmares for weeks after that.
Distribution: Debian Sid AMD64, Raspbian Wheezy, various VMs
Posts: 7,680
Rep:
Quote:
Originally Posted by elcore
There's more than enough proof, I know nothing about religion and have not left the country for like 30 years.
And? If you use any secure communication channels you're a "terrorist".
Please don't tell me you actually think that our governments are trying to capture actual terrorists? They're far happier jailing people with no proof since it's much easier. Never left the country? Never heard of the Unabomber?
And? If you use any secure communication channels you're a "terrorist".
It's a stereotype, and the same as saying: You are "Canadian" if you happen to speak french.
The fact there is France where only a few are actual Canadians, and the fact there are Canadians who don't speak french doesn't matter?
Understand what you mean now, you probably haven't voted for this, the same as I haven't voted for ms taking over all IT n my country.
About that last part, no I don't go anywhere really, I'm a local, I know locals, was born about 5 clicks north from where I'm at.
Never heard of these people you linked.
Distribution: Debian Sid AMD64, Raspbian Wheezy, various VMs
Posts: 7,680
Rep:
Quote:
Originally Posted by elcore
It's a stereotype, and the same as saying: You are "Canadian" if you happen to speak french.
The fact there is France where only a few are actual Canadians, and the fact there are Canadians who don't speak french doesn't matter?
Understand what you mean now, you probably haven't voted for this, the same as I haven't voted for ms taking over all IT n my country.
About that last part, no I don't go anywhere really, I'm a local, I know locals, was born about 5 clicks north from where I'm at.
Never heard of these people you linked.
Indeed, but law enforcement love stereotypes. Indeed, we don't get to vote for or against this they just implements things as they like.
I mentioned the Unabomber because, unlike the innocent people I mentioned who were tortured by the US government for no reason, he actually was a terrorist but a "domestic" one. Meaning that one can be seen as a terrorist even if one has never left one's home town.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.