I disagree.

ToR has had problems (even if you discount 'maybe the NSA has shoved some code into ToR and/or control some ToR gateways there has already been malware that 'de-anonymized' ToR users).

VPNs are not 100% safe.

TrueCyrpt can be breakable.

This is the real crux of the problem though-

If there is a security issue/backdoor in any of the code used in a linux/BSD distro, its not going to matter to the end user if the distro is giving information to XXXX or if XXXX just takes it.

Ututo is Argentinian.....but its based on gentoo which is US based.

Most distros are 'based on' and if the parent distro has a security issue/backdoor, it probably will be in the child distro as well.

Even if the parent distro is free of security issues/backdoors/dodginess doesnt mean the child will be (e.g. debian and ubuntu.....debian doesnt report back to amazon LOL)

1 members found this post helpful.

Yep, what I see in the 99% of cases where there some client has had a security breach is that the human factor is the culprit. Be it malicious, poor level of knowledge on how sistems work or just plain stupdity, be that by the user or IT (critical PC´s with USB ports enabled)

Might try. But in aras of productivity, as for many I HAVE to mix OSes (autocad, ms office in some cases, that means windows + linux + some BSD (NAS)) I may start looking in to a dedicated PC with some FSF Linux based firewall. And keep critical PC´s completely OFF LINE, no internet, some true crypt or pgp disk for some plausible deniability, etc.

Well guys, THANKS A BUNCH for your advice. It IS a brave new world. Sad for me to see what is happening in what used to be the "land of the free". And I have that gut feeling it WILL get worse before it gets better. SAD

Don't use the internet at all. Face-to-face communication only.

IF I were doing something illegal, yes, that would be my advice also. But I am just trying to: maintain my privacy, avoid financial info leakage to competition, avoid employee snooping, and avoid gob snooping because me or my clients are not on the official side of things. Down here you can get an AFIP (our local IRS) total inspection that will stop nearly all your activities (= economical loss) during 2 months JUST FOR THINKING DIFFERENT. At the end if you have everything in order (taxes basically) they will go away without even an apology, It has happened. It IS real. It is Argentina today. We are talking politics, NOT terrorists.

Even if the US government slipped stuff into software, this is open source: someone would notice. A few years ago the French security service reported an obscure security risk they'd found in the source code of OpenOffice; I expect they'd checked all the software they use as well.

And as an Argentinian, you surely realise that the Casa Rosada is a far bigger menace than the White House!

yes sounds good. sadly if you are looking for non-US based distro, Debian and its forks, including Ubuntu and Mint are US based distros.

As mentioned above many distros are folks of core distros.

The reason I mix CentOS (a fork of RHEL) and Fedora is they are basically the same.

Its not different then use Debian as your server and Ubuntu or Mint as your workstations, they are basically the same, well not as much as RHEL/Fedora but still the hart of the kernel is close enough to mix and match with limited headaches.

One of the biggest reasons I use RedHat line of distros and forks is the fact that RedHat is one of the largest upstream providers of code out there in the FOSS world. So I support their products.

I was a huge Debian man, never much of a ubuntu fan for many reasons, until one of my last contracts. for 15mo i had to support roughly 3500 servers/workstations (i call em workstations as the idiot company was using Fedora 5/7/9 as SERVERS before they upgraded to CentOS 4, then 5, and 6 as i was leaving). I ran Fedora as my desktop to re-orient myself with the RH way of managing systems. I really like the path they are going down atm with systemd and more.

With RHEL 7 being based on Fedora 19, on of the best releases of Fedora in probably over a decade, I am truly looking forward to RHEL7 and its folks going live at the end of the year.

If the bad guys, NSA, FBI, CIA, MI6, crooks, etc... really want into my data, including customer financial information, then there is little i can do to 100% prevent this. I can make it more expensive for them by making it take longer and be more of a challenge to read the data once they get it.

By sticking with RHEL and its forks and workstations (Fedora) [*note* you will get the same benefit if you use Debian for everything as Debian and RedHat are two of the largest driving forces in FOSS Linux today for standards] encrypt what you can, set your network encryption over 2048 bit encryption, i personally use 4096 bit on my LAN, be smart with the people you work with (limit their access/knowledge how to access/ if they are not skilled enough to properly handle the data) back-up the data to an encrypted off site back up location that is also encrypted, etc...

and you will be able to keep things mostly secure. Remember the ONLY 100% secure computer in the world is unpluged, disconnected, zero power, placed into a room that is sealed with zero access to said computer. And even with all of that the data on the computer is still only secure until someone breaks into the room and removes the computer to apply power and gain physical access to the system ...

While that is impractical, it is still a very valid point. It is not about 100% security, it is about best practice and smart security.

I think your idea of keeping your critical systems off of the Internet is a fantastic idea, but also make sure that the server that is storing the data is kept off of the internet and possibly even on a separate subnet that is not accessible from computers that have internet access. This way if someone does breach your network, they will have yet a harder time accessing the data on the file server.

keep at it and good luck.

Yep. For me at least as Argentinian, for Americans no. If I were an American citizen I would be VERY worried about this snooping trend. America was a country made from cero by people that ran away from oppression in their home countries. Once you give in, even in a small thing, you give everything. For me It's sad.

Thanks, I got a LOT of learning to do in Linuxland :-) ... but that can be done. It's harder getting some users and even IT people to use their common sense ...

Considering that most Linux distributions are just re-packaging currently available software, the area of origin doesn't really matter. Keep in mind that corporations and governments that also contribute back to the kernel. As much as some people would like to believe, Linux isn't solely developed by hobbyists anymore.

If you're really that paranoid, then you should look into OpenBSD.

You may wish to wear tin foil on your head also. Linux is tested by both good and bad guys on the planet each day. Exactly what have you proved to be suspect????. To suggest that someone has some devious scheme is silly. (well, I'd never run backtrack, a distro made by some of the best hackers and I know to be suspicious) I'd also consider any Iron Curtain distro suspect until I tested it. If it doesn't match md5 and other crypto of other sources you can't be sure. If you think some distro is not secure then report it. Did you find any holes not on bug reports??

I don't care what distro you have it is not secure. If you want proven security then learn and use as many best practices as you can. Learn how many very common apps have very old holes in them so don't install them. See your local BSD distro for the most proven secure OS. BSD's are also not secure if you install junk and go to bad places on the network and leave ports open and run stuff as root and so on and so forth.


Mean ain't I?

Personally, I worry about automated crooks (sponsored by criminal nations) stealing intellectual and financial data. Everyone on this planet with half a brain knows how much spying some countries have been doing for decades on their own people. If you think China or Iran or North Korea is free then think again. Try living in a cast nation or one that still has slaves. Countries like Argentina may be full on honest hard working intelligent people who have been lied to by their government and news. I have lived in many countries and know that no country is immune to false news and such. Work together for good.

By the way, Mint and Ubuntu are not considered US distros.