Find the answer to your Linux question:
Page 1 of 2 1 2 LastLast
Results 1 to 10 of 14
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1

    Is Any OS Really Secure?


    A former NETSEC CTO alleges that the FBI paid developers and companies to plant backdoors into the IPSEC stack of OpenBSD 10 years ago!

    FBI accused of planting backdoor in OpenBSD IPSEC stack

    If these allegations are true, it puts the OpenBSD in a bad position as they have claimed for many years that their OS is very secure and the code has been audited for any security flaws.

    It also makes one think about the OS they are using.
    Is it really secure or has the government placed backdoors in the flavor you are using?
    This is a very troubling story and if it is found to be true, it will have many developers and code writers scurrying to get hold of the source code of their favorite flavor of Linux and pour through piles of code looking for these backdoors.

    Windows and Mac users are out of luck as the source code for these OS's are not available to scrutiny. Besides it has been said for many years that Windows is backdoor'ed by the government.

  2. #2
    Windows and Mac users are out of luck
    I guess money can't buy you everything.
    I refuse to let fear and fear of others rule my life. It puts my humanity at risk.
    Accepting Death is the only way to stay alive.

  3. #3

  4. $spacer_open
    $spacer_close
  5. #4
    Penguin of trust elija's Avatar
    Join Date
    Jul 2004
    Location
    Either at home or at work or down the pub
    Posts
    3,907
    Quote Originally Posted by TaZMAniac View Post
    A former NETSEC CTO alleges that the FBI paid developers and companies to plant backdoors into the IPSEC stack of OpenBSD 10 years ago!

    FBI accused of planting backdoor in OpenBSD IPSEC stack

    If these allegations are true, it puts the OpenBSD in a bad position as they have claimed for many years that their OS is very secure and the code has been audited for any security flaws.

    It also makes one think about the OS they are using.
    Is it really secure or has the government placed backdoors in the flavor you are using?
    This is a very troubling story and if it is found to be true, it will have many developers and code writers scurrying to get hold of the source code of their favorite flavor of Linux and pour through piles of code looking for these backdoors.

    Windows and Mac users are out of luck as the source code for these OS's are not available to scrutiny. Besides it has been said for many years that Windows is backdoor'ed by the government.
    The only way, at the moment, to be secure on line is to only go online in a VM which is running in a VM. Breaking out of the first VM and attacking the host is trivial. Breaking out of the second one is much much harder to the point where I don't think it's been done. Yet!

    Live CD's are typically easy to compromise but obviously they are OK again when you reboot. Unless you store persistent data somewhere

    This is according to a security consultant friend of mine

    I think the only way to be truly secure is to not be networked in any way and to allow no-one else to use your machine.
    Should you be sitting wondering,
    Which Batman is the best,
    There's only one true answer my friend,
    It's Adam Bloody West!


    The Fifth Continent

  6. #5
    Quote Originally Posted by TaZMAniac View Post
    A former NETSEC CTO alleges that the FBI paid developers and companies to plant backdoors into the IPSEC stack of OpenBSD 10 years ago!

    FBI accused of planting backdoor in OpenBSD IPSEC stack

    If these allegations are true, it puts the OpenBSD in a bad position as they have claimed for many years that their OS is very secure and the code has been audited for any security flaws.

    It also makes one think about the OS they are using.
    Is it really secure or has the government placed backdoors in the flavor you are using?
    This is a very troubling story and if it is found to be true, it will have many developers and code writers scurrying to get hold of the source code of their favorite flavor of Linux and pour through piles of code looking for these backdoors.

    Windows and Mac users are out of luck as the source code for these OS's are not available to scrutiny. Besides it has been said for many years that Windows is backdoor'ed by the government.
    I don't know about Apple, but Microsoft has been giving governments (domestic and foreign) a copy of their source for years.

    Frequently asked questions (FAQ): About Microsoft programs for government agencies and organizations

  7. #6
    Linux Engineer rcgreen's Avatar
    Join Date
    May 2006
    Location
    the hills
    Posts
    1,134
    I don't know about Apple, but Microsoft has been giving governments (domestic and foreign) a copy of their source for years.
    Maybe Wikileaks will publish it.

  8. #7
    Linux Engineer MASONTX's Avatar
    Join Date
    May 2010
    Location
    Mason Texas
    Posts
    936
    Maybe Microsoft protects its secrets better than the government.
    Registered Linux user #526930

  9. #8
    Linux Guru Jonathan183's Avatar
    Join Date
    Oct 2007
    Posts
    3,083
    Quote Originally Posted by TaZMAniac View Post
    It also makes one think about the OS they are using.
    Is it really secure or has the government placed backdoors in the flavor you are using?
    This is a very troubling story and if it is found to be true, it will have many developers and code writers scurrying to get hold of the source code of their favorite flavor of Linux and pour through piles of code looking for these backdoors.
    Quote Originally Posted by rcgreen View Post
    Quote Originally Posted by elija View Post
    The only way, at the moment, to be secure on line is to only go online in a VM which is running in a VM. Breaking out of the first VM and attacking the host is trivial. Breaking out of the second one is much much harder to the point where I don't think it's been done. Yet!
    This is all worrying stuff ... at least with open source it will be more difficult to hide.

  10. #9
    One smart guy has once said: “If you need your data to be secure, put them into a thick-walled safe and and drop it at an unknown position into the ocean.”

    No operating system is really safe, everything can be compromised. The FBI might have built a backdoor into IPSec, but that doesn't mean that OpenBSD is completely insecure. It might still be more secure than many other operating systems. Also Linux could have some backdoors, some cryptographic systems like AES-256 are said to have backdoors, Windows might have backdoors. Nothing is 100% secure. The main problem is that you can prove that there is a hole if you've found it, but you can't make sure that there is no backdoor. Just because you haven't found any, it doesn't meant that there is none.

    But you shouldn't worry about that too much, because even if a system would be completely secure, it could still be compromised as soon as it's used. The greatest security risks is always PEBKAC.
    Refining Linux Advent calendar: 24 Outstanding ZSH Gems

  11. #10
    Linux Newbie
    Join Date
    Jul 2007
    Location
    Here. There. Anywhere.
    Posts
    157
    lol plus if the FBI are the only ones with access to these backdoors, you probably still gotta be in some sort of trouble to begin with in order to get them to use it.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •