I watched a video on YouTube and somebody mentioned something about a NSA approved applications now I'm no programer but that sounds like government agencies could force a backdoor into different apps, which from what little I know could potentially be exploited by blackhats as well. I'll leave the links bellow. But what's your thoughts? https://youtu.be/6TmRHd27_ww?t=388 https://ma.ttias.be/whats-new-systemd-2015-edition/
NSA isn't just about spying and sabotage, although I don't blame you for thinking that. They also have a duty to help defend the nations networks by approving apps and providing guidelines. An NSA approved app doesn't mean it has a backdoor in it.
Honestly I don't believe there the boogeyman nor would I deny they serve a purpose but if you suffer from paranoia like I do, things like this set off an alarm and makes me ask why do certain apps need approval by government agencies? I know that things becoming a lot more extreme regarding cyber crime but I'm having difficulty understanding why this part of systemd. Is because the nature of GNU Linux being a hacker/tinkerer friendly environment and thus making it a little bit like the wild west of operating sytems? I know most hacker prefer GNU Linux or BSD because the freedom it offers but that also includes blackhats and they of course develop & publish there own malicious tools through the underground/darkweb. That's my best guess why this is part of systemd.
systemd isn't that bad, it's actually pretty good at what it does. And it's GPL, so any programmer can look at the code. Using systemd on Linux is a good choice because otherwise you might have to consider the BSD's, which as you know have proprietary code running (firmware in the Kernel). The vanilla Linux Kernel also has closed-source firmware in the kernel (which makes me ask why hasn't Linus been sued so far), but there are free Distros that remove these firmware blobs, such as ***pure*** Debian (using the "Main" repository), and the ones listed here: https://www.gnu.org/distros/free-distros.html
That's correct, but SELinux is so complex I wouldn't doubt that it's quite easy to hide a backdoor there.
If you suffer from paranoia, then there's no reason to go into a technical discussion. As for something being approved, that does not translated into anything Could NSA do XYZ? Yes they could. But so could a big meteor strike Earth. It falls within the same realm of 'could'. Mrk
What is weird about my post? There is absolutely nothing that would make me of interest to them or any other law enforcement agency - foreign or domestic. I have some level of paranoia about malware. The biggest reason I use Fedora is the built in security features. Fedora Security Features Matrix https://fedoraproject.org/wiki/Security_Features_Matrix
Very bad comparison. NSA and other such governmental agencies of many countries can/could and do/did many things. It's enitrely possible for them to put backdoor in a complex piece of software, maybe in the form of intentional bugs which they can exploit later. They certainly have the reason to do such things. The big meteor has no such reason for wholesale killing of helpless people.
You have watched too much TV. For them to put ... where? How exactly? It's not magic. It's just code. Have you read Snowden thingies. Literally all of the 'hacking' was putting boxes into data centers. There was no code or such. Just adding your appliance into a rack and harvesting traffic. Mrk
Of course it isn't magic, we're dealing with HUMANS. Just to read and analize True Crypt's source code took what, more than 70.000 dollars and a handful of experts? Imagine what would take to read just Linux's (the Kernel) source code, which has almost 20 million lines of code. Making it more difficult: reading SELinux's code, which many developers/readers said it's waay to complex and could potentially hide unknown vulnerabilities. There's no way we can or will read the entire source code of every piece of software we use, we simply trust others. Heck, even OpenSSL, which was supposed to have thousands of people reading the code, had a major vulnerability that aparently no one could see. It is possible for the NSA to put a backdoor even on GPL software. There's no reason to discard such scenario. Lack of evidence doesn't mean lack of existance.
Exactly which is part of what bothers me because we have a lack of accountability and oversight for authorities just look at the police and how they abuse there power because of this. And its not like the police are bad its just part of are missed up society and if you suffer from mental health issues like I do then your more likely to be hassled by authorities, just look at all the violence most of it is done by mentally ill people and naturally the authorities are going to be on alert for those type of people just like with blackhats and the fact that a lot of use Linux. Also lets not forget about journalist, activist & watchdogs and how they've been targeted over the years by authorities. The problem isn't authorities but are societies corruption that needs to be changed.