Jump to content



Photo

[NSA Opt-Out] Alternatives to Proprietary Softwares

oss foss nsa prism opt out

  • Please log in to reply
24 replies to this topic

#16 Max Norris

Max Norris

    Neowinian Senior

  • Tech Issues Solved: 14
  • Joined: 20-February 11
  • OS: Windows, BSD Unix, Occasionally OSX or Linux
  • Phone: HTC One (Home) Lumia 1020 (Work)

Posted 27 October 2013 - 18:39

The point was using OSS in such a case provide assurances that your system cannot be compromised by a unknown backdoor installed by a 3rd-party vendor.

That's a bit of a stretch. The core OS as delivered from the distribution, sure, of course excluding services not on your system given by the distro, just a bit of tinfoil but who's to say Canonical isn't handing over your search terms and other user data from Unity for example? It's already going to Amazon, why not the NSA too? And no, I'm just pulling that out of thin air as a hypothetical example.. if it were true you wouldn't know. But after the fact? No. Any OS can be compromised regardless of who made it, especially since you would theoretically run software outside of what was given to you out of the box to begin with, even on Linux not all of some very common software is open source, and that's completely ignoring the obvious issues that can be done as malware. That's discounting any unproven tin-foil conspiracy theories of course.


#17 Athernar

Athernar

    ?

  • Joined: 15-December 04

Posted 27 October 2013 - 18:53

That's a bit of a stretch. The core OS as delivered from the distribution, sure, of course excluding services not on your system given by the distro, just a bit of tinfoil but who's to say Canonical isn't handing over your search terms and other user data from Unity for example? It's already going to Amazon, why not the NSA too? And no, I'm just pulling that out of thin air as a hypothetical.. if it were true you wouldn't know. But after the fact? No. Any OS can be compromised regardless of who made it, especially since you would theoretically run software outside of what was given to you out of the box to begin with, even on Linux not all of some very common software is open source. That's discounting any unproven tin-foil conspiracy theories of course.

 

Problem with the above here is you assume I use Ubuntu. I don't trust Canonical to make good technical decisions, let alone that they're not passing on data.

 

Distros such as Arch or Gentoo however offer the platform in which you can establish trust.



#18 +riahc3

riahc3

    Neowin's most indecisive member

  • Tech Issues Solved: 11
  • Joined: 09-April 03
  • Location: Spain
  • OS: Windows 7
  • Phone: HTC Desire Z

Posted 27 October 2013 - 18:58

Hello,

You are correct on that. Nothing is fool proof. Unless you use tor or some other secure VPN solution, everything is logged via your ISP. The idea (at least to me) is not to eliminate spying (you're living in a dream world if you think that is possible), but control what information you share. What a user feels comfortable sharing is solely up to the user. This chart simply provides options and answers to the particular user's questions on what to replace with an audited OSS version.  :)

tor AFAIK is open source. A small bug in the code could be found, not disclosed, and your encrypted information can still be seen.

With this, I want to comment that using open source software is not more or less secure. Im just stating a possibility...

#19 vetmarkjensen

markjensen

    Linux noob since Red Hat 5.1

  • Joined: 02-October 03
  • Location: Middle Tennessee
  • OS: GNU/Linux
  • Phone: Android and iPhone

Posted 27 October 2013 - 19:00

That's a bit of a stretch. The core OS as delivered from the distribution, sure, of course excluding services not on your system given by the distro, just a bit of tinfoil but who's to say Canonical isn't handing over your search terms and other user data from Unity for example? It's already going to Amazon, why not the NSA too? And no, I'm just pulling that out of thin air as a hypothetical example.. if it were true you wouldn't know. But after the fact? No. Any OS can be compromised regardless of who made it, especially since you would theoretically run software outside of what was given to you out of the box to begin with, even on Linux not all of some very common software is open source, and that's completely ignoring the obvious issues that can be done as malware. That's discounting any unproven tin-foil conspiracy theories of course.

I think that Athernar's point was that with FLOSS, you can at least know the source is out there to be audited (and, if you are a tinfoil-hatter, you can audit it yourself).  There is zero chance of auditing closed source software.

Then, once you are comfortable that the source is clean, and not able to skim data off and send to an outsider, you can use secure tunnelling, personal encryption (GPG/PGP), TOR or any other such tools to ensure that you have the best chance of either being undetected, or at least suitably encrypted if your email, etc is intercepted.

Again. Tinfoil hat stuff.  I'm happy just as I am, and if the NSA wants to skim the headers of my emails to see I am getting spammed for reduced mortgage rates and such, so be it.  Google, Microsoft, my cable ISP etc all can already read the entire contents of my mail already.  I just don't get my panties in a twist over it.  Privacy is pretty much dead already.



#20 OP f0rk_b0mb

f0rk_b0mb

    Neowinian Senior

  • Tech Issues Solved: 3
  • Joined: 02-June 12
  • Location: 'Murica
  • OS: Windows, Linux, OS X
  • Phone: Motorola Moto G

Posted 27 October 2013 - 19:37

By using open source software, it makes it a hell of a lot harder, expensive, and time consuming for the NSA to do anything. The code is also open source--full audits are done every day on it and nobody has found anything. Do you really think the NSA is that stupid to put a backdoor in freely accessible code? Hell no they aren't! The NSA was laying low--if it wasn't for Snowden, we still wouldn't know about this. 



#21 OP f0rk_b0mb

f0rk_b0mb

    Neowinian Senior

  • Tech Issues Solved: 3
  • Joined: 02-June 12
  • Location: 'Murica
  • OS: Windows, Linux, OS X
  • Phone: Motorola Moto G

Posted 27 October 2013 - 19:40

Hello,
tor AFAIK is open source. A small bug in the code could be found, not disclosed, and your encrypted information can still be seen.

With this, I want to comment that using open source software is not more or less secure. Im just stating a possibility...

 

Whoops marked you post as solved. Didn't mean to do that. :D

 

 

Anyway, It's open source. If a bug is found, it will be resolved very quickly. I highly doubt there's going to be a bug that compromises encryption.



#22 n_K

n_K

    Neowinian Senior

  • Tech Issues Solved: 3
  • Joined: 19-March 06
  • Location: here.
  • OS: FreeDOS
  • Phone: Nokia 3315

Posted 27 October 2013 - 20:48

By using open source software, it makes it a hell of a lot harder, expensive, and time consuming for the NSA to do anything. The code is also open source--full audits are done every day on it and nobody has found anything. Do you really think the NSA is that stupid to put a backdoor in freely accessible code? Hell no they aren't! The NSA was laying low--if it wasn't for Snowden, we still wouldn't know about this. 

Are you high? They put backdoors in encryption, NO-ONE noticed until snowdens leaked stuff. NSA made and released SELinux plus it was rumoured the FBI has a backdoor in the *BSD TCP/IP stack, no-ones found intentional bugs in either, that doesn't mean there isn't any, and if they have hidden backdoors you can bet your darn arse off they've tried VERY HARD to make sure no-one finds it.



#23 vetmarkjensen

markjensen

    Linux noob since Red Hat 5.1

  • Joined: 02-October 03
  • Location: Middle Tennessee
  • OS: GNU/Linux
  • Phone: Android and iPhone

Posted 28 October 2013 - 02:17

Are you high? They put backdoors in encryption, NO-ONE noticed until snowdens leaked stuff. NSA made and released SELinux plus it was rumoured the FBI has a backdoor in the *BSD TCP/IP stack, no-ones found intentional bugs in either, that doesn't mean there isn't any, and if they have hidden backdoors you can bet your darn arse off they've tried VERY HARD to make sure no-one finds it.

Tinfoil hat?  GPG is open source. Look at the code that does the encryption yourself, if you please, or trust the rest of the world filled with experts.  No backdoors have been found.

If you still believe what you posted,I hope you are securely posting this from your doomsday bunker, on someone else's computer, on a connection you hand-made just a few minutes ago, and will blow up with TNT after you make each post.

Seriously, posting statements like yours just fools the gullible into believing a crazy conspiracy.



#24 n_K

n_K

    Neowinian Senior

  • Tech Issues Solved: 3
  • Joined: 19-March 06
  • Location: here.
  • OS: FreeDOS
  • Phone: Nokia 3315

Posted 28 October 2013 - 10:41

Tinfoil hat?  GPG is open source. Look at the code that does the encryption yourself, if you please, or trust the rest of the world filled with experts.  No backdoors have been found.

If you still believe what you posted,I hope you are securely posting this from your doomsday bunker, on someone else's computer, on a connection you hand-made just a few minutes ago, and will blow up with TNT after you make each post.

Seriously, posting statements like yours just fools the gullible into believing a crazy conspiracy.

GPG can be cracked through bruteforce, again, in snowdens leaked material.

And quite frankly I don't really care if they're secretly able to access my PC, I'd find it annoying but I'm not gonna just suddenly stop using any electrical items because of it.



#25 Growled

Growled

    Neowinian Senior

  • Tech Issues Solved: 1
  • Joined: 17-December 08
  • Location: USA

Posted 28 October 2013 - 15:57

Again. Tinfoil hat stuff.  I'm happy just as I am, and if the NSA wants to skim the headers of my emails to see I am getting spammed for reduced mortgage rates and such, so be it.  Google, Microsoft, my cable ISP etc all can already read the entire contents of my mail already.  I just don't get my panties in a twist over it.  Privacy is pretty much dead already.

 

I usually consider the internet to be like a huge shopping mall. I don't think I will have any privacy at either place. I think most people are fooled because they access the internet from the safety of their own homes.