EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS

03.07.14

Secret Deals — Not GnuTLS — a Threat to GNU/Linux Security

Posted in GNU/Linux, Security at 10:53 am by Dr. Roy Schestowitz

Summary: Shifted focus (diversion towards non-issues like the GnuTLS flaw) and what we really need to watch out for when it comes to surveillance on GNU/Linux users

Cryptology is a funny thing. It’s an instrument of control (through predictive information. espionage, blackmail and so on). That’s more or less the thesis of a popular book from Wikileaks folks, titled “Cypherpunks”. Held in the hands of ordinary citizens, cryptology gives citizens power. Abused in the hands of freelance thugs [1] or state-sanctioned thugs like the NSA, cryptology helps guard the thugs (secrecy) and expose citizens who are only ever ‘enjoying’ fake cryptology, such as Microsoft’s and RSA’s. Now that Apple is receiving horrible publicity for breaking cryptology around the same time Apple joined PRISM there is some dodgy attempt to divert attention towards GNU/Linux, even if GnuTLS flaws are already patched and GnuTLS is not so widely adopted, not to mention the fact that is not used for very sensitive transactions such as banking [2]. The Linux Foundation was also quick to rebut the FUD [3], stating that “some were quick to point out that Linux distributions were not vulnerable to this particular issue” (contrary to corporate media reports).

What remains much bigger an issue, other than weak passwords (human error), is closed-sourced and proprietary hardware that may or may not incorporate Linux [4], such as my Home Hub from BT (which is rumoured to have back doors, based on some British press). A lot of what we’ve learned from the NSA leaks is that secret deals and collusion with companies is what’s responsible for back doors, not something which is visible at source code level. It is also what makes Red Hat, an NSA partner, difficult to trust these days [1, 2, 3]. The NSA reportedly asked Torvalds for back doors in Linux [1, 2, 3, 4]. Social engineering, bribes from the CIA in exchange for access (as reported in mainstream media) and even cracking is how spies get their way. They need not rely on programmers’ errors.

Related/contextual items from the news:

  1. Two in five Brits cough up for CryptoLocker ransomware’s demands

    Researchers from the University of Kent quizzed a total of 48 people who had been affected by CryptoLocker. Of the sample, 17 said they paid the ransom and 31 said they did not.

  2. GnuTLS: Big internal bugs, few real-world problems
  3. What is the GnuTLS Bug and How to Protect Your Linux System From It

    It seems that it’s only been a few weeks since we all heard of a nasty certificate validation error in Apple’s software, a.k.a. the infamous “double goto fail” bug. While some were quick to point out that Linux distributions were not vulnerable to this particular issue, wiser heads cautioned that a similar bug could be potentially lurking in software used on Linux.

  4. More than 300,000 routers in homes and small businesses hacked

    Team Cymru, the US-based security outfit which published the report, said that the network of hacked routers is one of the biggest of its kind that has been discovered, with most of the hacked routers in Columbia, India, Italy, Thailand, and Vietnam.

Share this post: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Reddit
  • co.mments
  • DZone
  • email
  • Google Bookmarks
  • LinkedIn
  • NewsVine
  • Print
  • Technorati
  • TwitThis
  • Facebook

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

What Else is New


  1. Željko Topić, Benoît Battistelli, and the European Patent Office (EPO): Part II

    Part II of our look into the EPO appointment of Željko Topić and other matters showing the dubious integrity of the EPO



  2. Links 14/9/2014: Android-based Watches Earn Optimism

    Links for the day



  3. Links 14/9/2014: Eucalyptus Devoured

    Links for the day



  4. Links 11/9/2014: Linux Toilet Project, Linux-Based Wheelchair Project

    Links for the day



  5. Links 10/9/2014: Brian Stevens in Google, Ubuntu 14.10 Expectations

    Links for the day



  6. Links 9/9/2014: Hating/Loving Linux, Android Aplenty

    Links for the day



  7. Links 8/9/2014: Linux 3.17 RC 4, Switzerland Welcoming Snowden

    Links for the day



  8. Suspicion of High-Level Corruption at the European Patent Office (EPO): Part I

    The European Patent Office (EPO) Vice-President has a background of corruption and his appointment to the EPO too is believed to be reliant on systemic corruption



  9. Links 6/9/2014: Core OS at DigitalOcean, Women in Xorg

    Links for the day



  10. Software Patents 'Quality' Debated in Courts, Microsoft's Biggest Patent Troll Still a Chronic Liar

    Intellectual Ventures, Microsoft's and Bill Gates' largest patent proxy, continues to spread lies about its motivations, claiming that patent assessment is among the goals when in fact only the courts and patent offices do this



  11. New Article Explains How Bill Gates Prevents Schools From Moving to GNU/Linux and Free Software

    A new article from Al Jazeera provides details about the role of so-called 'charities' of billionaires inside school systems



  12. Microsoft Sued for Large-scale Copyright Abuses

    Microsoft reveals its disregard for copyright law which it loves so much to wield as a weapon against its competition and clients



  13. Links 5/9/2014: New WordPress, Systemd Debate Continues

    Links for the day



  14. 'Embrace and Extend' at Microsoft: The New Generation

    Some of the latest examples of Microsoft's predatory acts against Free software and against competition in general, disguised as acts of friendliness



  15. Bill Gates' God Complex: Common Core a One-Man Campaign of Greed and Control

    The push for Common Core is overwhelmingly dominated by Bill Gates, who intimidates and even resorts to retribution against critics while bribing those who help him accomplish the goal of privatised (for his private profit) indoctrination in US schools



  16. Bill Gates Investments Harm the World, Not Improve the World, Based on New Exclusive Piece of Investigative Journalism at The Nation

    The Gates Foundation's profiteering efforts and lack of ethics outlined in a new report that many sites around the Web find fascinating and mostly irrefutable



  17. Links 3/9/2014: Android Gadgets, New Tails OS

    Links for the day



  18. Linus Torvalds DebConf Talk

    Torvalds' latest talk which got media attention earlier this month



  19. Microsoft Should Not be Considered Too Big to Jail

    Microsoft continues to use dumping as a strategy which revolves around starving the competition, not beating the competition



  20. Pro-Software Patents Voices Finally Acknowledge the Demise of Software Patents in the United States

    A milestone is reached as even the most zealous supporters of patents on algorithms (or computer-implemented inventions, or software patents) are admitting that the era of software patents may be over



  21. New Lies About Microsoft 'Privacy' and New FUD Against the GPL Comes From 'Former' Microsoft Staff at Black Duck

    More AstroTurfing by sites that are run by Microsoft MVPs and firms which were created by people from Microsoft



  22. Links 2/9/2014: GNU/Linux in BBC, Calls Against systemd

    Links for the day



  23. Links 1/9/2014: Poettering on systemd, ITNews on DBMSs

    Links for the day



  24. Moving Away From Windows to GNU/Linux and the Abandonment of Windows as the Modest Proposal These Days

    Morale of GNU/Linux and an embrace of GNU/Linux is very high, despite recent propaganda from Microsoft MVPs and boosters (primarily security-themed and Munich-themed FUD)



  25. Korean Press Slams Microsoft Over Patent Extortion Against Linux/Android as New Abuses Resurface

    Harsh words from the national press of South Korea as Nokia's role in Microsoft's anti-Linux tactics becomes more apparent



  26. More Good News About Patents and Their Demise in the United States

    A roundup of news about software patents and patent trolls in the land where these thrive



  27. Links 31/8/2014: Linux 3.12.27, Akademy 2014

    Links for the day



  28. Links 30/8/2014: Jailhouse 0.1, *buntu 14.10 Beta

    Links for the day



  29. Links 28/8/2014: Many New Games, CTO of Red Hat Steps Down

    Links for the day



  30. We Are Gradually Winning the Battle Against Software Patents

    The once-elusive war on software patents is finally leading to some breakthrough and even the Federal Circuit reinforces the trend of software patents' demise


CoPilotCo

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

CoPilotCo

Recent Posts