Ubuntu and SUSE are too rather dumb projects (in their management) because they let Microsoft spy on their users and they use proprietary software like vBulletin in their forums, showing just how apathetic they are towards software freedom.

Last year Ubuntu Forums got cracked (no surprise, as it was proprietary software) and now it's OpenSUSE Forums [1]. What do they have in common? Yes, proprietary software. It's like Canonical's mistake (leaking out passwords of users) did nothing to teach SUSE a lesson. vBulletin is a mess and it does almost nothing to guard passwords (which many people reuse across sites). In OpenSUSE's case they say that only E-mails got leaked, but who knows if they're honest...

What's hard to grasp is why some companies continue to trust secret code and systems which earned no respect through independent audits.

In the next post we are going to share some of the latest revelations about the NSA. It is clear that back doors are often there by design, so it's not a matter of whether or not a piece of proprietary software is secure, it's a question of where there is a back door. See [2-5] below. The FBI requests that US companies make back doors and the NSA even bribes for it. ⬆

Related/contextual items from the news:

1. openSUSE Forum Hacked, Everyday Linux, and Mageia RC Delay





2. More Security Experts Cancel Speech for RSA Conference





3. Infosec experts boycott RSA conflab over alleged 'secret' NSA contract





4. What It's Like When The FBI Asks You To Backdoor Your Software

   At a recent RSA Security Conference, Nico Sell was on stage announcing that her company—Wickr—was making drastic changes to ensure its users' security. She said that the company would switch from RSA encryption to elliptic curve encryption, and that the service wouldn't have a backdoor for anyone.
   
   As she left the stage, before she'd even had a chance to take her microphone off, a man approached her and introduced himself as an agent with the Federal Bureau of Investigation. He then proceeded to "casually" ask if she'd be willing to install a backdoor into Wickr that would allow the FBI to retrieve information.





5. What The Intelligence Community Doesn't Get: Backdoor For 'The Good Guys' Is Always A Backdoor For The 'Bad Guys' As Well

   Bruce Schneier, over at the Atlantic, recently made nearly the same point in talking about the massive costs of all of this NSA surveillance (as well as talking about the near total lack of benefits). There's the cost of running these programs that are massive. There is the fact that these programs will be abused (they always are). There are the costs of destroying trust in various tech businesses (especially from foreign users and customers). But just as important is the fact that the NSA, FBI and others in the intelligence community are flat out weakening our national security by installing backdoors that malicious users can and will find and exploit: