[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Assange: Debian is Owned by the NSA

To: [email protected]
Subject: Assange: Debian is Owned by the NSA
From: [email protected] (rysiek)
Date: Thu, 10 Apr 2014 18:48:21 +0200

Hi there,

so this has come to my attention. Whaddya guys and gals think?

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

http://igurublog.wordpress.com/2014/04/08/julian-assange-debian-is-owned-by-the-nsa/


In his Q&A to his keynote address at the World Hosting Days Global 2014
conference in April, the worldâ??s largest hosting and cloud event, Julian
Assange discussed encryption technology in the context of hosting
systems. He discussed the cypherpunk credo of how encryption can level
the playing field between powerful governments and people, and about 20
minutes into his address, he discussed how UNIX-like systems like Debian
(which he mentioned by name) are engineered by nation-states with
backdoors which are easily introduced as â??bugsâ??, and how the Linux
system depends on thousands of packages and libraries that may be
compromised.

I recommend watching his 36 minute Q&A in its entirety, keeping in mind
my recent warnings about how GNU/Linux is almost entirely engineered by
the government/military-affiliated Red Hat corporation.

The Voice of Russia website has an article on Assangeâ??s address with a
few quotes:

    â??To a degree this is a matter of national sovereignty. The news is
all flush with talk about how Russia has annexed the Crimea, but the
reality is, the Five Eyes intelligence alliance, principally the United
States, have annexed the whole world as a result of annexing the
computer systems and communications technology that is used to run the
modern world,â?? stated Julian Assange in his keynote addressâ?¦

Donâ??t just read the short article, listen to the address yourself,
because Assange goes into many areas, and the work being done in these
fields.

Assange mentions how Debian famously botched the SSL random number
generator for years (which was clearly sabotaged â?? a known fact).
Speaking of botched security affecting Red Hat, Debian, Ubuntu, Gentoo,
SuSE, *BSD, and more, the nightmarish OpenSSL recently botched SSL again
(very serious â?? updated comments on how a defense contractor in Finland
outed the NSA here?) Itâ??s very hard to believe this wasnâ??t deliberate,
as botching the memory space of private keys is about as completely
incompetent as you can get, as this area is ultra-critical to the whole
system. As a result, many private keys, including of providers, were
potentially compromised, and much private info of service users. Be sure
to update your systems as this bug is now public knowledge. (For more on
how OpenSSL is a nightmare, and why this bug is one among many that will
never be found, listen to FreeBSD developer Poul-Heening Kampâ??s
excellent talk at the FOSDEM BSD conference.)

Follow-Ups:
- Assange: Debian is Owned by the NSA
  - From: [email protected] (Douglas Lucas)

Prev by Date: NSA good guys
Next by Date: NSA good guys
Previous by thread: Two possible vulnerabilities in OpenSSL?
Next by thread: Assange: Debian is Owned by the NSA
Index(es):
- Date
- Thread