Complete certainty is impossible, but the chances still look better than for Windows or OSX.

>>51889129
Yes, but chance doesn't mean jack shit. All it takes is ONE snippet of backdoor in the entire kernel to completely compromise your ENTIRE system.

>>51889154
On top of that, Windows/OS X may only have a couple of backdoor entry points, and it only needs a couple, because it's closed-source/proprietary. Linux, on the other hand, could have much more to raise its chances of being included in merges. Linux could have more backdoor entry points than Windows or OS X combined.

>>51889154
I could build all the hardware from sand and program a religion-theme OS, but I'd rather my computer just work so I can get on with my life. Any supposed risks will have to fuck off.

File: ohno.jpg (33 KB, 350x464) Image search: [Google]

33 KB, 350x464

>>51889267
I'm not trying to tell people not to use Linux. I'm running it right now.

I'm just trying to point out to all the conspiracyfags that the chances of Linux being any more safe from an NSA backdoor is not even significantly higher than Windows/OS X.

>>51889019
You make a good point. On the other hand we DO know the NSA has back doors in the commercial OSs such as Wangblows and FagOSx.

At least the potential for peer review is possible with open source. Good luck trying that with closed systems.

>>51889342
>is not even significantly higher than Windows/OS X.
patently false statement, even though i have no objection with you're fundamental premise.

>>51889726
We DO know that Windows/OS X have backdoors. Linux MUST have one, the question is just where.

Of course Linux is still better than the former when it comes to security. Linux may not have the Microsoft, Apple, or law enforcement backdoors, but as for the NSA, it's futile. The NSA can force their code in, and then send gag orders to keep people from speaking about it.

>>51889748
>patently false statement

Why? All the NSA has to do to backdoor Windows/OS X is just force the companies to insert it. There could be MANY entry points in Linux as to increase their chances of getting it into the kernel and for longer times.

>>51889915
Welp, staying away from closed blobs and compiling you're own from only web-of-trust sources is at least an approach with a reasonable possibility of being intact from unwelcome corruption (at least initially). But exploitable bugs and design flaws will still always be a possibility even with a 'pristine' system.

For example, even though BSD is touted as being secure, it still has several fundamental design problems security-wise (apart from any other issues that may be discovered) that won't be fixed unless a major overhaul is undertaken. Not too likely. Linux also has a growing list of issues to contend with.

>>51890018
Because we know with certainty NSA has backdoors in the commercial products. At least the open source ones can be reviewed potentially (staying away from blobs, as in the above). This fundamentally makes them statistically a smaller exploitable target.

Protip: the backdoor is in the nonfree blobs in the mainline kernel. Use linux-libre.

>>51890140
>staying away from blobs
The exploits could be in plain open-source sight and you still wouldn't even notice them.

>At least the open source ones can be reviewed potentially
>potentially
Firstly, kek. Secondly that's why the NSA could be putting MULTIPLE entry points in at many different places to lower their odds of being removed.

>This fundamentally makes them statistically a smaller exploitable target.
How much smaller though? Assuming they put in multiple entry points, it's not going to be much smaller, if at all.

>>51889726
How do we know this? Source? Legitimately curious. Please don't tell me to Google something, Google it yourself and find a reputable link. You made the claim

>>51890228
>it's not going to be much smaller, if at all.
Meh, you're basically arguing that 1 == 2, and expecting me to bite. Pass.

>>51890242
I'm not the guy but Windows/OS X DO have their own backdoors put into their systems. All they need to do after that is just comply with law enforcement, and the NSA could go to them through that.

>>51890242
>You made the claim
No I didn't I merely repeated it. If you're not aware of the legitimate sources behind it atp, I'll assume you migrated here from leddit or are trolling. Either way, not biting.

>>51890252
>Putting in entry points at multiple locations in the source tree doesn't increase the possibility of the backdoor staying in the kernel

It's like you really are retarded.

File: linux_libre.png (218 KB, 316x172) Image search: [Google]

218 KB, 316x172

>>51890187
this

>>51890516
see >>51890228

File: 2006_quarter_proof.png (953 KB, 1106x1089) Image search: [Google]

953 KB, 1106x1089

>>51890290
and it's like you really are shilling atp friend.
>here you go

>>51890535
>see above

What's the point of software backdoors when they have hardware ones?

>>51890559
I think the term, loosely speaking, is "Offence in depth" anon.

>>51890558
What the fuck is atp?

>>51889154
The thing is the chance of it being backdoored probably has to be measured in 6 or significative numbers.

The code is analyzed too much for someone to not notice it.

Sage for shit-tier thread.

>>51889019
>How do you people know that there isn't an NSA backdoor in Linux?
But we do.
https://en.wikipedia.org/wiki/Security-Enhanced_Linux
https://en.wikipedia.org/wiki/Systemd

>install botnet sensors in every closet possible
>prop up fedbook
>prop up web mail
>prop up battery-sucking smart phone sensors
>plans to install linux backdoor in 2020

>>51890912
>kekd a little/10

>>51889154
what are on demand code reviews, commit summaries, and community code scrutiny for 2000 alex?

How do you know NT is secure

How do you know the gremlin is not on the plane

How do you know if this is a question if it doesn't end in a question mark

How do you know there isn't a mine, literally every step of the way under the ground

How do you know there is money at the bottom of a money pit if no one has ever dug there and all you keep getting is fucking wooden boards every 10 feet

How do you know what was the point of Eraserhead if it was just a dream

How do you know that there isn't another Earth exactly on the opposite side of the sun

How do you know that I killed my wife if the tattoo says it was John (or James) G

How do you know that ur a faget

>>51891009
wooah you blew my mind

File: How-Do-You-Know-Preview.jpg (31 KB, 570x350) Image search: [Google]

31 KB, 570x350

>>51891009
I just do

>>51890844
>The code is analyzed too much for someone to not notice it.
This is what every retard says about open source software. Yet we still end up discovering vulnerabilities that were around for a long fucking time, like stagefright and heartbleed.
The truth is that everyone in the open source community just trusts the people that are working on big projects. You believe that things are analyzed to hell and back, but humans are flawed creatures and they do not always do their jobs correctly.

File: PRISM_Collection_Details[1].jpg (88 KB, 700x525) Image search: [Google]

88 KB, 700x525

>>51889019
>>51889154
I don't really understand the logic where people actually believe that Linux is more vulnerable then OS X/Windows to the NSA. The fact of the matter is that Apple and Microsoft are both apart of prism. OS X/Windows works mostly with x86 architecture. The same architecture that has Intel who can create backdoors on their cpu. Where as Linux or BSD are too decentralized for such a thing to be even possible. Certainly you could accuse of Red Hat, or Linux working for the NSA... the power of FOSS is that you can always fight back aganist.

The advantage of open source is that if the system is comprised, you could cut your limibs before it corrupts the rest of your body . If the Gnu community wants their software to be 100% free from intel hardware, they can make one. .Slackware doesn't like SystemD, they can ignore system d as much as slackware devs likes. If somebody doesn't trust SE linux kernel, there is nothing stopping Tinfoils from refusing to put that code in their OS.

TempleOS is the only secure OS

its more of avoiding corporate botnet and cancerous advertising building profiles on me, my files, browsing habits etc. to the best of my ability anyway not that its foolproof.

lets be honest - if youre directly targeted, not a single person in this thread is nsa-proof with a traditional OS installation. not one.

>>51891029
>The truth is that everyone in the open source community just trusts the people that are working on big projects. You believe that things are analyzed to hell and back, but humans are flawed creatures and they do not always do their jobs correctly.

this isnt a point against open source tho, it applies to all programs, open or closed

>>51891029
Unpatched vulnerability =/= Can be used to backdoor a system =/= People are using it to backdoor a system.

Learn about software before forming an opinion nigger.

>>51891029
This. And the worst part about it is that they will just tell people to "LAWLJUst use open-source or libre software" as if it's this objectively uncontaminated construct instead of doing their part to actually stop the political problems themselves.

Hopefully, pointing out that flaw in and of itself will light a flame under their ass and get them to realize that Linux is NOT AT ALL safe from the NSA. Including Linux-libre.

>>51891068
It's not a point against open source. It's a point against freetards who spread that open source is somehow safer from the NSA.

We should just move over to TempleOS.
It is God's operating system, after all.

>>51891076
>I am so fucking stupid that it didn't even occur to me that an "unpatched vulnerability" may be an intentional backdoor
>I do not see how finding a serious flaw in software months after it came into existence provides a look into how long it may take to find a cleverly hidden backdoor
It's like you didn't even think before you typed your post.

File: MEMEnto.png (2 MB, 1280x1012) Image search: [Google]

2 MB, 1280x1012

>>51891009
>Eraserhead
>Memento
>>>/tv/

>>51891046
>Where as Linux or BSD are too decentralized for such a thing to be even possible.
>>51890018
>There could be MANY entry points in Linux as to increase their chances of getting it into the kernel and for longer times.

Why insert a backdoor when you can exploit bugs in code that has already been vetted as secure.

>>51889019
The chances are so goddamn slim. Linux has too many people looking over it every moment of the day to have a backdoor. Even if it does, the chances of it not getting caught soon afterwards are also slim.

So then let's assume Linux really is compromised and nobody notices. Fine, move to OpenBSD.

There is literally 0 chance that shit is compromised. They're way too paranoid about that.

>>51891220
That's a falsehood. It's entirely possible that the NSA has agents in the open-source community inserting cleverly-hidden backdoors and say "yep, totally secure, guys!" and nobody bothers to double-check because there's a trust network.

Nothing is safe. Don't ever assume something is safe.

>>51891220
>implying the NSA would just inject a single entry point in the kernel master branch directly and then leave
>implying they wouldn't put several entry points in multiple branches with a higher chance of being merged up and up into the master
>implying malicious code can't look inconspicuous
>implying OpenBSD is any better at all whatsoever

File: patrick fizz.png (289 KB, 512x384) Image search: [Google]

289 KB, 512x384

>>51891220
>So then let's assume Linux really is compromised and nobody notices. Fine, move to OpenBSD.
>Nobody notices
>Just switch

File: 1424025233877.png (199 KB, 283x283) Image search: [Google]

199 KB, 283x283

>>51891108
b-but, how will I memepost?

>>51889201
As the post you replied to said, it doesn't matter how many entry points there are

I don't need to worry about backdoors. With SELinux's strict access control on my Linux installation, I have nothing to worry about. Everyone should have SELinux installed, and learn how to use it instead of disabling it.

>>51891383
I agree, SELinux has saved my ass on many occasions from those nasty hackers!

>>51891383
But that only considers userspace backdoors, artard. We're talking about the kernel itself, without any extra modules.

>>51889201
>>51891346
>>51891317
You still don't seem to get it. Open Source community is certainly not perfect, it certainly has measures that closed source system do not. Such as...

1. The ability to veto
2. The ability to refuse whatever given code to you
3. The ability to gain full control of your system
4. The ability modify and see every code that is given TO YOU.

What does Window or OS X do about this.
http://www.theregister.co.uk/2015/08/11/memory_hole_roots_intel_processors/
Linux can do all of things about this.

>>51889019
They do its called systemd

>>51891053
Underrated post, heaven doesn't have backdoors

>>51891449
Shut your whore mouth. YOU don't seem to get it.

>1. The ability to veto
>2. The ability to refuse whatever given code to you
>3. The ability to gain full control of your system
>4. The ability modify and see every code that is given TO YOU.

Literally all which can be nullified by a gag order from the NSA. And just SEEING code doesn't mean shit.

>what is inconspicuous-looking malicious code

>>51891466
Then where did Lucifer fall from?

>>51891449
>NSA here. Here, take this code. You MUST put it in your working source, and you MUST not speak about it. Also, it's inconspicuous-looking, so there's also a low chance of any one of your peers to even catch it.

BTFO

>>51890912
I hacked the government once. I then made a deal to tell on my friends who were bad hackers.

All in prison. I am here drinking coke.

>Good life for windows users

File: hacktheplanet.jpg (25 KB, 1000x566) Image search: [Google]

25 KB, 1000x566

>>51891502
THIS IS WHAT WHITE HAT HACKERS ACTUALLY DO

hey g whats a brand new os besides linux windows and os. that you use

>>51891383
>SELinux
The United States National Security Agency (NSA), the original primary developer of SELinux, released the first version to the open source development community under the GNU GPL on December 22, 2000.

>>51891475
>>51891501
>muh obfuscated code.

What is stopping anybody from making your own personal tinfoil linux build from scratch, and where no peer can contribute to your os?


I'm not saying that FOSS is perfect, you would have to be critically be retarded if cannot see why people may prefer OS where they have the final say on their OS then typical operate OS.

The NSA uses Linux themselves and there have been leaked documents on how to set up the Linux machine correctly. If there were back doors then the Russians and Chinese can easily spy on the NSA. That would be pretty incompetent. The Chinese government use Linux and they check the code as well. And everyone can check the code. There is no reason to believe that there is a backdoor In Linux

>>51891488
Trapdoor.

File: peepsi.gif (1 MB, 350x272) Image search: [Google]

1 MB, 350x272

>>51891635
Mate, I'm not telling people not to use Linux, I'm just pointing this shit out to people who consistently spew shit from their mouth that Linux is somehow at all safe from the NSA when it isn't.

>you would have to be critically be retarded if cannot see why people may prefer OS where they have the final say on their OS then typical operate OS
>mfw this indecipherable sentence

>>51891643
>lewl just check the code and it'll be fine guize!

Can this bad meme die?

>>51889019
PLAN 9 WE NEED TO FINISH IT

>>51891689
he makes a legitimate point, Linux is widely used by foreign countries and there's no way in he'll they'd be using it if the NSA had a backdoor to their shit, and vice versa

>>51889019
Heartbleed.

also, lunix is not 12 million lines. You can get very small distros that tak up like 15 meg. Those core libraries and binaries are gone over with a fine tooth comb so frequently there is no chance there is anything spooky in them.

Its called reducing your attack surface, nigga.

>>51891106
Not at all. The fact that it is free means we are allowed to improve it at any time we choose. This cannot be true for proprietary software.

>>51891736
You can't improve what you don't know is faulty.

>>51891666
Why are you so obsessed over the idea of absolute certainty?
Linux IS safe, because the risk of it being compromised is incredibly low. That's what "safe" means.

>>51891745
You can't find faults if you're not even allowed to look.

>>51891745
Linus doesn't keep code that doesn't have a permanent maintainer. What's the purpose of having code that nobody's capable of working? He'll remove that code from Linux.

>>51891475

National Security Letters were declared unconstitutional. If the NSA tells you to do something and sends you a gag order to not tell anyone they told you to do so, you have a legal right to post it on the internet and mail it to all of the world news organizations, showing the full document with nothing edited out.

>>51891501

Hi NSA! I'm John Q Public. Under the 13th amendment, I cannot be forced to do anything against my will, and that includes putting your changes into my source code. Under the 1st amendment, I cannot be silenced against my will. Finally, under the 5th amendment, I cannot have any of these rights deprived of me except upon due process of law. In other words, I must have already committed a crime for you to deprive me of any rights. But go ahead and fuck right off.

>>51892430
>National Security Letters were declared unconstitutional.
Source?

Guys I've red all the linux code and there is no nsa shit there
Trust me

>>51892430
>If the NSA tells you to do something and sends you a gag order to not tell anyone they told you to do so, you have a legal right to post it on the internet and mail it to all of the world news organizations, showing the full document with nothing edited out.

Due to the Patriot act they can legally execute you without a trial and without you breaking any laws. They did it to two American citizens already, one of them was put on the kill list as a 15 year old boy, not because he had done anything or accused of anything, but because one person in his family was member of Al Qaida. It is perfectly legal to kill anyone who "poses a potential danger to national security". Telling about what the NSA does could be considered that.

>>51890242
The NSA slides, both MS and appul are part of PRISM.

>>51890844
>everyone thinks everyone else is studying the code
>so no one does it

good thing Windows is constantly updated and checked for security holes by people who are paid to do so

>>51892788
>good thing Windows is constantly updated and checked for security holes by people who are paid to do so

"Linux is a hobby" meme again.

This hasn't been true for 20 years.

The largest contributors are paid contributors.

>this thread
>NSA sends NS letter to Linus

There are people whose job it is to keep an eye on kernel developments that are *not* Linus. Not only does this include people who contribute to the tree, but outsiders in various governments across the globe, businesses, and academics, whose bread+butter (or rice bowl) would be affected if someone tried to sneak obfuscated code into the kernel. And somehow all these people have to stay quiet for this putative backdoor to work.

This doesn't mean it can't happen, but the likelihood of it actually happening is a lot less than what we /know/ has happened to OSX and Windows, which are actually, really, part of the PRISM system.

>>51892788
And workers at Windows are paid to spy for the NSA. Prism leaks proved that they previously have done stuff like that and there is no reason to think they have stopped. At least not with the telemetry and botnet. And everyone has to accept terms and conditions that include Microsoft "collecting personal information" as the terms and conditions states before they install windows 10.

They INTRODUCE security holes.

Why would NSA or any other agency take the risk of getting caught, committing to the kernel literally leaves a paper trail that can't be erased.

And why bother when you have Intel in the ropes, see ME and other embedded functionality. Exploiting HW is much easier, safer and sustainable.

We already know for a fact windows has nsa backdoors in it so,because there is at least a chance linux doesent puts it at a better odds than windows