Do people seriously trust this garbage?
At least on Windows and even Mac, you can scan the files you download and install to see if it has Malware.
On Loonix, you are giving 100% faith in some random neckbeard to not serve you software with malware. Then you also have to trust them with being able to maintain a repo even though we've just seen how easily Loonix repos get compromised.
tl;dr neckbeards are not reliable with your security
>>53099656
I'd just like to interject for a moment. What you’re referring to as Linux, is in fact, GNU/Linux, or as I’ve recently taken to calling it, GNU plus Linux. Linux is not an operating system unto itself, but rather another free component of a fully functioning GNU system made useful by the GNU corelibs, shell utilities and vital system components comprising a full OS as defined by POSIX.
Many computer users run a modified version of the GNU system every day, without realizing it. Through a peculiar turn of events, the version of GNU which is widely used today is often called “Linux”, and many of its users are not aware that it is basically the GNU system, developed by the GNU Project. There really is a Linux, and these people are using it, but it is just a part of the system they use.
Linux is the kernel: the program in the system that allocates the machine’s resources to the other programs that you run. The kernel is an essential part of an operating system, but useless by itself; it can only function in the context of a complete operating system. Linux is normally used in combination with the GNU operating system: the whole system is basically GNU with Linux added, or GNU/Linux. All the so-called “Linux” distributions are really distributions of GNU/Linux.
>>53099656
>At least on Windows and even Mac, you can scan the files you download and install to see if it has Malware.
A scan is only as useful as the tool that scans it is. So essentially you're relying on your anti-malware software to be up-to-date.
>On Loonix, you are giving 100% faith in some random neckbeard to not serve you software with malware.
If you're downloading proprietary software and give it root access, sure. That's why you use open-source software.
>>53099656
>Relying on a third party virus scanner because you cannot trust your OS to be secure
>Talking about security
Did you guys hear Linux Mint got hacked? I guess that teaches you.
>>53099656
>irrational linux hate
>>>/v/
why you tech illiterate gaymer garbage insist to come here?
>>53099685
I'm terribly sorry for interjecting another moment, but what I just told you is GNU/Linux is, in fact, just Linux, or as I've just now taken to calling it, Just.Linux. Linux apparently does happen to be a whole operating system unto itself and comprises a full OS as defined by POSIX.
Most computer users who run the entire Linux system every day already realize it. Through a peculiar turn of events, I was misled into calling the system "GNU/Linux", and until now, I was unaware that it is basically the Linux system, developed by the Linux project.
There really isn't a GNU/Linux, and I really wasn't using it; it is an extraneous misrepresentation of the system that's being used. Linux is the operating system: the entire system made useful by its included corelibs, shell utilities, and other vital system components. The kernel is already an integral part of the Linux operating system, never confined useless by itself; it functions coherently within the context of the complete Linux operating system. Linux is never used in combination with GNU accessories: the whole system is basically Linux without any GNU added, or Just.Linux. All the so-called "GNU/Linux" distributions are really distributions of Linux.
>>53099878
http://blog.linuxmint.com/?p=2994
The ISO for 17.3 was replaced with one with malicious code in it.
>no https
>>53099656
Yo cunt
Ever heard of chroot?
Oops why explain it to you, you wont understand haha
>>53099928
>hurr go back to here go back to there durr
Damn you reddit faggots are annoying, boards here aren't your single topic subredits for fedora wearing grammar gestapos.
>>53099656
Closed source cucks think the only way you can scan a program is an "anti virus" program
>>53099656
Im getting tired of shitposts
If we all report this cunt, we win
>>53099656
Bait? Because you pretty much have the option to read every line of code in software before you install it. At least that's with using yaourt and the AUR.
>>53099656
The repositories of the GNU/Linux distributions are cryptographically signed, which is verified by their public key on your system with each upgrade of your packages. Most leading distributions also sign their security advisories using their PGP keys.
People should therefore think twice to trust a third party repository, but it's still (far) better than installing unsigned and closed source Windows software.
TL;DR: Using closed source Windows software (and the Windows OS in general) means you blindly trust anyone without the ability to independently audit the source code.
>>53101519
HTTPS wouldn't have helped anyway. There setup for verification is flawed
>>53099656
>Do people seriously trust this garbage?
Yes.
Google, IBM, HP, Red Hat, Amazon, Yahoo, Facebook, Oracle, Novell, Cisco are just some billion dollar companies that trust this "garbage" so much that they let it run their infrastructure.
>>53102537
Rekt
>>53099878
WordPress, lad. HTTPS does not help this issue. And you're supposed to validate the cryptographic hash. I do hope they at least use SHA256 from now on, though.
>>53102132
Jailing your applications is but one security measure you can apply to mitigate vulnerabilities.
>>53102295
/g/ thinks a cuckold shares the same semantics as a plethora of derogatory remarks, such as stupidity and ignorance. Please refrain from using this inaccurate term to convey your message.
little diff between virus signatures and official repos. its like blacklist vs whitelist
>>53102470
Actually the latest EULA coming from MS is pretty much signing off on you being hacked by big data and the spooks. They tell you straight up they are going to scan all your files and own all your shit. Open source is the lesser of two evils now but safe to assume nothing you do anymore is private, including the last 10 years or so. This will simply raise paranoia to extreme levels, kill creativity and probably drive humanity into another dark age. History repeats all the time. World is running down anyway, it's to be expected.
>>53099656
You know, this is both wrong and right. Wrong because Linux does let you scan files and most repo holders are companies not neckbeards, but right because neckbeards really do suck at security as Mint just demonstrated.
>>53102431
There's millions of lines of code to read.. And that's assuming you even know how to read code.
All it takes is maybe 1 or 2 neckbeards to conspire and slipstream a botnet into your updates and you would never even realize it.
>>53102537
>Ad populum
Although not exclusively, it's true that these parties all run GNU/Linux, but it's not a valid argument. These parties use GNU/Linux because of, for example, open security.
>>53102748
>OP argues that you can't trust Linux from a security point of view
>"it's not a valid argument!!! they use GNU/Linux for security"
You just went full retard.
>>53102739
Well I'm no programmer, but all I'd do is ctrl-f that shit and search for strings regarding telemetry, user data, localhost and shit. Anything that could be construed as a gaping exploit for a remote exploit.
>>53102699
>hacked
https://www.gnu.org/philosophy/words-to-avoid.en.html#Hacker Please refrain from referring to security breakers as hackers.
>Microsoft's latest EULA protects you against unauthorized security breaches
Well, instead you're giving them access straight away, according to their Service Agreement: https://www.microsoft.com/en-us/servicesagreement#tile6_serviceAvailability section 7b.
>We may automatically check your version of the software and download software updates or configuration changes, including those that prevent you from accessing the Services, playing counterfeit games, or using unauthorized hardware peripheral devices. You may also be required to update the software to continue using the Services.
That's called a backdoor if it wouldn't be for you agreeing to this by using their products. If only they told you 'straight up' as you say. Instead they're hiding behind their fine prints.
>[Nothing is private anymore, leading to extreme paranoia, causing a huge setback in quality of life.]
This may (sadly) have some merit.
>>53103095
If you have nothing to hide you have nothing to fear.
>>53102897
I wasn't refuting OP. I was refuting him >>53102537 because of the ad populum fallacy (me being the devil's advocate), which you would've known if you were paying attention.
>>53103159
Except that everyone has plenty to hide, and therefore plenty to fear.
>>53103234
Uhh not from the government. The government must know everything. Some guy making a new form of energy in his garage? Blueprints must be sent to the government. Some guy making child porn? Government must jail him. Some guy communicating with ISIS on how to make bombs? Government must jail him.
>>53103318
If the government tells me to open my harddrives for them to examine, i will happily do so.
I dont understand why they must access my drives behind my back secretly.
>>53103318
You've just described a totalitarian regime which no one in his right mind would vote for. I also fear this is getting too /pol/.
>>53103407
It's quicker if they can just bulk scan everyone's drives rather than doing so on an invividual basis on a suspected basis. That way the bulk scan metadata can be chewed through an algorithm and they can possibly stop that bomb being built and detonated in a subway or that child porn syndicate being created.
>>53103159
Give us your email address and password then
>>53103419
But they do. This is the regime, and it's far more totalitarian than I can ever explain it to be. We, the voters only see their mask.
But as long as it stops 9/11 and children from being abused, it's worth it, right?
>>53103471
[email protected]
zkogtbad
Send me an email ;)
>>53103495
It's an arms race and the people suffer. No, totalitarianism will never be worth it.
>>53103198
>I wasn't refuting OP. I was refuting him
I'm "him" and you weren't refuting me, you were proving my point.
OP: "you shouldn't use Linux because of bad security"
Me: "then why do all these companies use them?"
You: "HURR DURR THAT'S A LOCIGAL FALLACY!! IT'S OBVIOUS THAT THOSE COMPANIES USE LINUX BECAUSE OF ITS SECURITY"
>>53103451
>It's quicker if they can just bulk scan everyone's drives rather than doing so on an invividual basis on a suspected basis. That way the bulk scan metadata can be chewed through an algorithm and they can possibly stop that bomb being built and detonated in a subway or that child porn syndicate being created.
But this has proved unsuccessful all along
It didn't stop Paris attacks. It didn't stop various others. How many times do you need to see a stone sink before you're satisfied it doesn't float?
>>53103588
How would we ever know about the various attacks that have been stopped? Because they haven't happened, they haven't made news. Fucking ISIS has specifically stated they want their followers in western countries to use whatever they can to commit jihad. Fuck. Even machete beheadings in public spaces.
I'd like to think that 1000s of possible terrorist incidents have been thwarted from massive drive and internet metadata collection.
>>53099656
since all the code is openly available and one can dl and compile for themselves from those it's not a huge deal. Sure someone can package shit up and release bad rpms and debs and sure this does happen but it's something that's usually found eventually anyways and the more mainstream repos are likely at least give some attention now and then
all in all a lot less privacy hassle than microsoft and a lot less expensive than apple gear for those of us who dont need or cant justify/ afford the luxury
>>53103615
Well i dont care, since im not doing anything illegal, i dont have any reason to be under surveillance
Im not wasting my precious CPU cycles on this shit
>>53103546
>>I wasn't refuting OP. I was refuting him
>I'm "him" and you weren't refuting me, you were proving my point.
>OP: "you shouldn't use Linux because of bad security"
>Me: "then why do all these companies use them?"
>You: "HURR DURR THAT'S A LOCIGAL FALLACY!!"
Yes, I did point out your ad populum, although childishly paraphrased.
>IT'S OBVIOUS THAT THOSE COMPANIES USE LINUX BECAUSE OF ITS SECURITY"
That's a horrible deduction of something I didn't say, nor implied.
>>53103638
Mehmet could break into your house when you're out getting your Latte, connect to TOR and download bomb making instructions.
Definitely need metadata collection on you and everyone else for these possibilities. You also could go down the dark road and become criminal in your future.
>>53103696
You could consider all of those insanely hypothetical cases
What if Mehmet IS the government!?
>>53099656
Do you own an Android device? Those run on Unix. BTFO nigger. You gon' learn today.
>>53103727
If the govt was ever in my DMZ, I would know. Call me cocky but I'm pretty confident about this shit.
>>53103653
>That's a horrible deduction of something I didn't say, nor implied.
You literally said:
>These parties use GNU/Linux because of, for example, open security.
I'm not sure if I'm being trolled or if you have the attention span and mental capabilities as a 5 year old with Down's syndrome on amphetamines.
>>53103910
Not him, but demilitarized zone? What do you mean by this?
>>53103935
>>That's a horrible deduction of something I didn't say, nor implied.
>You literally said:
>>These parties use GNU/Linux because of, for example, open security.
Right, which isn't the same as it being 'OBVIOUS', as you inaccurately paraphrased.
>I'm not sure if I'm being trolled or if you have the attention span and mental capabilities as a 5 year old with Down's syndrome on amphetamines.
Neither of those, and please look up Occam's Razor. Just a miscommunication, lad. No need to get knickers in a twist about it.
>>53103966
https://en.m.wikipedia.org/wiki/DMZ_(computing)
Infosec 101 shit.
>>53104049
>Right
Then we are done here, aren't we. You just admitted that you actually proved my original point.
>>53104082
No, I was merely acknowledging your quote of what I said. I did not agree to how you seemed to have interpreted this, which still remains unresolved.
>>53104082
No, it was a counterpoint you still fail to see. Not that anyone but he's saying that normally even in open source it's not obvious where backdoors are or even how they got there. Since it's open source it's editable and re-releaseable by literally anybody.
You never know.
>>53104164
>Not that anyone but he's saying that normally even in open source it's not obvious where backdoors are or even how they got there.
>Since it's open source it's editable and re-releaseable by literally anybody.
I don't download open source projects from random third-parties. I just go to the project website and download it from there, and verifying it with the checksum.
It's not magic.
>>53104155
Can you please just drop the autism act already? You misread what I wrote and then made an argument supporting my case. It's not a big deal.
Yes, I agree that my argument was an argument from popularity. Your counter argument, however, just restated my claim.
>>53104218
A checksum doesn't prove shit only that you neglected to even glance at the code which btw is just a link to the stable most recent release. Do you even know how open source works? Can you function in society?
>>53104283
>A checksum doesn't prove shit
It proves that the code hasn't been modified.
>neglected to even glance at the code which btw is just a link to the stable most recent release.
Your entire point in >>53104164 were based on a party other than the source modifying the code.
Now you're just backpedalling.
>>53104218
>>53104304
Reminder that a checksum is not a cryptographic hash.
>>>53104155 (You)
>Can you please just drop the autism act already? You misread what I wrote and then made an argument supporting my case. It's not a big deal.
But, mate, I didn't. It's what I've been trying to tell you. I acknowledged these parties all run GNU/Linux, but saying these parties means everybody should because of it's security isn't true, logically speaking. What, pray tell, did I misread?
>Yes, I agree that my argument was an argument from popularity. Your counter argument, however, just restated my claim.
I don't think I restarted anything. You, of course, wanted to defend your statement, which is fine, but it resulted in a miscommunication sadly.
>>53104304
Just because the code was accepted and merged doesn't mean it was bug free or backdoorless. Honestly you think things like that get caught every time? That's rhetorical, don't bother answering.
>>53104374
>Just because the code was accepted and merged doesn't mean it was bug free or backdoorless.
This is not what you said in >>53104164
If the code is accepted and merged, then it has been reviewed and ack'ed. Do you even know how open source projects are done?
>Honestly you think things like that get caught every time? That's rhetorical, don't bother answering.
You're not going to get a patch with a lot of unreadable, mysterious code accepted in the first place.
This "scenario" of yours is just completely unrealistic.
>>53104369
>but saying these parties means everybody should because of it's security isn't true,
That's *not* what I claimed. I think you need to re-read my post.
What I pointed out is that these companies clearly trust Linux enough to use them for their infrastructure. Although you are right that it is an argument from popularity and not at all counters OP's claim (namely that "neckbeards" deliberately put backdoors in), it still serves as a point of reference in this inane debate. Multi-billion dollar companies do actually use (and some even develop) Linux and trust it for its security, performance, uptime etc.
I did not write in my post "these companies use Linux therefore you should too". I simply answered OP's first question, namely "Do people seriously trust this garbage?"
The answer to that, as pointed out in >>53102537, is clearly "yes, they do".
>>53104499
That's exactly what I said in the post. Because you lack an above average reading comprehension I am going to allow this mistake.
Surprisingly, it looks like you did not research the scenario like you should have. Consider that many times (ugh I won't bother with links here) malicious code was "reviewed and acked", and still passed the whole merging process.
>>53104499
>>>53104369 (You)
>>but saying these parties means everybody should because of it's security isn't true,
>That's *not* what I claimed. I think you need to re-read my post.
[...]
Thanks for clarifying some of it up. You were merely giving examples of parties that trust it. Perhaps it was wrong of me to think you were arguing why they do so.
However, I did not say it was obvious they use Linux for open security, as I too was giving an example (which only said parties can acknowledge).
It would appear we both misinterpreted each other's posts.
>>53104667
>Consider that many times (ugh I won't bother with links here) malicious code was "reviewed and acked", and still passed the whole merging process.
Buggy code, yes.
Malicious code, no.
>>53104670
I think so too. I apologise for my name-calling and memes, I guess to much 4chan for me.
>>53102560
>>53102560
Well, cuckold has some merit here.
Literally, a cuckold is a man whose wife is fucking other men and sometimes a man who enjoys watching that happen.
The point is you're being denied something that by all rights you should have while others enjoy it freely and you derive pleasure from that.
So yeah, closed source is software cuckoldry; you should be allowed your four fundamental freedoms but they deny you it and do whatever the fuck they want because you can't do anything about it.
>>53099656
What are Virustotal and Jotti malware scan?
>>53099656
>On Loonix, you are giving 100% faith in some random neckbeard to not serve you softwareds with malware.
So are the neckbeards...
>>53105344
>I think so too. I apologise for my name-calling and memes, I guess to much 4chan for me.
>>53103495
> stops 9/11
It did not. I'm assuming you mean
> stops terror attacks
It does not.
> stops children from being abused
I actually chortled. 40% of child porn is produced within the united states, to say nothing of the child abuse worldwide and the hundreds of thousands of children getting beaten, molested, and otherwise treated like shit within the United States.
The system doesn't do jack fucking shit. These problems are still rampant and a totalitarian regime that spies on everybody wouldn't stop it.
The repositories are not 100% safe, but a lot safer than trusting a malware scan.
When you compile software from unknown sources you might get something malicious, but that is really rare.
>>53099656
E/b/IN TROLL M80 XD KEEP POSTING
>>53103615
> thousands of possible terrorist incidents that have been thwarted
You mean detaining random innocent people for little to no reason because they looked suspicious? You mean racial profiling? You mean false alarms, lives ruined because the government drew their number out of the hat?
What's the point of fighting terror if you're just doing what terrorists do? This whole thing is about fighting for freedom, right? That's what they say. What sort of mental gymnastics justify establishing a totalitarian regime that RULES BY FEAR to fight people who use fear as a weapon?
>>53105580
Cuckoldry is exactly what it is. He can resist including the word in his arsenal of general purpose insults, but using proprietary software is behavior analogous to cuckoldry.
Someone is pwning you by using your software and your software doesn't have a healthy relationship with you and doesn't respect you at all. You can pretend you like being humiliated and used all you want, but it doesn't give you any real control of the situation.
The only reason to use GNU/Linux in your personal computer is if you care about privacy. Why one would care about privacy is what boggles my mind. Everyone on here must be pedophiles that hide their cp using this pile of shit. Something worth reading if you think that Linux is really technically better than OS X or Windows: http://itvision.altervista.org/why.linux.is.not.ready.for.the.desktop.current.html
>>53106682
>Everyone on here must be pedophiles
Wow caring about privacy is now considered to be pedophilia. Try gooing back to tumblr with your SJW propaganda
>>53106769
Yeah, cause calling me a SJW for calling faggots that care about privacy pedophiles makes a lot of fucking sense. I really do think that someone who gives a fuck about privacy is either a pedophile or a criminal. Enjoy your technically inferior OS.
>>53108082
Why do SJWs get so butt buttblasted when people call them what they are?
>>53104369
>Reminder that a checksum is not a cryptographic hash.
Actually, it sort of is. And anyway, feel free to create a malicious software package that still matches the original md5.
Can't do it?
>>53108620
>Can't do it?
Ad ignorantiam.
>>53108663
Speak English motherh*cker
>>53108675
Have you taken any logics class?
>>53108689
>logics class
Of course not. Sounds about as useful as gender studies
>>53108735
I said class, not majoring.
>>53099656
What the fuck is with this shitty troll? It's like I'm on bizarro world where Linux runs binary blobs from sourceforge and Windows and Mac both compile, audit, and check their code.
>>53103159
But the government hides things from the populace. Do you assume they are made out of better stuff then the rest of humanity, or do you lump them together with the rest of us?
>>53108882
Nice derail faggot.
>md5 faking
Can't do it? Didn't think so.
>>53099656
You do realize you dont have to use repos, right?
You do realize you can go through the source code and compile it yourself, right?
You do realize there's antiviruses for linux, right?
>>53108996
>what are hash collisions
There's a reason it isn't used for ssl certs anymore (well mostly)
>>53106769
>>53108547
actually, most so-called "SJWs" (progressives) are privacy advocates.
consider The Guardian, which I think you'd call pretty "SJW." They (Green Greenwald) broke the original Snowden story, and recently they've been subtlely pro-Apple in the FBI-iPhone drama.
and feminist meta-communities like SRS or GamerGhazi usually have staunchly pro-privacy views. that is, they complain about a lot of other points of view, but not those favoring privacy.
please don't blame feminists or progressives for troll comments on 4chan.
>>53109034
I googled that and it looks like you meant to ask what is a preimage attack.
Yeah, still seems pretty much impossible to do.
>>53108996
Which is a clear example of an ad ignorantiam fallacy, lad.
>>53109181
Told you to speak English motherheck*r
>>53109034
Please refrain from referring to X.509 certificates as SSL certificates.
>>53109223
Yeah dude, I hate it when people call SSL certificates that.
>>53109217
Let me dumb it down for you. If statement P is unproven, it does not imply not-P is true.
>>53109127
https://www.sslshopper.com/article-md5-weakness-allows-fake-ssl-certificates-to-be-created.html
>>53109317
I'm sorry, you'll need to explain to me how this link relates to checking file checksums?
>>53109364
Well that was for the certificates, but here
http://www.mathstat.dal.ca/~selinger/md5collision/
