Mageia forum

[isadora]

Today i came across following article at falkvinge.net
No real news-source i visit on every-day-base, but the title intrigued me enough.
Especially now internet-security seems to be more in picture then ever.

http://falkvinge.net/2013/11/17/nsa-ask ... -gnulinux/

[pete910]

Seem to have read something similar on the subject, you can see why there doing an audit on truecrypt now.

[jiml8]

I personally do a lot of work inside the Linux networking stack, and in iptables. I've never seen any evidence of something that could look like a back door, and I do in fact keep an eye open for that sort of thing.

That said, I've also never conducted anything resembling a full audit of the code, and the kernel is large, so the fact that I've never seen a backdoor really doesn't mean much. Nonetheless, I am certainly not the only one who works inside the system, and no one has found a backdoor - which should be taken, I think, as a fairly decent indicator that there is none.

[yankee495]

I don't want to get all into politics but I'm in the US. I think the back doors are in the routers/modems/Wifi/BIOS etc!

I'm on top of this big time! Yesterday there was an article about it being in the Wifi chips or other chips and a while back in the BIOS of Dell computers. It seems the corporations have sold us out and if you haven't read about it Google RSA NSA.

Again, without going into politics, here in the US they're trying to take our weapons, building up the police force like the military, stock piling ammunition to the tune of 2 billion rounds at last count, and passing laws by executive order bypassing Congress. There is no point in arguing politics because both sides are corrupt so it has became us against all of them.

I also think all of the world governments are in on it and acting offended to keep people from questioning them. The NSA has just built a new facility in Utah and a contractor (not Snoden) told all about it in Wired Magazine, so it is clear they don't intend to stop.

This is pretty long but worth reading if you'd like to know more.

http://www.wired.com/threatlevel/2012/03/ff_nsadatacenter/all/

[yankee495]

Today i came across following article at falkvinge.net
No real news-source i visit on every-day-base, but the title intrigued me enough.
Especially now internet-security seems to be more in picture then ever.

http://falkvinge.net/2013/11/17/nsa-ask ... -gnulinux/

I had not seen this and the link won't load.I found it on another link. People here are too busy on Facebook playing games. I tell them all the time and post stuff but they ignore it. I posted some game crap one day and they all liked that! Sad really, but it's part of the plan.

I call it "entertain you to death".

[isadora]

It seems something is on with the web-server, error 522.

An Error 522 means that the request was able to connect to your web server, but that the request didn't finish.
The most likely cause is that something on your server is hogging resources.

Anyway, just Googling will bring up information concerning the subject.

[jiml8]

I think the back doors are in the routers/modems/Wifi/BIOS etc!

This was and remains a big concern and suspicion involving the Chinese Huawei products; there seem to be connections between Huawei and the Chinese army that are not clearly spelled out.

Now, I certainly can't say that there are no back doors in BIOSes or some modems; I don't know that. That back doors exist in Windows has been documented since 1998, and routers are a trivially easy target in most cases; the dynamic routing protocol bgp can be exploited trivially based upon its normal operation.

What I can tell you is that I personally am involved in RF modem design and in in data routing/data compression/network management for satellite communications systems and, increasingly, backbone fiber connections. My products don't have back doors, at the behest of NSA or anyone else. Further, by nature of what it is I do, I am often monitoring traffic through our devices which are deployed at various locations around the world, including in some backbone locations. Usually this monitoring it taking place because we are tracking down a problem that one of our clients has reported, and they have given us access. Sometimes this involves packet-level analysis if our compression engine has been choking on something.

One thing I always watch for is either traffic originating within our devices or traffic entering our devices and not leaving. Either can occur, under specific conditions, and I want to know anytime such a thing DOES occur since only specific traffic should behave that way. Thus, defacto, I am watching for any spying that is occurring - either inbound or outbound.

I have never spotted anything. Thus, the hardware we employ is not compromised; it is not attempting any untoward communications.

Routers ARE easy targets, and any traffic can be captured and examined as it passes through a NOC (network operations center). You should assume that this IS happening and should take appropriate steps to safeguard yourself. To this end, you should encrypt EVERYTHING and, to the extent possible, you should avoid any commercial encryption products; only use open source encryption products. You should assume that any closed-source commercial encryption product has been compromised.

I myself browse exclusively through the TOR network - I am presently visiting this site via TOR. I also host a TOR relay, so most of the TOR traffic to/from this site is not mine - which enhances my anonymity, although I am sure the NSA knows that my IP is hosting a relay. I also encrypt emails to any recipients that support encryption, and even when I cannot encrypt, the email (POP and SMTP) traffic to/from my machine is encrypted to my email server (which is with my website hosting service and not my ISP).

People within the reach of the US government should treat this spying as an imminent and massive threat; information gathered by NSA is being shared with IRS, FBI, EPA, and local police agencies; this is known. The machinery of a tyranny is going quickly into place in the USA. People outside the reach of the US gov't may be annoyed but aren't facing any particular risk unless they're planning an attack on the US.

[su35]

Form next month I will be using a mobile broadband connection. I have purchased the modem from my ISP.

Code: Select all

$ lsusb
Bus 002 Device 006: ID 12d1:1436 Huawei Technologies Co., Ltd. E173 3G Modem (modem-mode)

Is there any way I can know for sure if this device has a backdoor ? Any tests from within Linux possible ?

[doktor5000]

It is probably safe to assume that every GSM device has one or more "backdoors" for wiretapping and geolocation.

[su35]

Seems like they have made these hardware so that opensource doesn't become a barrier for them.

[doktor5000]

Well, you can still run end-to-end encryption on top ...

[su35]

Well, you can still run end-to-end encryption on top ...

By end to end encryption do mean Tor or a VPN ?

[doktor5000]

By end-to-end encryption I mean end-to-end encryption: http://en.wikipedia.org/wiki/End-to-end_encryption
Tor is not end-to-end. Check the picture at http://en.wikipedia.org/wiki/Tor_(anonymity_network)#Operation

[su35]

By end-to-end encryption I mean end-to-end encryption: http://en.wikipedia.org/wiki/End-to-end_encryption
Tor is not end-to-end. Check the picture at http://en.wikipedia.org/wiki/Tor_(anonymity_network)#Operation

http://en.wikipedia.org/wiki/End-to-end_encryption

Examples of end-to-end encryption include PGP for email, OTR for instant messaging, Tresorit for cloud storage, ZRTP for telephony, and TETRA for radio.

Examples of non-E2EE systems are Google Talk, Yahoo Messenger, Facebook, and Dropbox.

I rarely send emails, I only receive them using a Gmail account which as you know uses encryption but IDK if ts end-to-end. Most probably not. I dont know about any free email provider which offer E2EE. I also use Facebook which is clearly mentioned there.

So the fact is even if I want to use E2EE do I have a choice unless there are services that offers E2EE ?

I use SpiderOak and they claim to be fully secure/private IDK if they are using E2EE.

[doktor5000]

Question is, what is your use case and what do you want to achieve actually?

[su35]

Question is, what is your use case and what do you want to achieve actually?

My ISP has full knowledge about my browsing habits. Thats really annoying and also some intelligence agencies do mass data collection which equally disturbing.

Even when there is nothing to hide the feeling that someone is looking is unacceptable.

So I guess anonymity is what I am looking for.

[jiml8]

TOR will provide protection against a snoopy ISP. TOR + HTTPS provides end to end encryption AND prevents your ISP from knowing where you are browsing to (HTTPS alone does not prevent the ISP from knowing because of the DNS calls).

Setting up an email account in the darknet will provide you with complete security from your computer to the email server; you have to access it using TOR. Here is a good entry point to the darknet: http://zqktlwi4fecvo6ri.onion/wiki/index.php/Main_Page

[viking60]

Using DNScrypt will take care of the ISP snooping on your surfing.

OpenDNS could snoop though so you will have to trust them. but there is one European version that will take care of that.

[lynx13]

When you are concerned about Android:

Use Orbot as much as possible. But keep in mind that it drains a lot of battery.

There is a Firefox plugin called "Proxy Mobile" which works flawlessly and connects Orbot with your Firefox-Browser.

And to encrypt/decrypt Emails: Use K 9-Mail togther with APG.

[ha257]

Using DNScrypt will take care of the ISP snooping on your surfing.

No it won't. It will encrypt the DNS requests, but your ISP will still be able to see your connections.

Also, in addition to your ISP, OpenDNS will now be able to know the domain of the web sites you're visiting.

[ha257]

TOR will provide protection against a snoopy ISP. TOR + HTTPS provides end to end encryption AND prevents your ISP from knowing where you are browsing to (HTTPS alone does not prevent the ISP from knowing because of the DNS calls).

Setting up an email account in the darknet will provide you with complete security from your computer to the email server;

You still need to trust the owner of that email server, and that's the big problem here. I certainly would not trust a random anonymous mail server operator to take care of my emails.

you have to access it using TOR. Here is a good entry point to the darknet: http://zqktlwi4fecvo6ri.onion/wiki/index.php/Main_Page

I agree that Tor is a great tool, and I recommend using it. But I really don't think that this link is a good entry point. This website is a wiki collecting links to all kind of scams and other illegal sites.

I should add that talking about "the darknet" is deceiving. There are those *.onion websites which can be accessed through a web browser with Tor support, and provide additional security. But those are all independents, and not all "dark" contrary to what medias like to portray.

[Weatherlawyer]

I don't want to get all into politics but I'm in the US. I think the back doors are in the routers/modems/Wifi/BIOS etc. It seems the corporations have sold us out. In the US they're trying to take our weapons, building up the police force like the military, stock piling ammunition to the tune of 2 billion rounds at last count, and passing laws by executive order bypassing Congress. There is no point in arguing politics because both sides are corrupt. World governments are in on it they don't intend to stop.
http://www.wired.com/threatlevel/2012/03/ff_nsadatacenter/all/

I am interested in this sort of treachery. How are computers viewed "legally" over there?
GCHQ does pretty much what it likes to our communications.
We invented computers as weapons of war but most of us think they have been turned into plough-shares of peace these days.

Your constitution says the the US public have a "right to bear arms" not a "right to bear guns", it is an important "small" technicality. Isn't government interference with your armament contrary to the 2nd amendment, along with the right to speak feely?

A well regulated militia, being necessary to the security of a free state, the right of the people to keep and bear arms, shall not be infringed.

Pity one can't put the genie back in the bottle?

[Weatherlawyer]

Question is, what is your use case and what do you want to achieve actually?

My ISP has full knowledge about my browsing habits. That's really annoying and also some intelligence agencies do mass data collection which equally disturbing.
Even when there is nothing to hide the feeling that someone is looking is unacceptable.
So I guess anonymity is what I am looking for.

I am annoyed as hell that I can no longer do decent web searches because Google has screwed with my browsing habits to tell me what I already know and load adverts for my pleasure. I don't know what fun GCHQ is having at my expense but I wish there was a second search engine to match those plonkers at G-spycentral. Does anyone know what downloading their advertising cookie opt-out plug-in does?
It sounds like more spyware to me.

[doktor5000]

I don't know what fun GCHQ is having at my expense but I wish there was a second search engine to match those plonkers at G-spycentral.

Feel free to try https://duckduckgo.com/ - Mageia will even earn money from that.
http://archives.mageia.org/zarb-ml/mage ... 20085.html

[Weatherlawyer]

I don't know what fun GCHQ is having at my expense but I wish there was a second search engine to match those plonkers at G-spycentral.

Feel free to try https://duckduckgo.com/ - Mageia will even earn money from that.
http://archives.mageia.org/zarb-ml/mage ... 20085.html

Google used to be the best but now they are worse than duckduckgo -which is US centric, having scraped the top off anonymous google search.

I go looking for news about catastrophes around the world and I get directed to US newspapers; which as it happens, are about as good as Chinese ones most likely are. If you are after something out of the mainstream you have to think long and hard about how you are going to find it. In other words you may as well look up the major news sources for every country and plough through them one at a time. I suppose I could build up a list of the ones that I find an English page on.