I've learned that there are bits of NSA's SELinux in various
places in kernel 2.6. How can I be sure that Big Brother isn't
using back doors or bugs to break into my computer?
Especially with all the illegal spying done these days...
How much safer would it be to just switch back to 2.4 or 2.5?
On Mar 4, 7:19*pm, plenty...@yahoo.com wrote:
> I've learned that there are bits of NSA's SELinux in various
> places in kernel 2.6. *How can I be sure that Big Brother isn't
> using back doors or bugs to break into my computer?
> Especially with all the illegal spying done these days...
> How much safer would it be to just switch back to 2.4 or 2.5?
None, they've been in the kernel since the beginning. They are out to
get you and your family. No one is safe.
In comp.os.linux.advocacy, plenty900@yahoo.com
<plenty900@yahoo.com>
wrote
on Tue, 4 Mar 2008 16:19:16 -0800 (PST)
<0d20143f-558b-4e80-8191-2804cd0b5b81@e23g2000prf.googlegroups.com>:
>
> I've learned that there are bits of NSA's SELinux in various
> places in kernel 2.6. How can I be sure that Big Brother isn't
> using back doors or bugs to break into my computer?
> Especially with all the illegal spying done these days...
> How much safer would it be to just switch back to 2.4 or 2.5?
>
Naaah...just switch to Microsoft Windows Vista. That way you can be
absolutely *sure* that there are bugs allowing malware to break into
your computer....
;-)
As it is...SELinux is not a backdoor intrusion device; it's
a series of implementations of ACLs, as I understand it,
and other such enhancements.
--
#191, ewill3@earthlink.net
Q: "Why is my computer doing that?"
A: "Don't do that and you'll be fine."
Roger Blake wrote:
> In article <0d20143f-558b-4e80-8191-2804cd0b5b81@e23g2000prf.googlegroups.com>, plenty900@yahoo.com wrote:
>> I've learned that there are bits of NSA's SELinux in various
>> places in kernel 2.6. How can I be sure that Big Brother isn't
>> using back doors or bugs to break into my computer?
>
> I have heard that if one wears a tin-foil hat of the correct type in
> conjuction with a microwave oven plus a radio and antenna tuned to the
> proper frequency, this will block the bits that the NSA uses to spy
> on your computer, which they can otherwise do even if it is turned off.
>
> Or, you could just examine the kernel source code, and once satisfied
> that it is clean, build it from source. (But then again, perhaps the NSA
> has compromised the compiler. Oh dear...)
Right, and even if you check the source of the compiler and then compile it
from scratch, you will be in trouble because the compiler you compile it
with could be compromised.
But even if you had a compiler written in assembler, and you assembled it
from scratch, you would not be safe because if they wanted to, perhaps the
NSA could have prevailed on Intel and the other processor manufacturers to
automatically insert trojans in object code.
>
>> Especially with all the illegal spying done these days...
>> How much safer would it be to just switch back to 2.4 or 2.5?
>
> From what I understand a typewriter is safer yet.
>
Perhaps, but only if you do not have a ribbon in the typewriter. If you type
something and mail it, you are surely at risk. I cannot believe that the
government has stopped steaming open letters of people they wish to examine.
I have heard from someone, now deceased, that he wrote that he hoped the
military censors would pass a particular letter. The letter had written on
it "Nonsense: we do not censor mail." I am not sure how true the story is,
but he is someone who really had his telephone tapped (by the FBI, not the NSA).
--
.~. Jean-David Beyer Registered Linux User 85642.
/V\ PGP-Key: 9A2FC99A Registered Machine 241939.
/( )\ Shrewsbury, New Jersey http://counter.li.org
^^-^^ 22:05:01 up 21 days, 4:16, 1 user, load average: 4.22, 4.18, 4.10
On 5 Mar, 00:19, plenty...@yahoo.com wrote:
> I've learned that there are bits of NSA's SELinux in various
> places in kernel 2.6. *How can I be sure that Big Brother isn't
> using back doors or bugs to break into my computer?
> Especially with all the illegal spying done these days...
> How much safer would it be to just switch back to 2.4 or 2.5?
OK, people are making fun of you. Most seriously, the SELinux bits are
open source and recompilable, so there are good chances to review it:
I don't consider it a big risk. No, the big SELinux risk is that lots
of people turn it *off* and don't bother to use it, because it
interferes with all sorts of reasonable tools in unpredictable ways
and the configuration tools for it suck really, really hard. So if
you're in a hurry to get work done, many folks simply turn it off to
eliminate the burden of maintaining it.
This is particularly true with webtools, many of which scatter their
writable directories and utilities all over your file system and
refuse to acknowledge the UNIX File System Hierarchy, much less any
security practices. I once went through conniptions trying to get
Bugzilla working, and rejoiced when it was finally packaged up into a
clean RPM that worked well with SELinux.
If I see one more utility that says "download the latest CVS from here
and just run it iin place on your system!" and the CVS blatantly does
not work, much less have any way of detecting which particular verson
of the software it contains.....
____/ Nico Kadel-Garcia on Wednesday 05 March 2008 07:27 : \____
> On 5 Mar, 00:19, plenty...@yahoo.com wrote:
>> I've learned that there are bits of NSA's SELinux in various
>> places in kernel 2.6. Â*How can I be sure that Big Brother isn't
>> using back doors or bugs to break into my computer?
>> Especially with all the illegal spying done these days...
>> How much safer would it be to just switch back to 2.4 or 2.5?
>
> OK, people are making fun of you. Most seriously, the SELinux bits are
> open source and recompilable, so there are good chances to review it:
> I don't consider it a big risk. No, the big SELinux risk is that lots
> of people turn it *off* and don't bother to use it, because it
> interferes with all sorts of reasonable tools in unpredictable ways
> and the configuration tools for it suck really, really hard. So if
> you're in a hurry to get work done, many folks simply turn it off to
> eliminate the burden of maintaining it.
>
> This is particularly true with webtools, many of which scatter their
> writable directories and utilities all over your file system and
> refuse to acknowledge the UNIX File System Hierarchy, much less any
> security practices. I once went through conniptions trying to get
> Bugzilla working, and rejoiced when it was finally packaged up into a
> clean RPM that worked well with SELinux.
>
> If I see one more utility that says "download the latest CVS from here
> and just run it iin place on your system!" and the CVS blatantly does
> not work, much less have any way of detecting which particular verson
> of the software it contains.....
Nico,
It might be more complicated than this. They are said to have back doors in
*standard protocols* (Linux included) [1,2,3,4] and these are hard to get by
unless you are a security professional (I'm not). What about hardware-based
hacks [5] (in which case "Intel" might be just an abbreviation)? Remember that
they just need to sniff packets and then decrypt successfully in order to gain
remote access.
Those whose role is to deny these things will of course attack the messenger,
but I haven't seen Bruce S getting attacked just yet.
___
[1] Did NSA Put a Secret Backdoor in New Encryption Standard?
,----[ Quote ]
| Which is why you should worry about a new random-number standard that
| includes an algorithm that is slow, badly designed and just might contain a
| backdoor for the National Security Agency.
`----
,----[ Quote ]
| We don't know the truth here, but the article lays out the evidence pretty
| well.
|
| See this essay of mine on how the NSA might have been able to read Iranian
| encrypted traffic.
`----
,----[ Quote ]
| Microsoft has added the random-number generator Dual_EC-DRBG to Windows
| Vista, as part of SP1. Yes, this is the same RNG that could have an NSA
| backdoor.
|
| It's not enabled by default, and my advice is to never enable it. Ever.
`----
[4] Duh! Windows Encryption Hacked Via Random Number Generator
,----[ Quote ]
| GeneralMount Carmel, Haifa – A group of researchers headed by Dr. Benny
| Pinkas from the Department of Computer Science at the University of Haifa
| succeeded in finding a security vulnerability in Microsoft's "Windows 2000"
| operating system. The significance of the loophole: emails, passwords, credit
| card numbers, if they were typed into the computer, and actually all
| correspondence that emanated from a computer using "Windows 2000" is
| susceptible to tracking. "This is not a theoretical discovery. Anyone who
| exploits this security loophole can definitely access this information on
| other computers," remarked Dr. Pinkas.
|
| Editors Note: I believe this "loophole" is part of the Patriot Act, it is
| designed for foreign governments. Seriously, if you care about security,
| privacy, data, trojans, spyware, etc., one does not run Windows, you run
| Linux.
`----
,----[ Quote ]
| Shamir said that if an intelligence organization discovered such a flaw,
| security software on a computer with a compromised chip could be "trivially
| broken with a single chosen message." The attacker would send a "poisoned"
| encrypted message to a protected computer, he wrote. It would then be
| possible to compute the value of the secret key used by the targeted system.
|
| Trouble with Design Secrets
|
| "Millions of PCs can be attacked simultaneously, without having to manipulate
| the operating environment of each one of them individually," Shamir wrote.
`----
Roy S. Schestowitz | Watch your step, that soapbox is very slippery http://Schestowitz.com | GNU/Linux | PGP-Key: 0x74572E8E
Mem: 515500k total, 444876k used, 70624k free, 5120k buffers http://iuron.com - next generation of search paradigms
> I've learned that there are bits of NSA's SELinux in various places
> in kernel 2.6. How can I be sure that Big Brother isn't using back
> doors or bugs to break into my computer? Especially with all the
> illegal spying done these days... How much safer would it be to just
> switch back to 2.4 or 2.5?
Well if you understood what SELinux is, then you wouldn't be asking such
a naive question.
SELinux enforces Mandatory Access Controls as an /additional/ security
measure to the usual authentication and security methods on a typical
GNU/Linux system. It doesn't replace the standard security of
traditional Unix permissions; PAM and iptables, it merely further
defines the specific contexts that control the scope of access for any
given process such that, for example, even root may be denied access to
certain parts of the system, according to the defined policy.
The fact that the implementation of this is entirely transparent, and
the sources for SELinux components are freely available, would suggest
that if the NSA did in fact wish to install "back doors", then surely
someone in the Free Software development community would have noticed.
Note that none of this has anything whatsoever to do with encryption;
there is no random number generation in any part of SELinux. If you're
looking for back doors, then I suggest you read this:
> It might be more complicated than this. They are said to have back doors in
> *standard protocols* (Linux included) [1,2,3,4] and these are hard to get by
> unless you are a security professional (I'm not). What about hardware-based
> hacks [5] (in which case "Intel" might be just an abbreviation)? Remember that
> they just need to sniff packets and then decrypt successfully in order to gain
> remote access.
Finally a mature response. I was beginning to think I was dealing with
11-year-olds.
> I have heard that if one wears a tin-foil hat of the correct type in
> conjuction with a microwave oven plus a radio and antenna tuned to
> the proper frequency, this will block the bits that the NSA uses to
> spy on your computer, which they can otherwise do even if it is
> turned off.
>> It might be more complicated than this. They are said to have back doors in
>> *standard protocols* (Linux included) [1,2,3,4] and these are hard to get by
>> unless you are a security professional (I'm not). What about hardware-based
>> hacks [5] (in which case "Intel" might be just an abbreviation)? Remember that
>> they just need to sniff packets and then decrypt successfully in order to gain
>> remote access.
>
> Finally a mature response. I was beginning to think I was dealing with
> 11-year-olds.
No. Just COLA freaks. And in COLA land Linux is perfect.
> > Well if you understood what SELinux is, then you wouldn't be asking
> > such a naive question.
>
> If you understood what the NSA is, you wouldn't be making such a naive
> response.
Consider that SELinux is fully open source and reviewed at a large
scale. It doesn't contain any questionable parts (like cryptographic
code or esoteric algorithms), which could be hard to reason about.
Please review the source code and decide yourself, whether it's safe to
use SELinux-enabled kernels.
The major downside of SELinux is its complexity. That's why I'd prefer
other packages for ACLs and other security techniques, but not because
of some conspiracy theories.
You could just as well claim that alien technology is being explored at
Area 51. Have you ever been there? No. Unlike Area 51, you can view
the source code of SELinux. That's a major difference.
Of course this doesn't mean that there can't be any NSA backdoors in the
kernel, but if the NSA is smart, they have incorporated the backdoors
elsewhere, not in the SELinux part of the kernel. In that sense,
software with a restricted developer group may be more secure.
plenty900@yahoo.com wrote:
>> It might be more complicated than this. They are said to have back doors in
>> *standard protocols* (Linux included) [1,2,3,4] and these are hard to get by
>> unless you are a security professional (I'm not). What about hardware-based
>> hacks [5] (in which case "Intel" might be just an abbreviation)? Remember that
>> they just need to sniff packets and then decrypt successfully in order to gain
>> remote access.
>
> Finally a mature response. I was beginning to think I was dealing with
> 11-year-olds.
If you don't think the NSA (or anybody else) gets into your computer,
how about this, my experience so far. I used a torrent engine to
download 'Dreamgirls' for my daughter. What I got was a crappy copy and
a nasty e-mail from the MPAA police.
About 30 years ago I got a visit from 2 FBI gorillas in $1,000 suits
knocking on my door (at home, 8:00 P.M.) for a very minor infraction of
FCC regulations, and they gave me a pink ticket and a warning that if I
dot another warning it would be a RED ticket. The RED ticket is one step
from having you license pulled for a year.
If you don't think the FBI monitors your activities just write something
that says "A$$a$$inate p-r-e-s-i-d-e-n-t 'WEED'" in it and wait for the
FBI at your door.
I'm not paranoid, I have been hassled over trivial stuff.
A few years back, like 2004 (I think) I was detained by both DHS and FBI
agents on duty at Beale A.F.B. for riding my bike on a PUBLIC road and
taking a few pictures with me 1.2 M Pixel fixed focus el-cheapo camera.
Even after proving I was born here, 3rd generation, they held me for a
local Sheriff to pick me up and take me straight home with the bike
loosely in his trunk.
They do it because they can.
Bill Baka
On 2008-03-05, Roy Schestowitz <newsgroups@schestowitz.com> wrote:
>
> It might be more complicated than this. They are said to have back doors in
> *standard protocols* (Linux included) [1,2,3,4] and these are hard to get by
Linux is not a protocol, standard or otherwise.
--
Christopher Mattern
NOTICE
Thank you for noticing this new notice
Your noticing it has been noted
And will be reported to the authorities
On 2008-03-05, plenty900@yahoo.com <plenty900@yahoo.com> wrote:
>
>> Well if you understood what SELinux is, then you wouldn't be asking such
>> a naive question.
>
> If you understood what the NSA is, you wouldn't be making such a
> naive response.
>
Because the NSA are super-spies! They totally own SELinux! And SSL!
And your refrigerator!
--
Christopher Mattern
NOTICE
Thank you for noticing this new notice
Your noticing it has been noted
And will be reported to the authorities
> plenty900@yahoo.com wrote:
>>> It might be more complicated than this. They are said to have back doors in
>>> *standard protocols* (Linux included) [1,2,3,4] and these are hard to get by
>>> unless you are a security professional (I'm not). What about hardware-based
>>> hacks [5] (in which case "Intel" might be just an abbreviation)? Remember that
>>> they just need to sniff packets and then decrypt successfully in order to gain
>>> remote access.
>> Finally a mature response. I was beginning to think I was dealing with
>> 11-year-olds.
>
> If you don't think the NSA (or anybody else) gets into your computer,
> how about this, my experience so far. I used a torrent engine to
> download 'Dreamgirls' for my daughter. What I got was a crappy copy and
> a nasty e-mail from the MPAA police.
And this requires access to your computer about how far?
> About 30 years ago I got a visit from 2 FBI gorillas in $1,000 suits
> knocking on my door (at home, 8:00 P.M.) for a very minor infraction of
> FCC regulations,
And this requires access to your computer about how far?
> A few years back, like 2004 (I think) I was detained by both DHS and FBI
> agents on duty at Beale A.F.B. for riding my bike on a PUBLIC road and
> taking a few pictures with me 1.2 M Pixel fixed focus el-cheapo camera.
> Even after proving I was born here, 3rd generation, they held me for a
> local Sheriff to pick me up and take me straight home with the bike
> loosely in his trunk.
And this requires access to your computer about how far?
>> It might be more complicated than this. They are said to have back doors in
>> *standard protocols* (Linux included) [1,2,3,4] and these are hard to get by
>> unless you are a security professional (I'm not). What about hardware-based
>> hacks [5] (in which case "Intel" might be just an abbreviation)? Remember that
>> they just need to sniff packets and then decrypt successfully in order to gain
>> remote access.
>
> Finally a mature response. I was beginning to think I was dealing with
> 11-year-olds.
You are dealing with the Linux advocate loons of comp.os.linux.advocacy.
What they lack in brains, they make up for in stupidity.
--
Moshe Goldfarb
Collector of soaps from around the globe.
Please visit The Hall of Linux Idiots: http://linuxidiots.blogspot.com/
On Wed, 05 Mar 2008 15:54:19 GMT, Bill Baka wrote:
> plenty900@yahoo.com wrote:
>>> It might be more complicated than this. They are said to have back doors in
>>> *standard protocols* (Linux included) [1,2,3,4] and these are hard to get by
>>> unless you are a security professional (I'm not). What about hardware-based
>>> hacks [5] (in which case "Intel" might be just an abbreviation)? Remember that
>>> they just need to sniff packets and then decrypt successfully in order to gain
>>> remote access.
>>
>> Finally a mature response. I was beginning to think I was dealing with
>> 11-year-olds.
>
> If you don't think the NSA (or anybody else) gets into your computer,
> how about this, my experience so far. I used a torrent engine to
> download 'Dreamgirls' for my daughter. What I got was a crappy copy and
> a nasty e-mail from the MPAA police.
Maybe you should have considered paying for it?
> About 30 years ago I got a visit from 2 FBI gorillas in $1,000 suits
> knocking on my door (at home, 8:00 P.M.) for a very minor infraction of
> FCC regulations, and they gave me a pink ticket and a warning that if I
> dot another warning it would be a RED ticket. The RED ticket is one step
> from having you license pulled for a year.
FBI agents don't make enough money to afford $1,000 suits.
Perhaps you meant $100.00 suits?
Sounds like you are an Amateur Radio operator who was violating FCC
regulations.
Maybe more than 100 percent modulation or something like that.
Rex Ballard is this you?
Rex is a HAM as well.
> If you don't think the FBI monitors your activities just write something
> that says "A$$a$$inate p-r-e-s-i-d-e-n-t 'WEED'" in it and wait for the
> FBI at your door.
> I'm not paranoid, I have been hassled over trivial stuff.
> A few years back, like 2004 (I think) I was detained by both DHS and FBI
> agents on duty at Beale A.F.B. for riding my bike on a PUBLIC road and
> taking a few pictures with me 1.2 M Pixel fixed focus el-cheapo camera.
I guess you were too young to read the signs that are invariably around
places like AFB, Nuke facilities and more recently since 9-11 bridges,
tunnels, skyscrapers etc that say "Photography Prohibited".
> Even after proving I was born here, 3rd generation, they held me for a
> local Sheriff to pick me up and take me straight home with the bike
> loosely in his trunk.
> They do it because they can.
> Bill Baka
Yea they can and they will, but you can avoid it by being honest.
It's like the loons that trespass at Area 51 and ignore the signs that
prohibit trespassing.
When the goons come for them they cry like you are doing.
--
Moshe Goldfarb
Collector of soaps from around the globe.
Please visit The Hall of Linux Idiots: http://linuxidiots.blogspot.com/
On Wed, 05 Mar 2008 16:30:30 -0000, Chris Mattern wrote:
> On 2008-03-05, Roy Schestowitz <newsgroups@schestowitz.com> wrote:
>>
>> It might be more complicated than this. They are said to have back doors in
>> *standard protocols* (Linux included) [1,2,3,4] and these are hard to get by
>
> Linux is not a protocol, standard or otherwise.
To a Linux advocacy loon:
A. Linux is the kernel.
B. Except when Linux is not the kernel.
Pick either A or B depending upon what argument you are involved in and
which one suits your POV at the moment.
--
Moshe Goldfarb
Collector of soaps from around the globe.
Please visit The Hall of Linux Idiots: http://linuxidiots.blogspot.com/
Sebastian G. wrote:
> Bill Baka wrote:
>>
>> If you don't think the NSA (or anybody else) gets into your computer,
>> how about this, my experience so far. I used a torrent engine to
>> download 'Dreamgirls' for my daughter. What I got was a crappy copy
>> and a nasty e-mail from the MPAA police.
>
>
> And this requires access to your computer about how far?
Government warning, that's all.
>
>> About 30 years ago I got a visit from 2 FBI gorillas in $1,000 suits
>> knocking on my door (at home, 8:00 P.M.) for a very minor infraction
>> of FCC regulations,
>
>
> And this requires access to your computer about how far?
Government warning, that's all.
>
>> A few years back, like 2004 (I think) I was detained by both DHS and
>> FBI agents on duty at Beale A.F.B. for riding my bike on a PUBLIC road
>> and taking a few pictures with me 1.2 M Pixel fixed focus el-cheapo
>> camera.
>> Even after proving I was born here, 3rd generation, they held me for a
>> local Sheriff to pick me up and take me straight home with the bike
>> loosely in his trunk.
>
>
> And this requires access to your computer about how far?
Government warning, that's all.
>
>> They do it because they can.
>
> They don't do it because they can't.
Do you ever get out??
Just because you personally haven't gotten harassed by the government
doesn't mean they aren't watching you.
Be paranoid.
1984 is coming true, just a little later than Orwell expected.
Bill Baka
> plenty900@yahoo.com wrote:
>>> It might be more complicated than this. They are said to have back doors in
>>> *standard protocols* (Linux included) [1,2,3,4] and these are hard to get by
>>> unless you are a security professional (I'm not). What about hardware-based
>>> hacks [5] (in which case "Intel" might be just an abbreviation)? Remember that
>>> they just need to sniff packets and then decrypt successfully in order to gain
>>> remote access.
>>
>> Finally a mature response. I was beginning to think I was dealing with
>> 11-year-olds.
>
> If you don't think the NSA (or anybody else) gets into your computer,
> how about this, my experience so far. I used a torrent engine to
> download 'Dreamgirls' for my daughter. What I got was a crappy copy
> and a nasty e-mail from the MPAA police.
Whats has that got to do with you computer?
> About 30 years ago I got a visit from 2 FBI gorillas in $1,000 suits
> knocking on my door (at home, 8:00 P.M.) for a very minor infraction
> of FCC regulations, and they gave me a pink ticket and a warning that
> if I dot another warning it would be a RED ticket. The RED ticket is
> one step from having you license pulled for a year.
As Homer would says : "Dooweee. Dooweee. Dooweee."
> If you don't think the FBI monitors your activities just write
> something that says "A$$a$$inate p-r-e-s-i-d-e-n-t 'WEED'" in it and
> wait for the FBI at your door.
> I'm not paranoid, I have been hassled over trivial stuff.
Moshe Goldfarb wrote:
> On Wed, 05 Mar 2008 15:54:19 GMT, Bill Baka wrote:
>
>> plenty900@yahoo.com wrote:
>>>> It might be more complicated than this. They are said to have back doors in
>>>> *standard protocols* (Linux included) [1,2,3,4] and these are hard to get by
>>>> unless you are a security professional (I'm not). What about hardware-based
>>>> hacks [5] (in which case "Intel" might be just an abbreviation)? Remember that
>>>> they just need to sniff packets and then decrypt successfully in order to gain
>>>> remote access.
>>> Finally a mature response. I was beginning to think I was dealing with
>>> 11-year-olds.
>> If you don't think the NSA (or anybody else) gets into your computer,
>> how about this, my experience so far. I used a torrent engine to
>> download 'Dreamgirls' for my daughter. What I got was a crappy copy and
>> a nasty e-mail from the MPAA police.
>
> Maybe you should have considered paying for it?
Idiot. Then I would have bought a junk movie.
>
>> About 30 years ago I got a visit from 2 FBI gorillas in $1,000 suits
>> knocking on my door (at home, 8:00 P.M.) for a very minor infraction of
>> FCC regulations, and they gave me a pink ticket and a warning that if I
>> dot another warning it would be a RED ticket. The RED ticket is one step
>> from having you license pulled for a year.
>
> FBI agents don't make enough money to afford $1,000 suits.
> Perhaps you meant $100.00 suits?
More like $1,000 suits when they go calling on people.
>
> Sounds like you are an Amateur Radio operator who was violating FCC
> regulations.
> Maybe more than 100 percent modulation or something like that.
>
> Rex Ballard is this you?
> Rex is a HAM as well.
And you are an idiot. I am not a HAM operator and never have been.
The license was for a first class radiotelephone engineer with shipboard
radar endorsement. That was required for me to work on transmitters.
>
>
>> If you don't think the FBI monitors your activities just write something
>> that says "A$$a$$inate p-r-e-s-i-d-e-n-t 'WEED'" in it and wait for the
>> FBI at your door.
>> I'm not paranoid, I have been hassled over trivial stuff.
>> A few years back, like 2004 (I think) I was detained by both DHS and FBI
>> agents on duty at Beale A.F.B. for riding my bike on a PUBLIC road and
>> taking a few pictures with me 1.2 M Pixel fixed focus el-cheapo camera.
>
> I guess you were too young to read the signs that are invariably around
> places like AFB, Nuke facilities and more recently since 9-11 bridges,
> tunnels, skyscrapers etc that say "Photography Prohibited".
59 is too young? I have time to read ALL signs at bicycle speed and
there were none since I was at a back entrance and they only keep
private planes and a few A-10 Warthogs and some KC-135's.
>
>
>> Even after proving I was born here, 3rd generation, they held me for a
>> local Sheriff to pick me up and take me straight home with the bike
>> loosely in his trunk.
>> They do it because they can.
>> Bill Baka
>
> Yea they can and they will, but you can avoid it by being honest.
> It's like the loons that trespass at Area 51 and ignore the signs that
> prohibit trespassing.
> When the goons come for them they cry like you are doing.
>
The 'goons' have harassed me enough to prove that it is really 'because
they can', from personal experience. I rode to the end of a gate road
that had been 'dead ended' by a chain link fence and 2 guys, 1 DHS and
the other CIA pulled up and asked me what I was doing there. I reminded
them that I was riding a friggin' bicycle and I was taking a refreshment
break, on MY side of the fence, and they finally went away.
It's real, even if you haven't been on the receiving end.
Bill Baka
>>> They do it because they can.
>> They don't do it because they can't.
>
> Do you ever get out??
> Just because you personally haven't gotten harassed by the government
> doesn't mean they aren't watching you.
No. You were claiming that they're accessing people's computers at the time,
by an included backdoor. And that's obviously nonsense.
____/ Chris Mattern on Wednesday 05 March 2008 16:30 : \____
> On 2008-03-05, Roy Schestowitz <newsgroups@schestowitz.com> wrote:
>>
>> It might be more complicated than this. They are said to have back doors in
>> *standard protocols* (Linux included) [1,2,3,4] and these are hard to get by
>
> Linux is not a protocol, standard or otherwise.
A kernel does not make an operating platform complete, either. The question
about 2.4 fallback is irrelevant here, but the argument still stands.
--
~~ Best of wishes
Roy S. Schestowitz http://Schestowitz.com | Free as in Free Beer | PGP-Key: 0x74572E8E
Cpu(s): 26.0%us, 4.0%sy, 1.0%ni, 64.4%id, 4.1%wa, 0.3%hi, 0.1%si, 0.0%st http://iuron.com - semantic engine to gather information
In comp.os.linux.advocacy, Chris Mattern
<syscjm@sumire.gwu.edu>
wrote
on Wed, 05 Mar 2008 16:30:30 -0000
<slrnfstil6.ga2.syscjm@sumire.gwu.edu>:
> On 2008-03-05, Roy Schestowitz <newsgroups@schestowitz.com> wrote:
>>
>> It might be more complicated than this. They are said to have back doors in
>> *standard protocols* (Linux included) [1,2,3,4] and these are hard to get by
>
> Linux is not a protocol, standard or otherwise.
>
Linux does have a protocol -- an implied one.
Communications with the Linux kernel are done using a
callgate/trap mechanism; the mechanisms vary between
processors but Linux is clearly creating a protocol, at
least at the call/return level. For example, to open a
file one has to go through the callgate with the parameters
of filename, open mode, and creation mode. (Most app
developers use higher levels which eventually go through
libc's open() call.)
Depending on the callgate mechanism parameters are in
the registers or on the stack, and additional parameters
may be needed either in registers or on the stack; for
example, in Linux/x86 one has to pass a call identifier
(__NR_open, or the constant 5; these are defined in
/usr/src/linux/asm-i386/unistd.h and correlate with a
dispatch table deep in the kernel) in %EAX. The actual
callgate is INT 80H (or int $0x80 in gas syntax).
There are some issues in binary compatibility which I'd
have to look up but at one point Linux was able to run
old SCO Unix binaries.
Parts of this protocol have been standardized, at
the libc level; for example, POSIX.1-2001 specifies
what open() shall be required to do.
X also has a protocol; one big difference between Linux
and X is that X goes a little deeper, specifying the
actual packets. Since the Linux callgate doesn't bother
with packets to do the actual call, no one's gone to that
detail, although in the case of Linux one can specify
packets of variable size (because of pointers), if need be.
It is far from clear how one would infiltrate the Linux
protocol, though an alternate entrance is available,
namely network packet processing. At this point (AFAIK)
the only leveraging (FSVO) was to crash a running kernel
using the teardrop attack.
This Linux protocol can and has been leveraged; the most
obvious application was UML, which could be construed as
"a linux executable emulating a linux system running a
linux kernel". (QEMU and VmWare run at a lower level,
as I understand it. Note that UML also means "universal
modeling language", which can get a bit confusing.)
--
#191, ewill3@earthlink.net
Linux. Because it's there and it works.
Windows. It's there, but does it work?
In comp.os.linux.advocacy, Moshe Goldfarb
<brick.n.straw@gmail.com>
wrote
on Wed, 5 Mar 2008 12:23:04 -0500
<1gadm4bnqljf$.g9qeuh3pyebn.dlg@40tude.net>:
> On Wed, 05 Mar 2008 16:30:30 -0000, Chris Mattern wrote:
>
>> On 2008-03-05, Roy Schestowitz <newsgroups@schestowitz.com> wrote:
>>>
>>> It might be more complicated than this. They are said to have
>>> back doors in *standard protocols* (Linux included) [1,2,3,4]
>>> and these are hard to get by
>>
>> Linux is not a protocol, standard or otherwise.
>
> To a Linux advocacy loon:
>
> A. Linux is the kernel.
> B. Except when Linux is not the kernel.
>
> Pick either A or B depending upon what argument you are involved in and
> which one suits your POV at the moment.
>
Linux is an entire generic distro system in most posts
here. Depending on the context one might specify which
distro, especially when one finds bugs; however, most
packages are available for the distros in some form,
and bugs in those packages are therefore bugs in Linux.
For example, almost all distros have Open Office, and
the bugs in Open Office are therefore part of Linux.
To a purist (such as myself), this logic verges on
the bizarre, but it does make sense; it is not the
responsibility of the *user* to pin it down further than
"Linux is broken", but the responsibility of the packager
and possibly the system administrator. After all, the
user doesn't see Gnome, Nautilus, xterm, oowriter, or gpdf;
he sees a system display which he clicks on. Pick a menu,
do something, oops it's broken, report it to IT.
(Unless the user *IS* IT -- as in the home user, in which
case, he either looks up the relevant symptoms using Google
or carts the broken unit to a fix-it guy who can hopefully
make the magic box work again.)
The Linux distros have many doors, depending on what
daemons are installed. For example, Apache opens port 80
by default; Tomcat and/or JBoss opens ports 8080, 8009,
and 1099; NFS uses port 2049; a DNS-capable server opens
port 53. All of these use well-established protocols.
(Not that it matters; network address translation (NAT)
blocks all incoming packets unless one specifically opens
a port through the router, therefore making Windows'
relative openness far less of an issue than it used to be.)
Fortunately, the system administrator is in general control
of which ports Linux opens -- if he's knowledgeable enough.
Unfortunately, Windows appears simpler, as Windows has
more advanced GUI underpinnings. (They've had more time
to work on configuration applets.)
In comp.os.linux.advocacy, Sebastian G.
<seppi@seppig.de>
wrote
on Wed, 05 Mar 2008 18:46:40 +0100
<6384laF26l55mU1@mid.dfncis.de>:
> Bill Baka wrote:
>
>
>>>> They do it because they can.
>>> They don't do it because they can't.
>>
>> Do you ever get out??
>> Just because you personally haven't gotten harassed by the government
>> doesn't mean they aren't watching you.
>
>
> No. You were claiming that they're accessing people's computers
> at the time, by an included backdoor. And that's obviously nonsense.
Not as obvious as one might think. I'd have to look to
see how BitTorrent works but my understanding is that a
daemon uses surplus bandwidth, for example.
Does kernel 2.6 include an NSA backdoor? 
Linear Mode
