-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello everybody!
I think, that the linked blog entry of IngnorantGuru is just another conspiration theory. In addition the author really seems to be afraid of being watched by "them". Just read the paragraph in another post (1), starting with "The other event also left an indelible memory." No dates, names or details, just the unproven tale of being contacted by strange people. So I guess that the claim "Debian Is Owned By The NSA" is wrong, also it was a false quote ... Anyway, surveillance agencies surely try to put backdoors into software (open and closed source) and encryption standards (2)(3)(4)(5)(6). In 8/2013 and 1/2014 serious discussions took place on this mailing list, how adversaries could compromise Debian or at least some packages by default (7)(8). To sum up: Yes, they can! To my mind it is not necessary to "own" a whole OS to spy on persons of interest (although it would be very practical :-) ... ). The surveillants just need a possibility to enter the victims server, PC, tablet or smartphone. Professional players have many such options in terms of zero day exploits. They just search themselves or buy them with their huge budget (9). The US officially committed to store 0-days for serious cases (10). /Every/ professional cracker organisation, governmental or criminal, does this! => I am sure that some of the security flaws discussed on this and other lists were known to the Chinese / Russians / Americans / Europeans and exploited before, to enter Debian systems. You can't do much against this. Just think of a Quantum attack with their shadow servers on your browser (11). So don't use connected computers for really important stuff! And don't use browsers outside VMs. I am only a hyprocrite, because I do both things. But have at look at the Chinese official OS Kylin (12). Their computers are surely monitored by the NSA. In 2002 they started with a FreeBSD based system (13) for governmental use. This year they switch to Ubuntu Kylin (14)(15), which bases on Linux+Debian. Now one can surely ask for Guoanbu's standard backdoor in Kylin, by that is another topic :-). *=> To conclude: A country, which is surely monitored by the NSA, runs an Linux/Debian-based operating system.* I think, there can't be a better advertisement! Best regards, and stay wiretapped! Anton 1) http://igurublog.wordpress.com/2014/02/17/biography-of-a-cypherpunk-and-how-cryptography-affects-your-life 2) http://www.aftenposten.no/nyheter/uriks/Sources-We-were-pressured-to-weaken-the-mobile-security-in-the-80s-7413285.html 3) http://www.heise.de/tp/artikel/2/2898/1.html 4) http://mashable.com/2013/09/11/fbi-microsoft-bitlocker-backdoor 5) "Torvalds was also asked if he had ever been approached by the U.S. government to insert a backdoor into Linux. Torvalds responded 'no' while nodding his head 'yes', as the audience broke into spontaneous laughter." http://www.eweek.com/print/developer/linus-torvalds-talks-linux-development-at-linuxcon.html 6) http://securitywatch.pcmag.com/security/319544-what-it-s-like-when-the-fbi-asks-you-to-backdoor-your-software 7) https://lists.debian.org/debian-security/2013/08/msg00000.html 8) https://lists.debian.org/debian-security/2014/01/msg00021.html 9) http://www.forbes.com/sites/andygreenberg/2012/03/21/meet-the-hackers-who-sell-spies-the-tools-to-crack-your-pc-and-get-paid-six-figure-fees 10) http://www.whitehouse.gov/blog/2014/04/28/heartbleed-understanding-when-we-disclose-cyber-vulnerabilities 11) http://www.spiegel.de/fotostrecke/nsa-dokumente-so-uebernimmt-der-geheimdienst-fremde-rechner-fotostrecke-105329.html 12) https://en.wikipedia.org/wiki/Kylin_%28operating_system%29 13) http://web.archive.org/web/20070729215013/http://2006.eurobsdcon.org/talks-wu.php 14) http://www.ubuntukylin.com/index.php?lang=en 15) http://www.zdnet.com/china-switches-on-to-ubuntu-in-hunt-for-windows-xp-successor-7000026355 - -- an.to_n-73 at riseup dot net , PGP: 0B4C DF2C CB22 5DF4 25EA F212 49D1 ABF2 A2A9 7D7D Bitmessage: BM-2cTY8fuXGGXmh3fVgfQMaRCqTpgqp479ux On 19/06/14 04:36, Niklas Lemcke - 林樂寬 wrote: > What's the deal with this? > > http://igurublog.wordpress.com/2014/04/08/julian-assange-debian-is-owned-by-the-nsa -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBAgAGBQJTotarAAoJEEnRq/KiqX19eS8P/RcG3wSMiugu1vFqa6mhPVEL s9M991jXXwUaBxkGEpXh8FYerlQDSU9AvQmEXxxgTjbBVDTB605lRRmP8im+FFy8 NKRrpfxPPHWBl4MFKcFSCqW8dVn+N2KIkZRiFqW1E5ODo5iemgyd7jy5Xh6NVj0J b1zBzYx9dOzvf/yBOo3PGXwZyK3BYkg3OpHvGM9RbcAK39sSDR6qF+0PKZIn62qw ig00yfSSZN3+Ab+P9HsGu0ej/e+yQDv3q/7NB0I7+QoYwj8nA4qqGTSq0HxLSqAK PRXgnErCQvCRFgD2DhPDXsUwnrIAdfymR//MvnuMF29UQ9CwLhy3ug+JK7dkRi1W 8TdlUHUQATff3iCsVghXx/Z2/BVHSy9QaAMq1yPWrPCr7o9XZeHJZIGh9F9X3+Bg rkXso83hSp/eUVFqDsjjnMbjszQslxGqe+fKFm2dVuOaAyrgltKQlDY1b0j5rkfr +QtFUKGop6OfEEZdK8FNrlk0J3VDq8cmLkrmwWbtxaEGS2WXvKm7fAfZHvqNGoVI mr8+nvVjobqtZvlzaoU5LkN3cFF9TSqy1X2CJkz8r3jITZmjlhp0dhFmpOMueYSS NbFuMm1YjxOOggzFfhxR8QfANmcRB4vLXwJsLXiRpJ0t/OmYeJF672VDP+EuYTIX AZRUnLmfZ0ebgxfr+bXb =wmTs -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/53a2d6ad.3020...@riseup.net