Slashdot Mirror

← Back to Stories (view on slashdot.org)

Ask Slashdot: Linux Security, In Light of NSA Crypto-Subverting Attacks?

Posted by timothy on from the go-ask-theo-de-raadt dept.

New submitter deepdive writes "I have a basic question: What is the privacy/security health of the Linux kernel (and indeed other FOSS OSes) given all the recent stories about the NSA going in and deliberately subverting various parts of the privacy/security sub-systems? Basically, can one still sleep soundly thinking that the most recent latest/greatest Ubuntu/OpenSUSE/what-have-you distro she/he downloaded is still pretty safe?"

7 of 472 comments (clear)

  1. No. by Anonymous Coward · · Score: 4, Funny

    I think there's even a law for this kind of reply...

  2. Re:Linux and RdRand by Greyfox · · Score: 4, Funny

    Yeah yeah and I'm having to go through the last couple years of E-mails and tell the various paranoid whackos, slightly demented old relatives and that one guy with the tinfoil that they were right and I was wrong. How do you think that makes ME feel?

    --

    I'm trying to teach myself to set people on fire with my mind... Is it hot in here?

  3. Re:AES by greenfruitsalad · · Score: 4, Funny

    if the whole world goes for one cipher, then nsa can concentrate on creating and improving a single ASIC design for breaking it. we should be using hundreds of different algorithms. then they'd have to design hundreds of types of ASICs, build 100x more datacentres, increase taxation in USofA to 10x what it is now, yanks would rebel and overthrow that government and then there would be no more evil NSA. simples

  4. Re:Not much worry with a source build by MaskedSlacker · · Score: 2, Funny

    Or at least, they will have in ten years when the OpenBSD codebase catches up.

  5. Re:AES by TuringCheck · · Score: 5, Funny

    Pick a government. If you trust the Russians use GOST. If you trust the Japanese use CAMILLA.

    Then use all three of them in sequence and hope it would be quite difficult to have them all cooperate to break your encryption.

  6. Re:Not much worry with a source build by pesho · · Score: 4, Funny

    May be they can agree on one backdoor which they can share like big brothers.

  7. Re:Ken Thompson, Anyone? by Etcetera · · Score: 4, Funny

    3 - Get processors from your countries "enemy" Russians dont use Intel processors for their KGB and Government operations. If they did they would be the biggest morons on the planet. Find out what they use and try to source them through the black or grey market channels.

    If your prescription for fixing the issues of low security is to trust the Russian (nee Soviet) Government, I'm pretty sure you're doing it wrong.

    --
    Hire a Linux system administrator, systems engineer,