Ubuntu Founder Pledges No Back Doors In Linux

Mark Shuttleworth, founder of Canonical and Ubuntu Foundation, gave an interview to eWeek this week ahead of Ubuntu Online Summit (UOS). In the wide-ranging interview, Shuttleworth teased some features that we could expect in Ubuntu 16.10, and also talked about security and privacy. From the report: One thing that Ubuntu Linux users will also continue to rely on is the strong principled stance that Shuttleworth has on encryption. With the rapid growth of the Linux Foundation's Let's Encrypt free Secure Sockets Layer/Transport Layer Security (SSL/TLS) certificate platform this year, Shuttleworth noted that it's a good idea to consider how that might work in an integrated way with Ubuntu. Overall, he said, the move to encryption as a universal expectation is really important. "We don't do encryption to hide things; we do encryption so we can choose what to share," Shuttleworth said. "That's a profound choice we should all be able to make." Shuttleworth emphasized that on the encryption debate, Canonical and Ubuntu are crystal clear. "We will never backdoor Ubuntu; we will never weaken encryption," he said.

That must mean...

That must mean the front door is wide open.

Re:That must mean...

My thoughts exactly... but honestly what isn't ridden with holes already? From certificate authorities, to Crypto AG to OpenSSL (to firmware?) it's only a matter of time.

As long as crypto is being driven ($$$) by governments and corporations the only ones with propper security will be the ones with the skills for it. Information is power.

This is just more of the Shuttleworth kool-aid.

Re: That must mean...

This is from the guy who didn't even try to hide the amazon spyware or Ubuntu appstore

Re: That must mean...

It's got systemd to keep the front door open all day long.

Re: That must mean...

[gfxguy]

Exactly...he didn't try to hide it, and it's easy enough to disable. Yes, I know these kinds of things should be opt-in, but the difference between Ubuntu and, for example, Windows, is your getting a polished OS at zero financial cost to you - and to add insult to injury, in after paying for Windows it's nearly impossible to stop all the spying on you (especially for an average to newer user)... And I say that as someone who actually likes Windows 10, too.

No, the problem with CEOs and Presidents making claims like "no back doors" is that he can't control every employee, and while an employee might suffer the repercussions of an indiscretion like leaving a back-door in a program, so does the CEO and the company.

Re: That must mean...

This.

Why bother saying anything with the house unlocked?

Re: That must mean...

Ultimately, I can configure the Linux kernel to block all outgoing traffic except to a proxy server, and only the web browser would use that, so any other programs on the machine will not be able to phone home. Windows, who knows what is phoning home, and where. The only way I can ensure a Windows box isn't yapping to unknown people is to place it on its own subnet/VLAN and use a proxy server for applications like Firefox that have a separate credential/proxy storage.

Re: That must mean...

It means no gays in Linux

Re: That must mean...

[LichtSpektren]

It's got systemd to keep the front door open all day long.

Since you're so confident that there's a backdoor in systemd, perhaps you could help us millions of plebs on it and show us for our own safety?

Re: That must mean...

Did you mean firewall instead of kernel? I've never heard a consumer modify or want to modify the kernel to do that.

Also, no, that isn't the only way to limit or see Windows traffic.

What?!

Is this like the WMDs in Iraq??!

Re:What?!

You mean the 400 Borak rockets filled with pure Sarin gas, or the 550 metric tons of yellowcake ?
http://dailyheadlines.net/archives/25993

Re:What?!

You mean the 400 Borak rockets filled with pure Sarin gas, or the 550 metric tons of yellowcake ?
http://dailyheadlines.net/archives/25993

Except that article is a full of shit as war criminals Bush and Cheney were.

If your country is being invaded by the most powerful military in the work and you have WMDs, you fucking use them you ignorant shill. Just like he didn't hesitate to use them back in the 80s when he had them and he was our ally, being invaded by Iran.

Re:What?!

He was probably deluded, and hoped that we would do much as we had done before. Go in and stop short of regime change. He knew that if he used WMDs on US forces there would be no chance of him being left in power.

As you said, we were the most powerful military in the world, WMDs would not have defeated us, just pissed us off. You only raise the stakes when you think you will win.

Re:What?!

Old news, those nerve gas rockets were supplied by Western corporations during Iraq's war with Iran under the auspices of the US gov.
They had been decommissioned and buried in ammo dumps long before GW Bush made charges that there were ACTIVE WMD programs in Iraq.

Similarly, there may have been tons of Yellowcake around, but this had been identified by UN inspectors decades earlier, the same inspectors who saw to the shut down of all Iraqi processing facilities.
http://www.snopes.com/politics/war/yellowcake.asp

Read up and stop pushing your bullsnot, nobody is buying your revisionist history

Re:What?!

Everybody condemning the second Iraq war think the only reason the war happened was because the US thought Iraq had or was developing WMD's. They tend to ignore all the other reasons which led to the second war. The strongest reason for the second war was the fact that Iraq violated the terms of the cease fire agreement ending the first war. If terms for cessation of hostilities are offered, accepted, and then violated you need to enforce those terms. And Saddam wanted the world to believe he had WMD's to keep their regional enemies from exploiting his weakness. He wanted the US to believe the same thing to plant doubt and forestall any US invasion. He invaded Kuwait because he thought he could get away with it without any serious consequences. Then he doubled down thinking there was no way in hell the US or anyone else would re-invade. The first Iraq war had almost the entire world facing in the same direction for once. Had all the countries who supported the first war held their ground there would have been no second war. Instead many of those countries ignored Saddam's actions while also corrupting the oil for food program.

Yeah, right

Shuttleworth is like any other citizen: a visit from the polite but scary government people will make him see the light.

Re:Yeah, right

[KGIII]

The headline is misleading and contradicts what the summary says. Mark has no such authority nor say. He's got no control over Linux. He uses the Linux kernel in Ubuntu and, rightfully, he spoke specifically about Ubuntu.

The Ubuntu founder did not say what the headline claims. I was really kind of curious as to why he'd say such a thing and then I realized the summary actually told the truth. That's disappointing Slashdot. Disappointing indeed. Then again, I haven't checked to see if the submitter was the one to insinuate that - they may also share culpability.

I was kind of annoyed until I read the summary (then I was annoyed for other reasons). I mean, hell, I'm a pretty happy Lubuntu user and even I know that Mark's authority and control ends with Ubuntu. I also know that Ubuntu hasn't the manpower nor the expertise to review every line of code. It seemed a rather bizarre claim for him to have made. Fortunately, he said no such thing. He's said some odd things before but nothing like that. The latest oddity was the mention of the name for the next version of Ubuntu. Yakity (x8) yak. Of course.

Re:Yeah, right

[LichtSpektren]

He can easily claim his company hasn't added backdoors, because they have already been added by others. Namely, systemd is the centralized backdoor.

Show me the backdoor in systemd.

Re: Yeah, right

Dave,

My thoughts exactly. My first thought was Ubuntu != Linux.

If Linus wanted to backdoor the kernel tomorrow there is nothing mark could say or do about it.

You were the first the clear it up Dave, thanks.

Re:Yeah, right

Why would I do that? I enjoy owning the shit out of you.

Re: Yeah, right

Gross. Leave other people's shit in the toilet.

Eww, eww, eww. Weirdo.

Not For Him to Promise

[EmagGeek]

Since Mark Shuttleworth is not in charge of Linux, I don't see how he can make this pledge.

Re:Not For Him to Promise

What he's saying is that he will not willingly or knowingly allow or permit anything to be included in the userland, tool chains, and libraries that make Ubuntu what it is. The kernel is still open source and "given enough eyeballs, all bugs are shallow" (ESR). Anyone can take a look at the kernel sources given the skill and time. I agree with Mark. While Canonical does contribute to the kernel, as do Red Hat and others, FLOSS needs to ensure it's own playground is clean.

Re:Not For Him to Promise

[aethelrick]

Nobody made any promises regarding Linux. As per the quote in the summary...

Canonical and Ubuntu are crystal clear. "We will never backdoor Ubuntu; we will never weaken encryption," he said.

Re:Not For Him to Promise

[KGIII]

Err... Have you read the title? Unless they changed it - the title clearly states that such a pledge was made.

"Ubuntu Founder Pledges No Back Doors in Linux"

The summary contracts the title. Shuttleworth hasn't the authority to make any such claim about Linux. He can, of course, make such claims about Ubuntu. Linux is not Ubuntu. The title is really quite erroneous and it might even be intentionally so.

Re:Not For Him to Promise

[chipschap]

The kernel is still open source and "given enough eyeballs, all bugs are shallow" (ESR). Anyone can take a look at the kernel sources given the skill and time.

It's been said as a counterargument that the source is massive and complex and beyond the capability of most people to sift through. And while that's true, the point is that it is open, and it only takes one person to find a backdoor or other such issue. Backdoors would eventually and inevitably be found and exposed. That is not at all the case with closed proprietary systems.

Re:Not For Him to Promise

He's just saying that he won't personally place a back door in Linux... paid employees on the other hand....

Re:Not For Him to Promise

"Nobody made any promises regarding Linux."

Did you happen to read the article title?

Well Duh Shuttleworth

[CajunArson]

Considering Ubuntu basically contributes little or nothing to the underpinnings of Linux, it's pretty easy to say they won't throw in a backdoor.

In a related story, I hereby heroically pledge to add no backdoors to... lessee here... iOS. Yes, iOS! GIVE ME A COOKIE!

Re:Well Duh Shuttleworth

[MBGMorden]

Did you even read the summary?

His quote was:

"We will never backdoor Ubuntu; we will never weaken encryption,"

He never made any promises about Linux as a whole. Equating Ubuntu to Linux as a whole was a mistake of the editors here - not Shuttleworth.

Re:Well Duh Shuttleworth

Did you even read the summary?

Did you even read the headline? "Ubuntu Founder Pledges No Back Doors In Linux".

Welcome to the new Slashdot.

Re:Well Duh Shuttleworth

[CajunArson]

Whoppee doo. He just said that Ubuntu won't mess with any of the Debian packages that they rebrand.

So what, it's the same thing.

Now, a real pledge would be that Ubuntu would actively audit security-critical packages from upstream providers to prevent disasters like the real-life backdoor that Debian added to OpenSSL when they screwed up the PRNG: https://freedom-to-tinker.com/...

Was it evil NSA conspiracy? No, but it was a real backdoor added to an open source project!

Re:Well Duh Shuttleworth

[wonkey_monkey]

Did you even read the summary?

Did you even read the headline?

Did you even read the comment? GP acknowledged the error and blamed Slashdot already.

Re:Well Duh Shuttleworth

[chipschap]

Was it evil NSA conspiracy? No, but it was a real backdoor added to an open source project!

Which was duly found and exposed, which is the point with open source. I certainly won't claim that no one will ever try something shady. What I do claim is that it will inevitably be brought to light. Can you say that about closed proprietary systems?

Canonical should make an official statement

[LichtSpektren]

Nothing drives me further from Microsoft and Blackberry than their CEOs being wishy-washy about if your device is secure, even against "lawful interception" or whatever the gentle euphemism for backdoor is these days. But my only qualm here is that Mark Shuttleworth isn't currently the CEO of Canonical, perhaps the company itself should make a strong statement to this effect?

Re:Canonical should make an official statement

Agreed. When Linus was directly confronted about whether he has been approached about backdoors in Linux, he said no, but while nodding his head. What a trustworthy guy!

Are you familiar with the concept of national security letters
Saying yes is the kind of action that makes you end up in a secret court where you aren't allowed to disclose any information to your lawyer.
By saying no while nodding he has given us the information we need without breaking the gag-order.

Re:Canonical should make an official statement

[mushroom+blue]

His father (EU Member of Parliament Nils Torvalds) put his son's actions (saying no, while nodding yes) on the record in EU parliament shortly afterwards. His father believes he's been approached.

Re:Canonical should make an official statement

[oakgrove]

Agreed. When Linus was directly confronted about whether he has been approached about backdoors in Linux, he said no, but while nodding his head. What a trustworthy guy!

Are you familiar with the concept of national security letters
Saying yes is the kind of action that makes you end up in a secret court where you aren't allowed to disclose any information to your lawyer.
By saying no while nodding he has given us the information we need without breaking the gag-order.

This should be modded +10 informative.

but that was the whole point.

[nimbius]

the whole point of Linux was that you didnt have to make any fucking pledges. Linux is about choice and freedom, something that after your UI fiat to developers and branding ecosystem pitch im sure you know nothing about. Further, the nature of open source code itself discourages the kinds of back-doors and underhanded application programming that most Linux users are familiar with in proprietary closed source operating systems. operating systems that are beginning to seem a lot like Ubuntu.

"We don't do encryption to hide things; we do encryption so we can choose what to share"

As a greybeard, Fuck your cloud and the sharing economy it rolled in on. When i choose what to share, I make it explicitly publically available in a format that may, or may not be encrypted. when you recontext my privacy in terms of what im willing to "share" with people it debases the very real need for encryption to circumvent things like warrantless wiretaps, blanket government surveillance, and invasive advertising. stop treating me like a toddler for using cryptography.

"We will never backdoor Ubuntu; we will never weaken encryption"

maybe you will, maybe you wont, but again, the point of linux is that I dont need a 60 million dollar corporation to reassure me about privacy. if you do it --like you screwed developers with contributor agreements and the UI-- ill just switch to a different distro or ill fork yours.

Re:but that was the whole point.

[wonkey_monkey]

the whole point of Linux was that you didnt have to make any fucking pledges

Bad headline. Shuttleworth was talking about Ubuntu, not Linux.

Re:but that was the whole point.

Further, the nature of open source code itself discourages the kinds of back-doors and underhanded application programming that most Linux users are familiar with in proprietary closed source operating systems.

I know you like to think that, but it's false.

The nature of open source code is advertised as preventing intentional back doors and vulnerabilities, but code review and organized testing are so rare that it makes no bloody difference. All these applicants are submitted as code, see how many you can parse as vulnerabilities without checking the cheat sheets.

Re:but that was the whole point.

[jellomizer]

So you have the time and resources to run a full source code audit on the OS. (You might as well build from source all those components, just in case the source code that you review isn't the same what is in the binary.)

The problem is we need Government and Corporations to do work that we don't have the resources to do yourself, now the problem is how can we trust them? Because I really don't want to spend 18 hours a day maintaining my personal infrastructure just to survive. I much rather focus on what I am good at and offer these services to others, where in turn I get different services in return. But perhaps the people I am helping out cannot fully supply everything that I need for my survival. So let's use commonly recognized notes which I can exchange with others to help manage.

So I would need a corporation to reassure me about privacy, I will also need a government to reassure me about the corporation's evaluation. Because I don't have the time and resources to do it myself.

Re:but that was the whole point.

[KGIII]

This is more a reminder than a personal question but I'm going to phrase it as a question - albeit a rhetorical one.

When was the last time you returned some of those resources to the people you're relying on - such as donating to the various projects who write the source you use or maintain the distro that you use?

Re:but that was the whole point.

[Dutch+Gun]

It's not so much about doing the work of auditing all the source yourself. It's about the source being open so as to prevent someone from slipping in a backdoor in the first place, and trusting that at least one person among the many millions who care about this would spot it and let everyone else know.

I'm not rabidly anti-corporation or anti-government, but you have to understand that at their cores, neither of those entities has a vested interested in allowing you to maintain your privacy. Corporations are concerned about profit, while governments are concerned about control. There's nothing inherently wrong with that. It's just what they do. We can deal with them and make use of them, so long as we understand the nature of the beasts.

Apple only cares about your privacy because they want to maintain your loyalty as a customer. That's the positive side of economics - when powerful entities side with your interests because they have a strong motivation to do so. But it's important to remember that it can also be turned against you - there are also economic advantages for exploiting your personal data. And keep in mind Apple who was fighting against in order for you to maintain your privacy.

I'm not arguing that we would be better off living in a world without corporations or governments - that's clearly not the case. But it's important not to blindly put your faith in them either or offload responsibilities for your own well-being. No one will care about your own well-being as much as you do.

Re:but that was the whole point.

[Kjella]

the whole point of Linux was that you didnt have to make any fucking pledges. (...) Further, the nature of open source code itself discourages the kinds of back-doors

You know that and I know that and Mark Shuttleworth knows it too. And I don't think he was ever considering adding one. The pledge is just a PR grab and he can even top it off with saying everyone's welcome to verify that themselves by inspecting the source. If I was competing against two major closed source operating systems I'd do it too, who cares if it's a bit "well, duuuh" for existing open source users.

"We don't do encryption to hide things; we do encryption so we can choose what to share"

As a greybeard, Fuck your cloud and the sharing economy it rolled in on. When i choose what to share, I make it explicitly publically available in a format that may, or may not be encrypted. when you recontext my privacy in terms of what im willing to "share" with people it debases the very real need for encryption to circumvent things like warrantless wiretaps, blanket government surveillance, and invasive advertising. stop treating me like a toddler for using cryptography.

It sounds like something Phil Zimmerman could have said, would your response have been the same?

maybe you will, maybe you wont, but again, the point of linux is that I dont need a 60 million dollar corporation to reassure me about privacy. if you do it --like you screwed developers with contributor agreements and the UI-- ill just switch to a different distro or ill fork yours.

Sounds like you have an axe to grind with him, if you want to talk about choice and freedom couldn't you simply not use Ubuntu? I hear Windows 10 is great for your privacy...

Re: but that was the whole point.

http://www.islinuxaboutchoice.com/ is Linux about choice?

Re:but that was the whole point.

[thegarbz]

As a greybeard, Fuck your cloud and the sharing economy it rolled in on. When i choose what to share, I make it explicitly publically available in a format that may, or may not be encrypted.

So you agree with him then? Now take a breath. Because that's exactly what he was saying. YOU CHOOSE what to share. You do so by using or not using encryption to maintain information private between yourself and the person YOU CHOOSE to share it with. If he's going to speak in general words, and you're going to frame this into a me vs the government debate then I'm going to side with Shuttleworth since he is talking about the superset of possible people I may not want to share something with.

Re:but that was the whole point.

[FordenFreeman]

You made some truly good points. I especially like your point about the cloud/sharing economy.

I worked at a few webhosts, but one in particular for quite a while. We mostly served the adult industry, but we had a number of non-adult content customers as well. The struggle to keep things secure is active and never-ending. Companies are normally rolling out patches as attacks are coming in to other servers. There is never a guarantee that things are secure, and you can usually bet that some number of a company's servers are already exploited. Why? Software costs. Even with free software running the servers, you have the actual site code which will need to be updated for newer versions of PHP, Java, Python, NodeJS, Apache, SSL, etc... and companies are loathe to spend on that. Plus, it's a massive amount of work for the SysAdmins/SysEngineers to overhaul everything. Many companies' employees are not even aware of how many physical machines they have, how many VMs (if they even run VMs) are on each physical machine, or even what sites and services they own/run. They instead rely on the host to know all of that. The people at the host have hundreds (sometimes thousands) of customers, and have to hope that someone, at some point, updated the data on their side... and if not, you just write up a quick expect script to loop through IPs owned/leased by a customer to get hostnames, run a check for web server software, and then report back with configured domains/subdomains. It's a mess. At any given point in time, the entire world's could infrastructure and network infrastructure is 15 minutes from total failure and it is only through constant effort that everything is kept online. While I would love to say that this is confined to the web services world, it isn't. Government and financial systems are very similar. So, yeah. People really shouldn't trust the "cloud" and people should never really trust websites/webhosts.

Ubuntu Is Already Frontdoored

Shuttlecock already frontdoored Ubuntu when they decided to send the user's LOCAL queries to amazon without permission or notification. I never recommend anyone use Ubuntu for any reason after that incident.

Re:Ubuntu Is Already Frontdoored

[cfalcon]

> when they decided to send the user's LOCAL queries to amazon without permission or notification

I'm pretty sure there was notification, and there was a configurable option to stop it.

It was still wrong, of course, and it is being stripped out in Ubuntu Unity 8. So I wouldn't throw too many lemons at them- enough were thrown to get them to do the right thing already.

Re:Ubuntu Is Already Frontdoored

I can tell you from first hand experience, it was opt out only, and there was no notification. Here's a popular AskUbuntu article which shows how complicated it has been over the years (the interface changed a few times, etc). This PCWorld article claims that in the beginning there wasn't even a GUI option to disable it, meaning you had to know it was there, find the package and purge it. SUPER sketchy.

It doesn't matter if they remove it as this point. As shuttlecock himself said of the whole fiasco, "[they've] got root." I think it really goes to show how little Ubuntu respects its userbase and trusted position (having root of a sizeable install base, afterall). I don't see Ubuntu as a trustworthy entity, and I haven't seen anything which mitigates their actions. It's no longer about the Amazon thing; now it's about what will be next. Ubuntu is no longer trustworthy.

Re:Ubuntu Is Already Frontdoored

[F.Ultra]

There was notification, for fricking sake it was one of the selling points of the new search lens that you could get results from Amazon back. Also they didn't send it directly to Amazon, they routed all traffic by their own servers so that Amazon not could collect source ip for each query. While the setting to disable it might have been changed you could always just apt-get remove the shopping lens and get rid of it that way. And as of 16.04 the lens is not opt in as it should have been from the start.

i can't describe

the comfort i take from a statement like that from a person like that.

Has it ran it past the dutch police?

Well has he ran this past the dutch police yet? He could find Ubuntu HQ raided and himself under arrest for providing encryption that might be used by criminals!

http://www.theguardian.com/world/2016/apr/22/dutch-police-ennetcom-shut-down-owner-arrested

Quotes:
>"Although using encrypted communications is legal, many of the network’s users are believed to have been engaged in “serious criminal activity”, said spokesman Wim de Bruin of the national prosecutor’s office."

[And *providing* encrypted communications is legal, in fact no law has been broken, it didn't stop the police seizing the companies servers and closing it down.]

>"The owner of the company, Ennetcom, is suspected of money laundering and illegal weapons possession, prosecutors said."

[Even if he was a mass murderer, it doesn't make Ennetcom's business illegal. They provide PGP enabled Blackberry phones, if Blackberry phones weren't backdoored (as they shouldn't be) then nobody would need to add a PGP layer on top to secure them. How many dutch politicians are using phones that the dutch police have been able to spy on? Why is that?]

Re: Has it ran it past the dutch police?

Since when does the dutch police have jurisdiction over Great Brittain?

Domain expired

Dumbass trolls don't even realize this domain expired long ago.

But dude

[GeekWithAKnife]

What are you going to do about the secret courts that you didn't know about making all those legal decisions you cannot tell us about?

You cannot even believe your parking tickets when that system exists.

Full transparency of the legal process is what must be enforced. How is the founder of some distro going to ensure that?

Re: But dude

You do know that's an American thing right? And neither Shuttleworth nor Ubuntu is American.

Re:But dude

What are you going to do about the secret courts that you didn't know about making all those legal decisions you cannot tell us about?

Shop around for a different country to live in. They all have their bright and dark sides, quite a few don't have 'secret courts' if that is your number one worry.

Yeah, good luck auditing OpenSSH

Ever bother looking at that code?

Good luck proving there's no back door in that.

It's easy....

[Lumpy]

sudo apt-get remove backdoor
sudo apt-get remove backdoor-lib

and

sudo apt-get remove --purge NSA-spy-lib.4

After that you want to reboot and then do a update and upgrade.

Your getting?

And the difference between your and you're is... Oh wait, you didn't grasp that one.

Re:Your getting?

[rdelsambuco]

S/he likes Windows 10.

Re:Your getting?

[LVSlushdat]

Oh sure, Windows 10 *looks* pretty, works reasonably well, but if you take into account the spyware aspects of it, it comes out being an "attractive nuisance", or as I like to call it, a CTD, a computer-transmitted disease, not unlike an STD

Re:Your getting?

[dave420]

This fabled, nebulous "spying" we've heard so much about but have yet to actually see...

Re:Your getting?

[beastofburdon]

Go read the EULA then shut your trap.

We will never back door Linux...

[SkunkPussy]

... but we'll send all your desktop searches to Amazon...

Re:We will never back door Linux...

[LichtSpektren]

Valid complaint. But I think you should give some credit to Canonical because it's no longer the default in 16.04. They learned from their errors.

secure

Whatever happened to the NSA secure linux/unix?

Re:secure

[LichtSpektren]

Still in use on Fedora and RHEL. Ubuntu and SUSE both use AppArmor instead.

Re:BSD

[LichtSpektren]

Newsflash: Linux has "sold out". Even slackware is being forced to go down that path, recently allowing pulse audio to infect their system becuase (get this) bluetooth won't work without it. (Are you kidding me?)

If you want pure and clean today, what you want is BSD.

If you don't like PulseAudio, uninstall it. If you have some pathological need to avoid it in your default install, use Gentoo.

Or rather...

[vortex2.71]

Ubuntu Founder Pledges No Intentional Back Doors In Linux; Lots of Unintentional Back Doors.

A complete sham

[mushroom+blue]

If you're really concerned about security, you are likely running OpenBSD or a heavily-modified linux kernel by now.

Linus Torvalds was asked during a LinuxWorld keynote two years back if he was told by government agents to put hardware backdoors in linux. he said no, while nodding yes. His father, Nils Torvalds, a member of EU parliament, put it on the record that his son was approached by government agents requesting backdoors.

There is a known issue with the random number generator being _forced_ to do hardware-based (known to be broken on Intel/AMD chipsets) random number generation. under Open/Net/FreeBSD, there's an intermediary (software) random number generator that ensures actual randomness. Linus uncharacteristically led this charge to keep the RDRAND weakened, even resorting to calling others stupid for thinking otherwise. a prominent developer resigned due to it.

There is at least one recent Intel Management Engine talk at last year's Chaos Communication Congress. There was a similar talk the year before about AMD chipsets and their secret undocumented internal firmware. If you enjoy strong encryption, you would be wise to apply the proposed RDRAND patches that Linus rejected.

Now that all the major distributions have adopted systemd, there's now a full RPC backdoor to not only the GPL's linking requirements, but a backdoor to run "Approved" (by whom? we'll get to that) code automatically. Many people have pubatlicly posited that systemd will be the cause of "The Big One" vulnerability that eventually comes out of Linux and ruins its reputation.

Now, for the Ubuntu side: Canonical is incorporated in City of London, which means they are under the jurisdiction of GCHQ. Anyone who has watched/read a talk by Moxie Marlinspike will know that SSL/TLS is easily-spoofable by nation states. They will probably also know how exploitable SSL/TLS is today. All the draconian crap the GCHQ has jurisdiction over can easily be extended to a corporation registered under their governance. If Canonical refuses, they will be forced to, the way Google is forced to comply in the United States under similar framework. End result is that you cannot trust anything beyond your initial install CD, if you can even trust that.

You will likely never look through the custom patches compiled into your binaries, let alone think about Ken Thompson's "Trusting Trust" essay. You will just download your updates, and assume everything is A-OK. You are an end-user, and that's okay. Just don't think Shuttleworth's words are anything but a big fat placebo to keep his stock value afloat.

Re:A complete sham

Theo Tso fixed it back in 2012 by just using it as an additional (but not sole) source of entropy:

https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c2557a303ab6712bb6e09447df828c557c710ac9

Re:A complete sham

Amen to that!

Unfortunately not eveyone's occupation revolves around IT.
We want stuff that Just Works(tm).

Re:A complete sham

[F.Ultra]

Been approached and asked about putting a back door in and actually comply and putting a back door in are two different things. All we know is that he probably have been asked to do it, we do not know if he complied, considering that the source if completely open it's very likely that he explained to NSA et al that it couldn't be done.

Regarding Canonical there is AFAIK no equivalent of the US National Security Letters in the UK, courts there can order gag orders but only to protect the privacy of people and not to force companies to comply with GCHQ.

In fact that you even drag systemd into this is hilarious, there is no new way to run "approved" code automatically in systemd that wasn't already possible with sysv init or the bsd init.

Re:A complete sham

[jmcvetta]

At the last RSA Conference, a friendly salesman for a hardware company (not Intel or AMD) eagerly told me about his company's main product: They have a chip embedded in over a billion currently-deployed devices, including laptops and phones, that offers complete remote tracking and ownership functionality at the hardware level. Or so claims the salesman. He was selling it as a theft-recovery service for bigcorps, but more nefarious possible uses are pretty obvious.

Re:A complete sham

And this it the Linux reply: https://lkml.org/lkml/2012/7/5/425

"If Intel's rng really isn't trustworthy, they'll get a *huge* black
eye for it. It would be a total PR disaster for Intel, so they have
huge incentives to be trustworthy."

Re:A complete sham

There is a known issue with the random number generator being _forced_ to do hardware-based (known to be broken on Intel/AMD chipsets) random number generation. under Open/Net/FreeBSD, there's an intermediary (software) random number generator that ensures actual randomness.

So apply a patch. Linus may ship a broken random generator for whatever reason, but you're free to replace that. The simple approach of xoring the random generator output with some simple pseudorandom stuff will thwart those relying on a particular sequence. A very simple approach may still be crackable, but it won't happen because you are the only one with that particular rnd generator mod. your neighbour did it a bit differently. The big corp who has secrets and can pay a proper dev for some hours of coding can have a much better rnd generator mod - and so on. such diversity is hopeless for those who wants control.

There is at least one recent Intel Management Engine talk at last year's Chaos Communication Congress.

Fortunately, linux runs on some 20 architectures. Your firewall can run on other hardware.

Now, for the Ubuntu side: Canonical is incorporated in City of London, which means they are under the jurisdiction of GCHQ.

So get your kernel & SSL binaries from a different country, then.

Re:A complete sham

Well, Intel advertises this and AMD has something equivalent. Who is this other company? I can only imagine they're utilizing one of these two chips. Those are the two big players and they're CPUs are in just about everything. We have the sufficient sources for ARM A20 chips such that I'd be doubtful about it there... unless it is a component included rather than necessary to utilize core functionality of the A20 CPU. IE it could be in a graphics component, but none that are necessary to boot/utilize the rest of the system.

Re:A complete sham

Isn't security the difference between /dev/random and /dev/urandom? (Well beside the fact that random chokes if there is insufficient activity on the system)

Re:A complete sham

Bios with networking or just network card could be "that chip". It just needs the correct firmware for this additional functionality. Technically this could have been done for ages. How did we arrive at hinting this is the case with default firmware? Any proof?

Re: A complete sham

He gave the acceptable solution, very reasonable.

Nothing was included in the patch to indicate that the rng was bad, that was a major point. Have proof, he'd be open to it as then there's a confirmed problem to solve.

Re:A complete sham

Linus is correct, that additional data cannot make a random generate worse.

Think of real random data. Now xor it with some random looking data. The person, who gave you the random looking data still cannot predict the outcome.
So just xor enough data, which is supposed to be random and if at least on source of it is, the outcome will be useful random data.

Re:How does he know?

[LichtSpektren]

systemd is open source.

Re:BSD

[mushroom+blue]

Running Gentoo. Full KDE5 desktop.

Never installed PulseAudio or Network Manager. doing great with WPA_GUI and Jack2/Cadence. Bluetooth doesn't depend on either, and my wiimotes/speakers work great with the bluetooth stack.

Jack allows me to take a WebRTC audio stream, pipe it into FL Studio (Under WINE!) for effects, and then pipe that output into Skype/Audacious/Audacity/VLC/ffmpeg/Carla at the same time, to as many different sound outputs as I want (even on different PC's!), in _realtime_. PulseAudio is a toy.

A complete idiot

If you're really concerned about security, you are likely running OpenBSD or a heavily-modified linux kernel by now.

yeah unless you are 10000 years old and have done nothing else since you were born you have no clue what's compiled into your linux. It would take you 10000 years or more to look at all the code. So you haven't done that? Well then you are no more secure than anyone else. loser

Re:A complete idiot

The same applies for BSD.

Re:Canonical should make an Official Canary

[ThatsNotPudding]

As should every F/OSS endeavor; from CLI utility to OS.

Re: BSD

Yes, it does. Alsa is dropped: http://git.kernel.org/cgit/bluetooth/bluez.git/commit/?id=4ff9b99292eca193dc0c149722328cb0b1ab0818

As an Ubuntu user for nearly 10 years...

[jmcvetta]

... I don't believe a word he says. Yes, Ubuntu is far and away the best OS choice today. And yes, Ubuntu is almost certainly already backdoored. Canonical does lawful business in anti-freedom countries like the United States and China. Therefore Canonical's software must be compromised.

Re:As an Ubuntu user for nearly 10 years...

I don't trust him either. But it is a far ride from no to yes.[certainty about backdoors]

I don't think it is anymore reasonable to assert that that IS one...than to assert that their isn't.

"Reflections on Trusting Trust"

Read Ken Thompson's Turing award address. Unless Canonical is extraordinarily vigilant, it can be done without their knowledge. Ken Thompson outlined the basis of the attack in his Turing award address. There has been a proof of how to counter the threat, but that really just moves the bubble under the carpet.

What's the value of such pledges?

[Junta]

Isn't it like saying 'I will never be a serial killer'? It's not like lying is worse than doing the act, so what would make a malicious actor even hesitate to make the same claim?

This is nothing about Canonical, just an observation on the pointlessness of such statements in general.

Re:How does he know?

open doors?

Re:BSD

I can't get my bluetooth to work WITH pulse audio installed.

Life

He should bet his life on it

There's over 7,000 packages in Ubuntu's main repo

[JesseEnjaian]

With likely over 10,000 distinct authors of code, most without any type of mandated review process... Dude, I wouldn't be worried about 007 and Edward Snowden spying on you with Ubuntu. I'd be worried about your neighbor's anti-social looking teen having a trojan somewhere. Use Fedora. The NSA does :P