I recently had a discussion with a director at Microsoft. This person indicated that all servers, including those that are Linux based, have a back door so that various intelligence agencies can monitor Internet data exchange. My guess is that this person was merely speculating on the existence of a back door for Windows and Linux based servers.
Microsoft has long denied that a back door exists. However, few would be surprised if it turned out that Windows actually has a back door. What about Linux? Does Linux have a back door?
Why not look at the code and see for yourself if there is one? If not, feel free to put a backdoor in your own copy. lol!
Hint: With so many people with access to the open source code and so many different attitudes, you would think the existence of one would have been outed by now, don’t you think?
>
> Microsoft has long denied that a back door exists. However, few would
> be surprised if it turned out that Windows actually has a back door.
> What about Linux? Does Linux have a back door?
>
This is not a yes or no answer I can give you.
The main difference between MS Windows and GNU/Linux is that you can inspect
the source code for your linux installation if there is a backdoor. I know
that this is a pure theoretical thing insofar as most people cannot do this
because it is a lot of code and not everyone is a programmer. But thousands
and more programmers world wide look regularly into that code and it is very
unlikely that all of them are part of a conspiracy and do not make it public
if they find one.
In the worst and paranoid case that one does not even trust the distributor
of the linux in use one can compile everything including the kernel from
scratch deactivating everything which might be suspect. It’s open source
(and free) that’s a big difference her, since nobody can hide something.
If there were a back door, in the sense that someone could “telnet” into a machine, it would leave a trail of some sort. A simple sniffer would catch the activity on a port, and trigger an investigation by the admins.
I have had occasion to use the “toor” account to get into a FreeBSD server, when “root” was unusable. (I don’t remember why) I don’t think that’s the back door in question.
i would be very surprised if Windows didn’t have a back door, either
built in by MS at the insistence of the NSA, or by NSA infiltrators
into the MS world…
the same for intel processors…
both are US companies and subject to US law and (well, MS got out of
hot water with the Justice Department seemingly easy to me–i wonder
if they gave the feds a back door to get a slap on the wrist for their
monopoly practices)…and, intel has been getting away with some less
than wonderful actions also…
i’d guess that there are similar attempts to build vulnerabilities
into Linux, but as others have mentioned there are thousands of folks
around the earth who do NOT want any government agency walking in an
open door…front, back or side…so i’d guess if you wanna try to
avoid government snoops your best choice is an open source, and non-MS
system…
–
DenverD
When it comes to chocolate, resistance is futile.
CAVEAT: http://is.gd/bpoMD [posted via NNTP w/openSUSE 10.3]
NSA contributed code to Linux as well as Windows and other operating systems. I wouldn’t worry about it too much. NSA actually has quite a lot of good security guidance on their site, although some of it needs updating.
On Tue, 05 Oct 2010 14:06:02 +0000, Parthenolide wrote:
> I recently had a discussion with a director at Microsoft. This person
> indicated that all servers, including those that are Linux based, have a
> back door so that various intelligence agencies can monitor Internet
> data exchange. My guess is that this person was merely speculating on
> the existence of a back door for Windows and Linux based servers.
“Back door” claims would undoubtably be FUD, since having such a secret
would require all of the independent kernel developers to not notice it
in the code. Possible? Sure, since not all developers review all lines
of code in the kernel. But I’d find it incredibly unlikely.
I think there might be an obligation onto the software businesses to have a backdoor in place. Years ago MS and Lotus had admited (to a certain degree)*. Linux on the other hand can be modified and its not closed.
The backdoor issue is taking an upwind especially with terrorist concerns to infiltrate a pc that might belong to a suspicious person or organization.
Just in my judgement i think with linux you are on a safer side. But the argument to look into the code is laughable. Yes, theoretically you can but how long will it take you (or any normal person) to see if there is backdoor in a code.
Your only hope is, that the community says there is none.
> On Tue, 05 Oct 2010 14:06:02 +0000, Parthenolide wrote:
>
>> I recently had a discussion with a director at Microsoft. This person
>> indicated that all servers, including those that are Linux based, have a
>> back door so that various intelligence agencies can monitor Internet
>> data exchange. My guess is that this person was merely speculating on
>> the existence of a back door for Windows and Linux based servers.
>
> “Back door” claims would undoubtably be FUD, since having such a secret
> would require all of the independent kernel developers to not notice it
> in the code. Possible? Sure, since not all developers review all lines
> of code in the kernel. But I’d find it incredibly unlikely
My favorite are those that believe that your computer can be tapped into via
the power cord. Only if you don’t have the Magic Strip power strip of
course!! Act now and you can get two for $19.95.
On Tue, 05 Oct 2010 20:32:59 +0000, Chris Cox wrote:
> My favorite are those that believe that your computer can be tapped into
> via the power cord. Only if you don’t have the Magic Strip power strip
> of course!! Act now and you can get two for $19.95.
LOL, there are all kinds of crazy stories out there, aren’t there?
Here is what i found in regard to Lotus, of course Wikipedia.
Its titled rumors
It has been repeatedly alleged that in 1997 the United States National Security Agency (NSA) had backdoored the export version of Lotus Notes, but this is a mis-characterization of what actually happened. Prior to that year, Lotus had been restricted from exporting software that used encryption keys that were longer than 40 bits by United States law. Under an agreement with the US government, Lotus was allowed to start exporting 64 bit keys, so long as 24 bits of each key were recoverable using a special key issued by Lotus to the NSA. The result was that the newer version of Lotus Notes provided stronger protection against industrial espionage than any previous version had been allowed to provide, and it provided no less protection against decryption by the NSA than the previous versions had given. (US export regulations were changed in 2001, so current versions of Lotus products are able to use longer keys and they no longer provide NSA with access to any key bits.)
Yes it does, it called your ISP. Law enforcement can simply ask you ISP vendor for records of where you’ve surfed or who surfed you and they’ll be given that traffic.
Lawyers and law enforcement only have to ask your ISP what you’ve been doing and they don’t even need warrants. I hear its a little tougher in Europe.
You mean my ISP knows I torrent on port 6411? OMG I am in trouble now.
If it’s connected to the Internet it’s not private is how I think of it. It’s like setting up house keeping on the margin of a public highway it’s not private at all. People are foolish to think it is. My neighbor could be sniffing my packets for all I know.
Exactly. Hear that enormous sucking sound at your ISP or Telco? There’s no backdoor in Linux but there’s a backdoor that runs on Linux: The Ultimate Net Monitoring Tool.
More relevant than ISP monitoring (yes, it happens and at the request of authorities) is that any retail sites you have surfed know what products you are interested in. If you have signed up for any newsletters, etc and given your name and postcode, e-commerce sites can use cookie information to profile your buying habits. Names are usually unique within a postcode and from that they even know where you live, from voter rolls.
