How secure is my openSUSE system, really?

Hmm, then I must have read it wrong. Don’t remember where (probably Wikipedia), but this idea was glued to my mind… strongly.

Just take a Chill-Pill :smiley:

For me an OS, any OS is only as safe as you want it to be.
Yes even Windows can apply here.
Its your habits you have to worry about more then anything else.

MadmanRB wrote:
> For me an OS, any OS is only as safe as you want it to be.
> Yes even Windows can apply here.
> Its your habits you have to worry about more then anything else.
>
>
+1 for the statement.


GNOME 3.6.2
openSUSE Release 12.3 (Dartmouth) 64-bit
Kernel Linux 3.7.10-1.16-desktop

On Mon, 29 Jul 2013 02:16:01 +0000, amarildojr wrote:

> Hmm, then I must have read it wrong. Don’t remember where (probably
> Wikipedia), but this idea was glued to my mind… strongly.

It’s always been “openSUSE sponsored by Novell” - or SUSE, as the case
may be.

Jim


Jim Henderson
openSUSE Forums Administrator
Forum Use Terms & Conditions at http://tinyurl.com/openSUSE-T-C

On 2013-07-29 04:16, amarildojr wrote:
>
> Hmm, then I must have read it wrong. Don’t remember where (probably
> Wikipedia), but this idea was glued to my mind… strongly.

Because SUSE did own, well, SUSE, at the time. Then came Novell, and
Novell owned SUSE (the “open” distro, I mean). Then Novell created
openSUSE, and pushed the community to take over.

openSUSE is not owned by Novell anymore, but Novell, now SUSE, does have
a strong influence on openSUSE. But not enough to force a closed bit of
software to spy on us, even if they wanted.

If you have the knowledge, you could examine the entire distribution to
find out what it does, line by line of code.


Cheers / Saludos,

Carlos E. R.
(from 12.3 x86_64 “Dartmouth” at Telcontar)

On 2013-07-29 05:06, MadmanRB wrote:
>
> For me an OS, any OS is only as safe as you want it to be.
> Yes even Windows can apply here.
> Its your habits you have to worry about more then anything else.

Mmm. Not quite. Windows has backdoors and other pieces so that a certain
government can spy on us.


Cheers / Saludos,

Carlos E. R.
(from 12.3 x86_64 “Dartmouth” at Telcontar)

Windows can’t be as safe as you want it to be, and you can’t have privacy on Windows, you just simply can’t. I wonder what’s underneath the code lines of that system.

BTW how do you quote with those blue lines?

On Mon, 29 Jul 2013 19:16:02 +0000, amarildojr wrote:

> Windows can’t be as safe as you want it to be, and you can’t have
> privacy on Windows, you just simply can’t.

Please stop spreading FUD. Yes, we’re all openSUSE/SUSE/Linux fans here

  • but it does nobody any great service to make claims about Windows that
    don’t hold up to scrutiny.

You can make Windows safe and have privacy pretty easily. Disconnect
from the 'net. Use a secondary firewall. Use anti-virus. Don’t install
untrusted applications.

Don’t sign into Windows Live in Windows 8.

Jim

Jim Henderson
openSUSE Forums Administrator
Forum Use Terms & Conditions at http://tinyurl.com/openSUSE-T-C

On 2013-07-29 21:20, Jim Henderson wrote:
> On Mon, 29 Jul 2013 19:16:02 +0000, amarildojr wrote:
>
>> Windows can’t be as safe as you want it to be, and you can’t have
>> privacy on Windows, you just simply can’t.
>
> Please stop spreading FUD. Yes, we’re all openSUSE/SUSE/Linux fans here
> - but it does nobody any great service to make claims about Windows that
> don’t hold up to scrutiny.
>
> You can make Windows safe and have privacy pretty easily. Disconnect
> from the 'net. Use a secondary firewall. Use anti-virus. Don’t install
> untrusted applications.

The backdors that Microsoft installs so that authorities can enter the
machine are known.


Cheers / Saludos,

Carlos E. R.
(from 12.3 x86_64 “Dartmouth” at Telcontar)

It’s not FUD, the privacy violations are well known in Windows, as Robin pointed out.

On the security side: Sure, lock your machine on a vault with no internet and not electricity, that secure, but not practical =) People who use Windows as their n1 Operating System are always at risk, not matter what security measures you take. Sure the risks are very low IF the regular user knows what to do, but that’s not the case most of the time. People who actually know how to be more secure (because 100% secure doesn’t exist IMHO) are less than 1% of the users, I’d risk saying.

On Mon, 29 Jul 2013 20:03:11 +0000, Carlos E. R. wrote:

> On 2013-07-29 21:20, Jim Henderson wrote:
>> On Mon, 29 Jul 2013 19:16:02 +0000, amarildojr wrote:
>>
>>> Windows can’t be as safe as you want it to be, and you can’t have
>>> privacy on Windows, you just simply can’t.
>>
>> Please stop spreading FUD. Yes, we’re all openSUSE/SUSE/Linux fans
>> here - but it does nobody any great service to make claims about
>> Windows that don’t hold up to scrutiny.
>>
>> You can make Windows safe and have privacy pretty easily. Disconnect
>> from the 'net. Use a secondary firewall. Use anti-virus. Don’t
>> install untrusted applications.
>
> The backdors that Microsoft installs so that authorities can enter the
> machine are known.

Citations, please.

Jim

Jim Henderson
openSUSE Forums Administrator
Forum Use Terms & Conditions at http://tinyurl.com/openSUSE-T-C

German government accused of spying on citizens with state-sponsored Trojan | ZDNet

Windows 8 Secure Boot: Handy Malware Backdoor for Nosy Governments? | techPowerUp

Black ops: how HBGary wrote backdoors for the government | Ars Technica

CCC | Chaos Computer Club analyzes government malware

German Government accused of running spy trojan | Security | News | PC Pro

Hackers say German officials used backdoor | InSecurity Complex - CNET News

On Mon, 29 Jul 2013 20:16:01 +0000, amarildojr wrote:

> It’s not FUD, the privacy violations are well known in Windows, as Robin
> pointed out.

Again, citations, please.

Because I know pretty much for a fact that it’s FUD because of some of
the work I’ve been paid to do recently.

Without providing detail about the work itself (let’s just say its in the
area of high-end forensic analysis), if these supposed backdoors existed,
that would render a lot of the work I’ve been paid to do unnecessary.

> On the security side: Sure, lock your machine on a vault with no
> internet and not electricity, that secure, but not practical =) People
> who use Windows as their n1 Operating System are always at risk, not
> matter what security measures you take. Sure the risks are very low IF
> the regular user knows what to do, but that’s not the case most of the
> time. People who actually know how to be more secure (because 100%
> secure doesn’t exist IMHO) are less than 1% of the users, I’d risk
> saying.

You simply said it couldn’t be done. I pointed out that it could be -
whether it’s practical or not is another matter.

People who use computers are at risk, regardless of the operating system
used. Using openSUSE, you’re at a risk - if you respond to a 419 scammer,
the OS ain’t going to protect you.

Jim

Jim Henderson
openSUSE Forums Administrator
Forum Use Terms & Conditions at http://tinyurl.com/openSUSE-T-C

On 2013-07-29 21:16, amarildojr wrote:

> BTW how do you quote with those blue lines?

That’s a side effect from using nntp instead of web on the forum :wink:


Cheers / Saludos,

Carlos E. R.
(from 12.3 x86_64 “Dartmouth” at Telcontar)

What is this work? What can you do to prove it does not happen? I’d love to see some material about this.

I know that, I just wanted to exchange a little bit of opinions =]

On 2013-07-29 22:11, Jim Henderson wrote:
> On Mon, 29 Jul 2013 20:03:11 +0000, Carlos E. R. wrote:

> Citations, please.

Spanish mail list.

A pair of paranoic people are posting them all the time.


Cheers / Saludos,

Carlos E. R.
(from 12.3 x86_64 “Dartmouth” at Telcontar)

On 2013-07-29 22:26, amarildojr wrote:
>
> hendersj;2575462 Wrote:
>> Citations, please.
>>
>> Jim
>> –
>> Jim Henderson
>> openSUSE Forums Administrator
>> Forum Use Terms & Conditions at ‘openSUSE Forums FAQ’
>> (http://tinyurl.com/openSUSE-T-C)
>
> ‘German government accused of spying on citizens with state-sponsored
> Trojan | ZDNet’ (http://tinyurl.com/3fvtlkw)
>
> ‘Windows 8 Secure Boot: Handy Malware Backdoor for Nosy Governments? |
> techPowerUp’ (http://tinyurl.com/k7zg4at)
>
> ‘Black ops: how HBGary wrote backdoors for the government | Ars
> Technica’ (http://tinyurl.com/ce3mphh)
>
> ‘CCC | Chaos Computer Club analyzes government malware’
> (http://www.ccc.de/en/updates/2011/staatstrojaner)
>
> ‘German Government accused of running spy trojan | Security | News | PC
> Pro’ (http://tinyurl.com/k39xkjy)
>
> ‘Hackers say German officials used backdoor | InSecurity Complex - CNET
> News’ (http://tinyurl.com/n759qld)

Some more - unfortunately for you my paranoid friend post in Spanish.


> http://www.clarin.com/mundo/Revelan-EEUU-traves-gigantes-internet_0_933507010.html
> http://www.guardian.co.uk/world/2013/jun/06/us-tech-giants-nsa-data
> http://www.washingtonpost.com/investigations/us-intelligence-mining-data-from-nine-us-internet-companies-in-broad-secret-program/2013/06/06/3a0c0da8-cebf-11e2-8845-d970ccb04497_story.html

> http://www.infobae.com/notas/629448-Microsoft-solicito-a-usuarios-que-dejen-Gmail-y-vuelvan-a-confiar-en-Hotmail.html
> http://www.infobae.com/notas/628819-Motorola-demanda-a-Apple-en-los-EEUU.html

Some alleged articles about Microsoft helping a turnover of PDVSA in
Venezuela, and why they now don't use Windows (I hope the link is the
right one)
> http://lubrio.blogspot.com.ar/2011/09/microsoft-entregaba-memos-internos-de.html
> http://www.rebelion.org/noticia.php?id=148721
The last one in English:
> http://www.democracynow.org/blog/2012/4/26/the_nsa_is_watching_you



A bit related:

> http://liquidat.wordpress.com/2013/05/15/skype-is-following-your-links-thats-proprietary-for-you/
> http://arstechnica.com/security/2013/05/think-your-skype-messages-get-end-to-end-encryption-think-again/



Cheers / Saludos,

Carlos E. R.
(from 12.3 x86_64 “Dartmouth” at Telcontar)

No problem, Carlos. Since Portuguese is my native language I will have no problems reading Spanish .

hendersj and amarildojr, you both have valid points. I wouldn’t say that amarildojr is spreading FUD. I know from research on the subject, I know what amarildojr is saying. I, when I first switched to Linux all those years ago, researched all the claims made, and tested them on my computer. It is possible to secure Windows (I should know, I did it), but you have to go to extreme measures to do it. Removing VBSscript will make Windows 99% secure, but antivirus programs and Windows update don’t work as they rely on the VBSscript. There are services that run that do give Microsoft a backdoor into the computer. If you know which registry keys, then you can stop it. So it is possible, but you have to go to crazy, rediculous, and it is then considered a broken system.

On Mon, 29 Jul 2013 20:26:03 +0000, amarildojr wrote:

> hendersj;2575462 Wrote:
>> Citations, please.
>>
>> Jim –
>> Jim Henderson openSUSE Forums Administrator Forum Use Terms &
>> Conditions at ‘openSUSE Forums FAQ’
>> (http://tinyurl.com/openSUSE-T-C)
>
> ‘German government accused of spying on citizens with state-sponsored
> Trojan | ZDNet’ (http://tinyurl.com/3fvtlkw)
>
> ‘Windows 8 Secure Boot: Handy Malware Backdoor for Nosy Governments? |
> techPowerUp’ (http://tinyurl.com/k7zg4at)
>
> ‘Black ops: how HBGary wrote backdoors for the government | Ars
> Technica’ (http://tinyurl.com/ce3mphh)
>
> ‘CCC | Chaos Computer Club analyzes government malware’
> (http://www.ccc.de/en/updates/2011/staatstrojaner)
>
> ‘German Government accused of running spy trojan | Security | News | PC
> Pro’ (http://tinyurl.com/k39xkjy)
>
> ‘Hackers say German officials used backdoor | InSecurity Complex - CNET
> News’ (http://tinyurl.com/n759qld)

I don’t see anything there that’s anything other than supposition and
accusations.

HBGary made lots of claims about lots of stuff, some of which may have
been true, but I certainly wouldn’t trust them if they claimed that the
sky was blue.

Jim


Jim Henderson
openSUSE Forums Administrator
Forum Use Terms & Conditions at http://tinyurl.com/openSUSE-T-C