[ art / civ / cult / cyb / diy / drg / feels / layer / lit / λ / q / r / sci / sec / tech / w / zzz ] archive provided by lainchan.jp

lainchan archive - /r/ - 403



File: 1492225956473.png (633.05 KB, 246x300, why-didn't-you-listen?.jpg)

No.403

https://theintercept.com/2017/04/14/leaked-nsa-malware-threatens-windows-users-around-the-world/
Choice quote fta:
>"“This is as big as it gets,” Hickey said. “Nation-state attack tools are now in the hands of anyone who cares to download them…it’s literally a cyberweapon for hacking into computers…people will be using these attacks for years to come.”"

He warned us first.

  No.512

the collection of tools are on github now
https://github.com/DonnchaC/cia-hacking-tool-archive

Have fun if your into that kind of thing.

  No.525

>>403
>threatens windows idiots
happy me

  No.535

>>403
The question is how do i prevent this soykaf from running on my machine?

  No.536

>>535
Unplug the internets or unironically install gentoo

  No.547

This reminds me the scene of Lord of War when the man with an only face give tons of weapons for Africans near where him' plane had landed.

https://www.youtube.com/watch?v=mQgdZTgpczM

In the long run, this will better for the security industry.

  No.746

>>536
> unironically
> Gentoo
Pick one.

  No.762

>>536
Install Gentoo is not enough, install Hardened Gentoo with Pax/Grsecurity kernel and C compiler level of hardening!

  No.768

>>746
I picked both and now I've been running Funtoo for almost a year

  No.781

>>762
This, and that's hardly enough.
Gentoo won't solve your problems, you are in charge of that.
Also this should probably be moved to /sec/

  No.782

>>762
Why don't Install Alpine LInux in this case?

  No.1082

File: 1492617225296.png (77 KB, 200x113, Background2.png)

>>536
Realistically though, there are probably exploits that the NSA/CIA has on Linux, even with the pseudo-like security that PaX and other kernel modifications do.

Might I remind you of Linux's TCP stack which had a huge CVE in 2016. Extending from non-kernel space issues, Linux has a load of badly written programs that still many people use, user space security on Linux is quite minimal, programs can interface each other with ease, and it does not require sudo. For a long time how Xorg was launched in most Linux systems posed a high security risk.

Until there is a formally verified kernel that is sound proof in terms of security, (which there are, but they do not do much (for general computing), see most real-time oriented kernels), and user space applications which are by default no matter how badly written are safe in terms of security, then consider that any security you have can and will be broken eventually. (Assuming that the hardware is not backdoored, see RDRAND. Even a formally verified system would probably susceptible to hardware based attacks, "physical access total access.")

It sort of goes with the saying, "your threat model is worthless given amount time and the right resources."

That being said, Gentoo has more fine grained control, you start out with nothing and build your own stuff, but then again I doubt each time you install a package or there is an update you audit that package.