[ art / civ / cult / cyb / diy / drg / feels / layer / lit / λ / q / r / sci / sec / tech / w / zzz ] archive provided by lainchan.jp

lainchan archive - /r/ - 403

File: 1492225956473.png (633.05 KB, 246x300, why-didn't-you-listen?.jpg)


Choice quote fta:
>"“This is as big as it gets,” Hickey said. “Nation-state attack tools are now in the hands of anyone who cares to download them…it’s literally a cyberweapon for hacking into computers…people will be using these attacks for years to come.”"

He warned us first.


the collection of tools are on github now

Have fun if your into that kind of thing.


>threatens windows idiots
happy me


The question is how do i prevent this soykaf from running on my machine?


Unplug the internets or unironically install gentoo


This reminds me the scene of Lord of War when the man with an only face give tons of weapons for Africans near where him' plane had landed.


In the long run, this will better for the security industry.


> unironically
> Gentoo
Pick one.


Install Gentoo is not enough, install Hardened Gentoo with Pax/Grsecurity kernel and C compiler level of hardening!


I picked both and now I've been running Funtoo for almost a year


This, and that's hardly enough.
Gentoo won't solve your problems, you are in charge of that.
Also this should probably be moved to /sec/


Why don't Install Alpine LInux in this case?


File: 1492617225296.png (77 KB, 200x113, Background2.png)

Realistically though, there are probably exploits that the NSA/CIA has on Linux, even with the pseudo-like security that PaX and other kernel modifications do.

Might I remind you of Linux's TCP stack which had a huge CVE in 2016. Extending from non-kernel space issues, Linux has a load of badly written programs that still many people use, user space security on Linux is quite minimal, programs can interface each other with ease, and it does not require sudo. For a long time how Xorg was launched in most Linux systems posed a high security risk.

Until there is a formally verified kernel that is sound proof in terms of security, (which there are, but they do not do much (for general computing), see most real-time oriented kernels), and user space applications which are by default no matter how badly written are safe in terms of security, then consider that any security you have can and will be broken eventually. (Assuming that the hardware is not backdoored, see RDRAND. Even a formally verified system would probably susceptible to hardware based attacks, "physical access total access.")

It sort of goes with the saying, "your threat model is worthless given amount time and the right resources."

That being said, Gentoo has more fine grained control, you start out with nothing and build your own stuff, but then again I doubt each time you install a package or there is an update you audit that package.