Announcement
Collapse
No announcement yet.
Lennart: Linux Comes Up Short Around Disk Encryption, Authenticated Boot Security
Collapse
X
-
As a former enterprise Endpoint Admin and now an ITSec person, I'm not sure there is a way for me to run Linux and meet my own organization's industry-standard security policies. Is there a way for me to easily enroll a Linux desktop or server into a system that escrows a break-glass key for the full-disk encryption?
Comment
-
Originally posted by tildearrow View PostThe countless amount of DNS requests that devices send upon connecting to a network, and then every once in a while.
It could mean anything.
Btw, do you know what DNS is and what it's used for? You think your computer is sending "countless amount of DNS requests"? Who do you think these requests are being sent to? And what do you think the receiving party is doing with them?
If your "proof" of "spying" is that you think any device that doesn't run Linux is sending "countless amount of DNS requests" then not only do you have no proof but you also have no idea how basic networking works.
- Likes 1
Comment
-
Originally posted by pal666 View Postwell, those who stole your laptop are obviously incompatible with abiding laws
so how many credit cards they stole from you? do you trust your credit card to corporation(like your bank), or street thief?
Big tech corporations however have in all likelihood made money on stealing and selling my personal data. I can't tell you how much, because they are not doing it directly, but hey, there is more than one way to steal something from someone than reach into his pocket, and there are more important things to steal than money.
I feel far more damaged by the stupidity that big tech corporations are inflicting around me. I can keep a good eye on my wallet, but how do I prevent that form happening? Huh? Legal crime is far greater issue with far more reaching consequences and damages, for the simple reason it is so overwhelming the world is drowning in it.
I absolutely see a much bigger problem with legal crime than I do with illegal. That's just the thing - designating things as legal or illegal doesn't determine whether it is a crime or not. Today we have an ever growing array of legal crimes - unethical and ultimately harmful actions that are perfectly legal in the face of the law, and we even have a bunch of stuff that I wouldn't really call even remotely unethical that happens to be illegal, for the purpose of protecting the establishment's monopoly on crime.Last edited by ddriver; 23 September 2021, 10:13 PM.
- Likes 1
Comment
-
Originally posted by pal666 View Postyou are not very smart. those corporations have to abide laws, people who steal your notebook don't, they'll get all your passwords and vacuum your bank accounts(but maybe you don't have any, or even you are the one trying to do something illegal, so google poses bigger threat to you)
Comment
-
Originally posted by tildearrow View PostYou and Sonadow are the only ones who claim Windows is not spyware. And what a coincidence, you both are Linux haters.
Do you see how silly this belief is?
Originally posted by tildearrow View PostTechnically could be true, but the solution isn't to drop Linux and use a less secure operating system like Windows, Android or macOS.
Priceless.
Last edited by sophisticles; 23 September 2021, 10:27 PM.
- Likes 1
Comment
-
BTW, https://bugzilla.redhat.com/show_bug.cgi?id=1319799
I talked about that 5 years ago - not a single RedHat/Fedora employee left a comment.
- Likes 1
Comment
-
Originally posted by sophisticles View Post
Lol! it can mean anything so let's assume the absolute worst.
Btw, do you know what DNS is and what it's used for? You think your computer is sending "countless amount of DNS requests"? Who do you think these requests are being sent to? And what do you think the receiving party is doing with them?
If your "proof" of "spying" is that you think any device that doesn't run Linux is sending "countless amount of DNS requests" then not only do you have no proof but you also have no idea how basic networking works.
These requests are sent by the OS to a DNS server (which is either set by the user or provided during DHCP network configuration; usually one of the following: the ISP's own DNS server, Google DNS, Cloudflare DNS, etc.) in order to resolve the IP address of a Microsoft server which is required in order to establish a connection to it.
Arch Linux does contact ping.archlinux.org every once in a while too, but it is used exclusively to check whether the device has Internet access or is behind a captive portal (often set in malls and other public Wi-Fi networks), but the amount of addresses Windows 10 tries to reach is just insane (and worst of all is that many have rather obvious names (like watson.telemetry.microsoft.com)).
While it is near impossible to know what exactly is being sent to Microsoft since it uses the HTTPS protocol (which is encrypted using TLS), who knows what could be sent. It could be anything between nothing at all up to random files in the device.Last edited by tildearrow; 23 September 2021, 10:32 PM.
Comment
-
Originally posted by tildearrow View PostYes, I know what it is. It's for resolving a domain name to an IP address and some other things.
These requests are sent by the OS to a DNS server in order to resolve Microsoft's IP address which usually is used to establish a connection.
Do you know who controls the DNS server?
Explain to me how the above is used to spy on you and why you think that your devices are sending countless DNS requests all the time.
Comment
-
Originally posted by sophisticles View Post
Great, so you googled and came up with an answer.
Do you know who controls the DNS server?
Explain to me how the above is used to spy on you and why you think that your devices are sending countless DNS requests all the time.
Let me clarify. I did not mean to say "DNS is used to spy on me". I meant to say "Windows 10 makes a lot of connections to Microsoft servers upon connecting to a network". Excuse me if I was not clear.Last edited by tildearrow; 23 September 2021, 10:53 PM.
Comment
Comment