Announcement

Collapse
No announcement yet.

SELinux In Linux 6.6 Removes References To Its Origins At The US NSA

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • marlock
    replied
    schmidtbag​
    you claim good citizens "have nothing to hide" but...
    1) this blanket statement implies anyone saying othewise is not honest, which means, even if you don't fully realize it, you are attacking the integrity your interlocutors here to make your point, which is inherently offensive especially as you're doing it in a blanket statement

    2) you ignore the existance of legally acceptable secrets (personal passwords, social security numbers, industrial secrets, workplace access codes, etc)

    3) you ignore that the attacker might not be your own country, instead a belicous foreign entity

    eg: Russia has been documented launching successful rehearsal attacks on european electric smart grids as part of a new class of cyberwarfare with the goal of quickly disabling civil infrastructure... this class of cyber-attacks can have a bigger strategic impact than conventional warfare even if the target is not millitary, and the entry points are usually civilians, through spear-physhing, vulnerability probings, multi-stage invasion... a pretty old and notorious example (but made by the USA) is stuxnet

    4) you ignore corrupt government authorities may use their leverage to target honest law-abiding citizens to frame them under false charges... planting false evidence is made much much easier if you have extraordinary access

    for concision purposes please allow me to classify covert ops by USA, UK, Russia, China and etc as corruption-prone or corruption-driven instead of mucking through considerations on wether they are true to the essence of such state-nations... let's also just agree that most of it is covert because it's imoral (albeit usually made legal through carefully crafted loopholes, exceptions and whatnot)

    5) look at the sheer amount of illegal persecution done towards immigrants before they even have a chance to plead for a legal recognition of their entry... and at the immorality of actively causing hordes of them to die mid-journey despite obviously needing to flee from their former homes for sheer survival, again albeit this being partly (only partly!) made legal... those people are spied on without cause and persecuted en-masse and electronic means of invasion are an integral part of this horrendous effort

    6) you ignore just how many extraordinary exploits fall into the hands of common cyber criminals nowadays, and how fast and widely they have been deploying all sorts of attacks... the same automation and convenience that powers datacenters is powering crooks to attack "nobodies" with "nothing to hide" and making serious bucks by catching several small fish instead one big fish

    7) finally, how comfortable are you about sharing every detail of your sex life with your mom and dad? because some companies have made it their business to sell spying tools and exploits as parental control, to paranoid people in relashionships which they distrust, etc

    with varying under-the-hood complexity hidden beneath convenient GUIs, the tools for all those things have been gradually converging into the same arsenal


    ps: this is not a comment on specifically what SELinux might help prevent, but then again the argument made was that nothing at all is needed if you have nothing to hide, which is just as generic


    edit:
    i forgot to mention how some secrets are even mandatory by law and how failing to guard them is breaking the law too, so in some cases you litteraly HAVE to hide stuff (including your personal wifi password in some countries like iirc Germany) to be a law-abiding good citizen
    Last edited by marlock; 01 September 2023, 06:46 AM.

    Leave a comment:


  • marlock
    replied
    "insuficient permissions" != "insuficient SELinux permissions"

    the former would make me (a common user) scrutinize file and folder flags or use sudo

    the latter would reveal the exact sort of permission that's missing

    and maybe things could go a step further into being friendlier:
    "app/process xxxxx does not have SELinux permission for yyyyyyy"

    ...as terminal output (stout or stderr), not just SELinux-specific logs

    would this sort of suggestion cause any new problems?
    Last edited by marlock; 01 September 2023, 05:57 AM.

    Leave a comment:


  • billyswong
    replied
    Originally posted by avis View Post

    I don't know man,

    Basic SELinux Troubleshooting in CLI: https://access.redhat.com/articles/2191331
    SELinux/Tutorials/Where to find SELinux permission denial details: https://wiki.gentoo.org/wiki/SELinux...denial_details
    How to read and correct SELinux denial messages: https://www.redhat.com/sysadmin/selinux-denial2

    The first three hits in Google.

    The only people who have troubles with SeLinux seem to be the people who don't want any of SeLinux. As simple as that.
    So you really can't see the logical flaw? Of course a person can google how to troubleshoot problem caused by SELInux *after* he/she know the problem is caused by SELInux. It is the how-do-one-know-the-problem-is-caused-by-SELinux-BEFORE-knowing-SELinux problem that markg85 was complaining. From Mark's experience, SELinux doesn't seem self-revealing. It is not commonly run in every Linux distribution.

    Leave a comment:


  • billyswong
    replied
    schmidtbag Keep on granting more power to the government, then your "1st world" country will be the next oppressive state when you wake up one day. Or granting power to corporations blindly, then your "1st world" country will become just a puppet one day and corporation cartels will be the true dictators ruling over the world.

    I used Taliban as my initial example because even the stubbornest tankies won't support their policy in open (at the moment in 2023). So we can establish a common ground that at least some oppressive governments exist. For technical capacity, Russia and China are better examples. Especially for Chinese government which wholeheartedly endorses big-brother-is-watching-you policy and is actively implementing it. But I didn't want to muddle into endless political debate so I refrained from using them as examples at first. The chance of someone arguing they are "good big brother" is there and this would be tiring.

    By the same principle, I don't write offtopic local political issue in Hong Kong in this forum. Hongkongers so far are suffering less than Uyghurs. And competition for who are being oppressed most by the government is NOT FUN. Your show off of your "privilege" is disgusting.

    Leave a comment:


  • schmidtbag
    replied
    Originally posted by Paradigm Shifter View Post
    The fact that you have descended into personal attacks and insinuations really doesn't surprise me.
    Am I wrong? There's a difference between needlessly insulting someone vs saying something that's key to the point I'm trying to make. The thing is, I can't ask you what it is you fear so much. Obviously, it would be hypocritical of you to say it or even imply you're doing something wrong, which is why I concluded you must be doing something morally ambiguous (or worse).
    Someone else already point out in the other thread why "it's not that hard" living "a great life" as "a good citizen" requires a moral, ethical and honest government, and how it can be abused. Sometimes before someone has even realised.
    Yeah except that comparison was BS since it's comparing to an objectively oppressive government with a very clear motive. It's really comparing apples to oranges. The ironic thing is: the Taliban doesn't have the means to spy on their citizens, whereas my government (which doesn't oppress me) would know I'm writing this right now, if they actually cared enough about who I am, which they don't. Why? Because I'm not special, and neither are you. Even whatever that shady thing is that you're probably doing, I doubt any NATO government cares.
    Examine the way whistleblowers and journalists are treated in many countries (even the supposedly "enlightened" West). Observe the way ethnic or religious minorities are treated in others.
    Not sure what that has to do with this discussion. Nobody here is denying that we're being spied on.
    But you have things to hide. Or do you make your full name, address, social security, bank details, accounts and passwords freely accessible to anyone who asks?
    That really makes no sense and you know it. There's an incomparable difference between willingly sharing all information linked to you to the public, vs a company that only collects your search/browser history, vs a government that already logged this info the moment it was created. You're not doing yourself any favors by making such ridiculous comparisons.
    Politicians, who make the laws clearly have lots to hide. How does someone on a low six figure salary become a multi-millionaire in a decade?
    Precisely my point! The only people who care about this kind of privacy are those who have something to hide!


    Originally posted by andyprough View Post
    Seems fair for billyswong to point out that for the vast majority of people in the world, yes, it is that hard.
    No, not even close. There's a huge difference between struggling to make ends meet vs being intentionally handicapped by your government. The vast majority of the population in the world is struggling. You could argue that poor leadership is a cause of this; nobody in their right mind would outright deny that, but there's a critical difference between a government that doesn't know how to solve their problems vs a government that is intentionally creating problems. It's the latter you have to worry about, and that is absolutely not the majority of people. Yes, there are hundreds of millions of people throughout the world in an oppressive government, but the fact that you, me, and billyswongare privileged enough to be spending free time writing about this are not the kind of people who should be griping. I'm sure you are not oppressed by your government, because if you were, you'd have real things to be worrying about and not griping about a 1st world problem.
    When was the last time you tried blowing the whistle on government corruption as a federal agency insider? You should talk to a whistleblower and hear about the hell they go through. How about Edward Snowden? Have you seen him giving live in-person talks at American conferences on ethics and technology lately? How much has our government respected his rights to blow the whistle on blatant NSA corruption?
    What information do I have to whistleblow? While whistleblowing is legally granted, publicizing confidential information isn't. Obviously there's some intense corruption within the government, and since it is so deeply rooted, basically everyone closer to those roots is going to want to take him down. In what way is any of that relatable to the average nobody?
    Last edited by schmidtbag; 31 August 2023, 09:13 AM.

    Leave a comment:


  • Paradigm Shifter
    replied
    Originally posted by schmidtbag View Post
    Yup and I still stand by that.
    Don't break the law and you've got nothing to worry about. Seriously, it's not that hard to have a great life and be a good citizen at the same time. That's what gets me to question people like you: the only reason you care is because you're probably doing something morally objectionable.
    The fact that you have descended into personal attacks and insinuations really doesn't surprise me.

    Someone else already point out in the other thread why "it's not that hard" living "a great life" as "a good citizen" requires a moral, ethical and honest government, and how it can be abused. Sometimes before someone has even realised.

    Examine the way whistleblowers and journalists are treated in many countries (even the supposedly "enlightened" West). Observe the way ethnic or religious minorities are treated in others.

    Read some history.

    Seriously, read some history.

    But you have things to hide. Or do you make your full name, address, social security, bank details, accounts and passwords freely accessible to anyone who asks?

    Politicians, who make the laws clearly have lots to hide. How does someone on a low six figure salary become a multi-millionaire in a decade?

    Leave a comment:


  • andyprough
    replied
    Originally posted by schmidtbag View Post
    How does it make sense to compare my privileged position (that a company like Google or Amazon are just seeking to profit from) to an oppressive government seeking to take away a human right?
    You're the one who said
    Seriously, it's not that hard to have a great life and be a good citizen at the same time.
    Seems fair for billyswong to point out that for the vast majority of people in the world, yes, it is that hard.

    Originally posted by schmidtbag View Post
    there is absolutely nothing my government unrighteously restricts/deprives me of, or anyone I know for that matter​
    When was the last time you tried blowing the whistle on government corruption as a federal agency insider? You should talk to a whistleblower and hear about the hell they go through. How about Edward Snowden? Have you seen him giving live in-person talks at American conferences on ethics and technology lately? How much has our government respected his rights to blow the whistle on blatant NSA corruption?

    Leave a comment:


  • emblemparade
    replied
    Originally posted by rclark View Post
    Doesn't make sense to me. NSA was the original author, and yes SEL has changed over the years, but the original authors still should be referenced. Strange world we live in now though as history is being rewritten, and in some cases erased.
    The devil is in the details, which Phoronix's rather sensational title glosses over. The NSA can be mentioned and acknowledged but without naming the feature "NSA SELinux" or having other "NSA_" prefixes in the source code itself. That is very reasonable. It's just like CUPS was originally an Apple contribution, but we don't have to call it "Apple CUPS".

    Leave a comment:


  • avis
    replied
    Originally posted by billyswong View Post

    So how do someone not aware of the existence of SELinux suddenly know to look at that particular log file locating in that obscure place? Please enlighten everyone here. If you want to defend SELinux, you may suggest some killer feature that other modules such as AppArmor can't. But when someone said "I didn't know my problem is due to SELinux thus lost a day of time", response such as "you should have gone take a look at a log file that only SELinux users will watch out for" is NOT an answer.
    I don't know man,

    Basic SELinux Troubleshooting in CLI: https://access.redhat.com/articles/2191331
    SELinux/Tutorials/Where to find SELinux permission denial details: https://wiki.gentoo.org/wiki/SELinux...denial_details
    How to read and correct SELinux denial messages: https://www.redhat.com/sysadmin/selinux-denial2

    The first three hits in Google.

    The only people who have troubles with SeLinux seem to be the people who don't want any of SeLinux. As simple as that.
    Last edited by avis; 30 August 2023, 02:43 PM.

    Leave a comment:


  • kerbastrar
    replied
    Originally posted by nanonyme View Post

    I have to say safely exiled to Russia is a complete oxymoron. If you are treated well after being exiled there, it's because someone managed to politically weaponize you.
    If the American regime respected their own whistleblower laws, Snowden wouldn't have had to escape to Russia in the first place

    Thank you Putin for protecting an American patriot

    Leave a comment:

Working...
X