No announcement yet.

SELinux In Linux 6.6 Removes References To Its Origins At The US NSA

  • Filter
  • Time
  • Show
Clear All
new posts

  • #51
    Originally posted by Magissia View Post

    Closing few holes using SELinux is better than closing none?
    Closing few holes with SELinux is better than closing none, but closing more holes using a better technology is even better.


    • #52
      Originally posted by schmidtbag View Post
      Yup and I still stand by that.
      Don't break the law and you've got nothing to worry about. Seriously, it's not that hard to have a great life and be a good citizen at the same time. That's what gets me to question people like you: the only reason you care is because you're probably doing something morally objectionable.
      Nice try NSA agent...


      • #53
        Originally posted by sarmad View Post

        Closing few holes with SELinux is better than closing none, but closing more holes using a better technology is even better.
        Which technology is it?


        • #54
          about the reply to (1) and the whole idea of "if you're in favour of privacy you're hiding something illegal and/or immoral"
          yes, we should care about not offending others with baseless accusations that disqualify them from even being heard and taken seriously

          that's not just being polite vs. rude (which honestly should be a concern too unless you enjoy highly toxic discussions) but also it's a broken argumentative recourse (i believe this is called "ad hominen", where you attack the speaker instead of the speech)

          it's also not really a "reality check" since it's baseless, aka not grounded in reality

          about the reply to (2) and my (edit)
          the existance of legally and morally acceptable/mandatory uses of privacy (even in general-purpose personal computing) proves that not having the possibility of privacy is not OK for an OS and software (even ones for general-purpose personal use)

          this alone should be enough for you to realize most vulnerabilities are a problem that does need to be tackled by those OSs and softwares, at scale, for everyone, as a baseline approach

          about the reply to (7):
          there are others but wannacry is a pretty recent example of a hugely widespread, sucessful and notorious case of "attack everything, ask for ransom from everyone, cash in all you can"

          even if these are not the most common attacks, ignoring CVEs or generally letting an OS become easy enough to exploit everyone that uses it is asking for someone to notice this and make simpler use of open breaches at a large scale instead of just high-effort attacks to narrow targets

          failure to ensure safer defaults in routers (eg: by shipping them with default passwords and not enforcing a user-assigned password at first use by device design) is actually part of the reason for germany's law on personal internet protection being mandatory... plenty botnets are comprised of small routers with default passwords that got "recruited"

          about the reply to (3):
          my original post already contained the counter-argument to your reply

          the damage open cybervunerabilities can cause to human lives is extensive when weaponized, so they shouldn't stay open, period

          leaving them open so the NSA can spy on them so it can prevent the attacks on them is a tautological proposal if they can simply be closed and the damage prevented

          by the way, spying does not prevent such damage, it *might* give early warning, but part of the fuss around NSA wistleblowing was discovering just how little it prevented with their massive spying efforts, so lots of colateral damage for very little benefit

          about the reply to (4):
          same thing... counter-argument contained in original post

          "planting false evidence is made much much easier if you have extraordinary access"

          not all crooked governments have absolute power over all citizens all the time... most bank on plausible denial, legitimating their repressive actions, gradually encroaching over resistances until they can get their roots firmly in place

          not giving them easy-to-use weapons over the resistance while they are establishing their power is essential to preventing them from becoming a full-out despotic power

          about the rest, in short:
          you don't like privacy for yourself, that's your usecase

          others like it and have the right to have it (legal and/or moral), you don't get to say their usecase is illegal, immoral and/or invalid