Linus Torvalds was approached by NSA for backdoor in Linux - Nils Torvalds (father of Linus)

  Рет қаралды 872,655

TFiR

TFiR

Күн бұрын

Пікірлер: 1 500
@TAP7a
@TAP7a 3 жыл бұрын
"Open source is less secure because everyone can see it" Ah, but you see, that is exactly what makes it more secure. Windows vulnerabilities get discovered when a new attack is launched. Linux vulnerabilities get discovered by inspection, patched and then blogged about to share expertise
@Woodside235
@Woodside235 3 жыл бұрын
You can have a schematic of the most secure bank in the world, that doesn't mean you'll be able to break into it.
@KabooM1067
@KabooM1067 3 жыл бұрын
Half true... it all depends on how diligent and thorough the community is and how quickly vulnerabilities are patched when discovered.
@almisami
@almisami 3 жыл бұрын
@@Woodside235 the difference is also that changing the building is hard, while upgrading the software is much easier.
@xFlRSTx
@xFlRSTx 3 жыл бұрын
it's both more and less secure in different ways
@MrHyde-fu5sr
@MrHyde-fu5sr 3 жыл бұрын
This is also the same reason why Linux is less secure than BSDs. Anyone can push code. There's now so much of it it's difficult to go back and fix known vulnerabilities. If there was less code (BSD) it's easier to maintain.
@Account-rb6xg
@Account-rb6xg 10 жыл бұрын
What would happen if the linus allowed backdoors in Linux: 1. Someone would find it 2. They would fix it and push it back to the official repository 3. If Linus refuses, then someone would just fork linux and fix the bug and then we would have the Linux kernel and some other forked kernel like LibreLinux of SafeLinux, or some other stupid shit. Basically it's in nobody's interest except the NSA's.
@TuriyanGold
@TuriyanGold 6 жыл бұрын
The simple answer is that nobody is using Linux for case management, the original PROMIS was coded with grant money so is actually technically open-source and its all one big backdoor...
@oliviamonkey
@oliviamonkey 5 жыл бұрын
Linus has no control over today's linux versions
@Nookerdog777
@Nookerdog777 5 жыл бұрын
@Jon Doe Oh no, you're totally right. I posted that as way of sort of refuting the implied fud in the OP comment of the thread.
@papikabron18
@papikabron18 4 жыл бұрын
Account YEAH THEY WOULD FIND IT BUT THATS NOT WHAT HAPPENED TO UBUNTU
@TheLinuxYes
@TheLinuxYes 4 жыл бұрын
the Power and Beauty of Open Source Software.
@LloydLynx
@LloydLynx 4 жыл бұрын
Windows doesn't have a backdoor, it has a loading dock.
@pearz420
@pearz420 3 жыл бұрын
It has a badonkadonk.
@oskarrrw
@oskarrrw 3 жыл бұрын
Actually hilarious. Had me in the first half not gonna lie
@reoencarcelado5904
@reoencarcelado5904 2 жыл бұрын
@TheJooomes's-comment/post "Windows doesn't have a backdoor, it has a loading dock.": And every new version, they make it prettier and more welcoming for snoopers and peeping-toms :-) . Right-now?, they have a loading-dock[/loading-bay] with a VERY fancy Welcome-mat, a red-carpet fancier than the ones they use at Hollywood, free drinks, and all this other stuff.
@Arsenic71
@Arsenic71 Жыл бұрын
Just like pretty much any cloud service does. Apple, Google, Meta, Microsoft, and many others - take your pick
@kaeji_namitsua
@kaeji_namitsua Жыл бұрын
Where?
@liamh1621
@liamh1621 5 жыл бұрын
When Microsft closes a backdoor, they open a Window
@Pro-dd4dv
@Pro-dd4dv 5 жыл бұрын
Epic!
@user-tm3fz7qx3s
@user-tm3fz7qx3s 5 жыл бұрын
@ I have no words.
@vijaysridhar351
@vijaysridhar351 4 жыл бұрын
Great Comment!!
@SultanAbdulRehman
@SultanAbdulRehman 4 жыл бұрын
🤣🤣🤣🤣🤣🤣
@flavio.portela
@flavio.portela 3 жыл бұрын
Apple will call it a feature. Ahahah
@Error-kl9op
@Error-kl9op 8 жыл бұрын
Windows 8 and 10 are two greatest things that happened to the computer world in last decade. It made so many developers turn away in disgust and pushed so many people to switch to Linux.
@johnyang799
@johnyang799 8 жыл бұрын
I use debian and freebsd for servers. But for desktop, not a single distro can ever compare to windows. They suck ass so bad. Although it is hopeful that linux will catch up in 5 years.
@HistoMagouri
@HistoMagouri 8 жыл бұрын
Oh man you have no idea. I was so mad with what's been happening with Windows 10 I migrated to Arch Linux. I've been using Windows for many years and this year, Microsoft started forcing Windows 7 and 8 users to migrate to 10 by stopping these operating systems from getting updates. Do a factory reset of a Windows 7 OS and you'll see that I'm right; it happened last week with my laptop. Windows 7 may be ending extended support in 3 years, but this is unacceptable. The amount of data collection by Microsoft is also unwarranted. Microsoft, *I'm done.*
@pssst3
@pssst3 8 жыл бұрын
kind of tge
@MichaelOLeary1977
@MichaelOLeary1977 8 жыл бұрын
xubuntu is way better and faster and controllable
@johnyang799
@johnyang799 8 жыл бұрын
Of course i tried that. The last opportunity i gave just the day before I posted. Error after the first update. Ubuntu has gone too far.
@socksumi
@socksumi 5 жыл бұрын
"There is no back door, but if there was and I wasn't allowed to tell you I wouldn't tell you". How very reassuring.
@20quid
@20quid 4 жыл бұрын
It's a "warrant canary". People aren't allowed to say yes so you need to watch and see whether they say no, if they don't directly say no then it is an indirect yes.
@eddyecho
@eddyecho 4 жыл бұрын
@@20quid then they would lie and say no. Haven't you read catch 22 by heller?
@20quid
@20quid 4 жыл бұрын
@@eddyecho The point is that if they want to say yes but they can't then they will use a warrant canary.
@eddyecho
@eddyecho 4 жыл бұрын
@@20quid If they "wanted" to say yes, they wouldn't even be there answering questions.
@20quid
@20quid 4 жыл бұрын
@@eddyecho What makes you say that?
@untitled6981
@untitled6981 8 жыл бұрын
how did the nsa expect to get a backdoor into linux without the community noticing..? lol
@Cobalt985
@Cobalt985 8 жыл бұрын
ikr? I am a somewhat novice user of Linux and I have to say there is no way in any universe that the backdoor would go unnoticed (especially by people that like to look at kernel source just for fun)
@MrGoatflakes
@MrGoatflakes 8 жыл бұрын
I wouldn't be so sure. Remember how Dennis Ritchie put a backdoor into Unix for service purposes? You could remove it from the compiler source, remove it from the kernel source and then when the compiler compiled either, it would just pop it back in again. The backdoor in the kernel and the instructions to add the the backdoor to the compiler when it recognised it was compiling the kernel. The only way to see it was to disassemble the kernel. But you could also just modify the OS to snip out the assembly for the backdoor when reading the kernel. Then it would be practically undetectable. The classic rootkit approach. Although obviously you would have to make it so when reading for copying or writing to tape or serving it over ftp it wouldn't snip out the backdoor. The only way to detect it then would be to read the file on a computer that doesn't use your kernel.
@binbashbuddy
@binbashbuddy 7 жыл бұрын
To my memory it wasn't Ritchie who did that, it was Ken Thompson. But the GCC compiler itself is open source as is Watcom and most other compilers, so that's avoidable as well. Just don't use any compiler that Ken Thompson pre-compiled for you...lol
@ewiem4351
@ewiem4351 7 жыл бұрын
By getting a backdoor into the compiler tools.
@binbashbuddy
@binbashbuddy 7 жыл бұрын
You mean the OPEN SOURCE compiler tools? Don't think anyone will be watching changes to those eh?
@svhuwagv2965
@svhuwagv2965 11 жыл бұрын
Luckily Linus Torvalds is as paranoid and honorable as I want him to be not to let any malicious code influence his lifetime work and at the same time tell us indirectly that there are people wo want him to. I love Linux =)
@aorusaki
@aorusaki 7 жыл бұрын
yup
@herauthon
@herauthon 6 жыл бұрын
will linux be able to maintain the life-patch or no-reboot update power ?
@nickcorona3966
@nickcorona3966 5 жыл бұрын
He isn't paranoid. Windows has a backdoor and so does OSX.
@MrCmon113
@MrCmon113 4 жыл бұрын
It's not paranoia when you are directly asked to compromise security.
@jpaugh64
@jpaugh64 3 жыл бұрын
You are right. He is adamant about security. However, the NSA would never have given Linus the choice _not_ to include a backdoor, no matter how adamant he was. He simply didn't have the ability to hide any backdoor from his community, and the NSA would have a scaling problem trying to bribe a rotating roster of thousands of individual volunteers. Linus accidentally had the perfect excuse not to help the NSA, by deciding to share his work.
@MrEnygma1000
@MrEnygma1000 7 жыл бұрын
LMAO!!! Backdoor in linux? That would be like sending 50 Cent to infiltrate the KKK.
@edunaville
@edunaville 4 жыл бұрын
Hahaahaha
@WilliamParkerer
@WilliamParkerer 4 жыл бұрын
kk boomer
@yasserarguelles6117
@yasserarguelles6117 4 жыл бұрын
@@tech-nomade yo dont need to check every line, every time, just check commits... theres tons of people eyeing the code, im pretty sure someone would notice.
@tech-nomade
@tech-nomade 4 жыл бұрын
@@yasserarguelles6117 At least I'm not that naive. If you want me to convince - prove it. Otherwise I have to assume that Linux Kernel might be full of malware.
@tech-nomade
@tech-nomade 4 жыл бұрын
​@@yasserarguelles6117 ... which on the other hand doesn't mean I'm not using it and it's worse than macOS or Windows. I just don't like those fairytales about Linux being super secure because it's open source.
@boogaloo_frog8410
@boogaloo_frog8410 5 жыл бұрын
Translation of Microsoft Executive: "If you have no proof we are conspiring with the NSA, then we're not".
@deidara_8598
@deidara_8598 3 жыл бұрын
**cough** **cough** NSAKEY **cough**
@citizenfoffie7605
@citizenfoffie7605 3 жыл бұрын
@@deidara_8598None credible believes NSAKey was a backdoor
@flyingturret208thecannon5
@flyingturret208thecannon5 3 жыл бұрын
Strange, the NSAkey was a whole panic among the IT guys at my school, and I also caught wind of it out of interest. Luckily I don’t use windows anymore, though.
@TheRealFlamingNinja
@TheRealFlamingNinja 3 жыл бұрын
Source(s): Dude trust me
@WilhelmDrake
@WilhelmDrake 11 ай бұрын
Except we have the proof.
@zackinator1439
@zackinator1439 4 жыл бұрын
"Linus Torvalds was approached by NSA for backdoor in Linux" Oh, ok, so the NSA has no idea what opensource software is. That's like saying "go hide in that glass house"
@ArsenGaming
@ArsenGaming 3 жыл бұрын
It's not even a glass house, glass is mostly transparent but does absorb some light. It's more like saying "go hide by standing straight up in the middle of that open field"
@ryanfranz6715
@ryanfranz6715 3 жыл бұрын
Well.. that’s true if they tried to directly put in a back door without disguising it as a genuine update. Bugs are natural back doors which hide in plain sight until someone notices it. The NSA just needs an insidiously “bug prone” kernel developer, who’s otherwise an excellent developer that people trust. It just boils down to the arms race of patching vs exploiting.
@Littlefighter1911
@Littlefighter1911 3 жыл бұрын
That's why one university tried to hide a backdoor in various other patches to see if it's possible to actually do that. That university is now banned from contributing.
@InventorZahran
@InventorZahran 3 жыл бұрын
@@Littlefighter1911 The University of Minnesota tried to introduce vulnerabilities to the Linux kernel disguised as regular updates, but the community caught them and prevented the "hypocrite commits" from being implemented.
@Littlefighter1911
@Littlefighter1911 3 жыл бұрын
@@InventorZahran Exactly. Among other valid patches.
@prydt
@prydt 7 жыл бұрын
The idea that open source is less secure than proprietary is very misinformed... classic Microsoft
@3ddan148
@3ddan148 4 жыл бұрын
i dont understand how people so easily believe this. if you understand how open source works you know that a community of tens of thousands of people checking over code, poking around for bugs/security risk etc, vs a microsoft support team of 30 idiots (not literally but seams like it alot) working 8 hrs a day but mainly just punching the clock..... more eyes, more passion, people who actually care..... no comparison....
@prakharmishra3000
@prakharmishra3000 3 жыл бұрын
That's why Linux and Android so secure than windows aren't they? Remember the wannacry virus? It was just because of a closed source software and it's vulnerability. Were it open source, it would have been detected and fixed earlier. No other os has had that kind of infection.
@tomservo5007
@tomservo5007 3 жыл бұрын
@@3ddan148 linux allows for 3rd party binary drivers (Nvidia, etc)
@3ddan148
@3ddan148 3 жыл бұрын
@@tomservo5007 yes........ i dont see how this is relative to my comment tho...
@tomservo5007
@tomservo5007 3 жыл бұрын
@@3ddan148 an open source project that allows binary blobs , makes it just as secure as what the microsoft support team produces.
@YTCANSUCKIT2014
@YTCANSUCKIT2014 9 жыл бұрын
Why am i not surprised the MS women is claiming open soure is less secure than closed source. And no one can tell me MS has no "NSA backdoors" in Windows.
@bretmohler9719
@bretmohler9719 9 жыл бұрын
Cold Dark it is probably one of those legal statements where they use the structure of the sentence to dodge having to tell the truth. if it is a MS backdoor that the NSA is welcome to use then she was not telling a lie. so the direct question of NSA backdoor can be shot down as it is "not for the NSA" and thus not an NSA backdoor so MS is being straight. but we all know no matter what name it goes by the fact is we have seen proof that MS has worked directly with them and there are backdoors and as she said she could not tell you about them anyway so her answers are wastes of time. the best part is her saying she would not be able to discuss if there was one and then says there is not one.. so really there is no way to build trust at all. a total contradiction of what she said she wanted to do work on with customers.
@botrax
@botrax 9 жыл бұрын
Cold Dark With Windows10 and Skype they collect all your data, you show, you speak, you type...
@RecordTrance
@RecordTrance 9 жыл бұрын
+Botrax - This is why I will not upgrade to Windows 10... Ive been moving to Linux. Im getting the fuck off the microsoft train and hopping on the express track to Linux. and yes im choosing the selection button that says "Encrypt installation" when installing.
@MititeluRadu
@MititeluRadu 9 жыл бұрын
+RecordTrance When Windows 10 was out, I immediately upgraded to Ubuntu for work and gaming so you are not the only one
@justasobriquet
@justasobriquet 9 жыл бұрын
+RecordTrance They are "updating" (or already have "updated") Windows 7 and 8 for the same data collection. Staying away from Windows 10 isn't enough to protect our data. I am using Linux Mint now, dual booting into Windows for a few games that won't play properly in Linux BUT with the Wifi turned off when in Windows (I am not doing this just because of the data collection, I also have wifi turned off in Windows because every time they sent an update, it broke something else in the system... no wifi, no "updates.")
@shubitoxX
@shubitoxX 11 жыл бұрын
<a href="#" class="seekto" data-time="128">2:08</a> Nils Torvalds, father of Linux founder Linus Torvalds speaking about his son Linus: Some guy asked Linus "Have you been approached by the NSA about backdoors?" Linus answered "no", but at the same time he nodded.
@MaGariShun
@MaGariShun 10 жыл бұрын
The incident he is talking about is actually on youtube. /watch?v=7gRsgkdfYJ8
@llewlem888
@llewlem888 7 жыл бұрын
MaGariShun saved
@kelkun8628
@kelkun8628 6 жыл бұрын
yep and later they admit to have to lie about it.
@Elite7555
@Elite7555 4 жыл бұрын
@@MaGariShun But he clearly does that, in a very exaggerated manner, as a joke.
@ilearncode7365
@ilearncode7365 3 жыл бұрын
@@kelkun8628 You would think his own father would know if it was "sarcasm"
@ammarkov
@ammarkov 11 жыл бұрын
<a href="#" class="seekto" data-time="335">5:35</a> ok so closed source software is better becaus "security through obscurity" , it is a rediculous argument
@BattousaiHBr
@BattousaiHBr 7 жыл бұрын
literally the only way she could spin the argument in her favor is if she said "by making software open source it becomes much easier for ill-intentioned people to find security flaws in the code and exploit it", and even then there's the counter-argument that in the case such security flaw is found in closed source software it'll also likely take much longer for the vulnerability to be known and fixed.
@FreeScience
@FreeScience 5 жыл бұрын
I absolutely agree, but to play devils advocate even further, there is potential for problems with the inconsistency of how distributions (mostly regarding linux based systems) are able to tackle vulnerabilities in a timely manner. As most users are using Debian or Fedora derivations, with dedicated security teams this is in practice perhaps not that big of an issue. But while Archlinux based distro have a good track record as far as I'm aware they probably are more reliant on upstream.
@techzone2009
@techzone2009 5 жыл бұрын
security is always close source also in Linux
@FreeScience
@FreeScience 5 жыл бұрын
How do you mean? If you mean non-disclosure policies of vulnerabilities in the kernel sources that's not being "closed source".
@deidara_8598
@deidara_8598 3 жыл бұрын
@@BattousaiHBr I would say that criminals and government agencies are far more inclined to find vulns in proprietary software than people with a genuine interest in fixing vulns. Closed source makes finding vulns harder for everyone, but more so for bug fixers.
@LinuxSpatry
@LinuxSpatry 11 жыл бұрын
The idea that FOSS software is vulnerable compared to closed source software is genuine FUD! If a backdoor was found in open sourced software it would be fixed by the community and it would be sent upstream so everyone can benefit from the added security.
@GottZ
@GottZ 7 жыл бұрын
even my backup.. backup.. backup android phone (htc sensation) received the WPA KRACK patch from the community (not htc). i sure confirm your statement. sadly there are always companies that decide some devices are not worth patching be it IoT, Smartphones, Smarthome, Cars, Tablets and other stuff.
@tux9730
@tux9730 7 жыл бұрын
OMFG SPATRY IM A BIG FAN, WHY'D YOU STOP MAKING VIDS?
@unh0lys0da16
@unh0lys0da16 7 жыл бұрын
The key word in your comment is 'if'. We're not talking about a piece of code that's only purpose is to be a backdoor, because that could easily be found, no what we're talking about is a few low-key vulnerabilities that together could make for a backdoor.
@quattro4468
@quattro4468 7 жыл бұрын
Jan-Stefan Janetzky Not if it on the hardware itself. Intel ME.
@codecoderr7495
@codecoderr7495 6 жыл бұрын
and that's why opensource is breaking schemes for everyone having the power and the $$$ and that's why plans are running for taking over.
@fdk7014
@fdk7014 10 жыл бұрын
The Snowden documents shows that Microsoft was one of the first tech companies to agree to NSAs backdoors... It is impossible to trust closed software. Obviously, any closed software provider will fervently deny that their software contains backdoors, even when it's obvious it is so. In fact, you have to assume that there are backdoors in all closed software of any importance, it's simply too important to ignore for an organisation like the NSA. Open source software isn't exactly easy to review or trust either but at least it's possible.
@fdk7014
@fdk7014 9 жыл бұрын
flashfire4 Not even close
@unity20000
@unity20000 6 жыл бұрын
@@flashfire4 In a world where NSA can send you a national security letter and an accompanying gag order and get everything you have without you being able to tell anyone, yes, closed source software is untrustworthy.
@NomoregoodnamesD8
@NomoregoodnamesD8 5 жыл бұрын
@@flashfire4 closed source software is someone cooking the books on everything they do.
@HamguyBacon
@HamguyBacon 4 жыл бұрын
Snowden is also a traitor.
@achannel9598
@achannel9598 4 жыл бұрын
@@HamguyBacon how is snowden a traitor? He exposed what nsa was doing which is borderline illegal
@AdamTheGuitarist
@AdamTheGuitarist 3 жыл бұрын
I love that he actually understands what he's talking about. He did not forget what everyone else seems to forget - that bugs have huge potential to become backdoors as well.
@radornkeldam
@radornkeldam Жыл бұрын
I would say there's a fundamental difference between a backdoor that's purposefully built into and concealed within a software system, with the express intention of securing secret access to that system to some undisclosed party, that is, knowingly withholding that information from the user of the system, and an accidental programming flaw that produces a security vulnerability that unintentionally provides access to some random party that happens to find it. Intentional vs accidental. Quite an important difference.
@hdthor
@hdthor Жыл бұрын
@@radornkeldamno one said the programming flaw was accidental. A bug may be intentional.
@pedrolopes3542
@pedrolopes3542 10 жыл бұрын
Only the European Union talks about this. good thing this inquires happened
@iverbrnstad791
@iverbrnstad791 4 жыл бұрын
@Dex4Sure lol
@yrws6756
@yrws6756 4 жыл бұрын
Dex4Sure past China-level. Look up the theme, it isn‘t good I agree, but not anywhere that bad
@fennec4140
@fennec4140 4 жыл бұрын
<a href="#" class="seekto" data-time="376">6:16</a> , that woman raising her head is just comedy gold... "i would not be allowed to tell you but I tell you there is none"
@MrCharaa
@MrCharaa 9 жыл бұрын
Thank God for the whistle blowers.
@hangug_gamja
@hangug_gamja 4 жыл бұрын
Today they are torturing Julian Assange.
@zvezdan956
@zvezdan956 3 жыл бұрын
whistle blowers are controlled leaks.
@namelessbrown
@namelessbrown 3 жыл бұрын
All Freemasonry, nothing gets out unless they want it out.
@pr0t0color
@pr0t0color 10 жыл бұрын
What is most interesting about this is that Microsoft just admitted to having backdoors in their products. They claimed that they don't give governments access to those backdoors unless they deem it necessary or they don't have a choice, but they have those backdoors nonetheless.
@otljaymz3611
@otljaymz3611 10 жыл бұрын
i think they mean that it is hard to ensure that no aspect of your code can be successfully exploited and caused to misbehave - not that they deliberately create code that explicitly grants alternate hidden access-channels.
@MrCmon113
@MrCmon113 10 ай бұрын
To believe that any corporation would protect you from the government is incredibly naive. That's why open source is so good for security. Linus couldn't rat you out even if he tried.
@zytr0x108
@zytr0x108 5 ай бұрын
They said they give governments access to data saved on their servers. That’s something different (though still bad, but that is long known).
@alish5128
@alish5128 11 жыл бұрын
Linux is not a os that owned by a company linux belongs to all people and they contribute to develop a cool opensource os
@dudds6699
@dudds6699 11 жыл бұрын
and you can get the source code your self and verify if its secure to your own standards.
@enfisk154
@enfisk154 7 жыл бұрын
Linux isn't an os
@herauthon
@herauthon 6 жыл бұрын
nope - it is the kernel but - will the kernel-supporting software stay public / open-source - if more corps - also Microsoft - implement opensource elements in their commercial products..
@Mario583a
@Mario583a 3 жыл бұрын
People Inc.
@archygrey9093
@archygrey9093 3 жыл бұрын
@ippos_khloros It isn't an os or a collection of os, it is just a kernal that operating systems can be built upon. Chrome os and Android are also built on the Linux kernal, operating systems like unbuntu or mint or manjaro are technically Gnu/Linux but poeple just call them Linux for short.
@diceblue6817
@diceblue6817 4 жыл бұрын
"bug backdoors" are entirely false - microsoft designed their backdoors to look like bugs. they were just as well documented as the most well-written API.
@supernenechi
@supernenechi 11 ай бұрын
Good thing their documentation sucks ass, so it wouldn't be understandable anyway
@avastsamble6860
@avastsamble6860 10 жыл бұрын
If NSA makes backdoor then cybercrime should be legal
@PlasmaBurns
@PlasmaBurns 10 жыл бұрын
laws only apply to the slave class, not the political class.
@PlasmaBurns
@PlasmaBurns 5 жыл бұрын
@@otljaymz3611 The FBI has the 2nd largest collection of child porn on Earth...(The Vatican being the 1st..) Do you know why the FBI collects and keeps all the child porn? ..So they can place it anywhere they want on anyones property that they want to takedown through digital backdoors.,. The FBI is the largest home grown terror organization in America. They are actively staging terror attacks and shootings on Americans in order to justify legislatively removing Liberty in the name of safety.. These sub human sacks of shit have NO problem putting child porn on your computer if they need you silenced for any reason. - who the fuck do you think murdered Jeffery Esptien?? ...The FBI/Mossad.
@Mario583a
@Mario583a 3 жыл бұрын
The Purge: Cybercrime WHEN?
@deidara_8598
@deidara_8598 3 жыл бұрын
That like saying if the US military slaughters civilians in 3rd world countries murder should be legal.
@maxthexpfarmer3957
@maxthexpfarmer3957 3 жыл бұрын
@deidara_ Yeah or that private citizens should be allowed to declare war.
@zendros
@zendros 10 жыл бұрын
Wait ... WHAT? Listen at the part of her answer at <a href="#" class="seekto" data-time="366">6:06</a> ... she says "If there was one (NSA backdoor), then I assume that I am not allowed to be told because it's part of the secret rules which I have to apply not to talk ... but I tell you that there is no backdoors." So basically she says that if there were an NSA backdoor she would either not know or would not be allowed to talk about it - but then states that there are no such backdoors!?
@FrankSouza
@FrankSouza 6 жыл бұрын
She said is not allowed to talk. She didn't say would obey
@themedleb
@themedleb 6 жыл бұрын
Frank Souza So why would you prefer to not talk about something and be transparent if you have nothing to worry about if people know?
@YeaSeb.
@YeaSeb. 4 жыл бұрын
​@Dex4Sure What are you talking about, he has some big threadripper rig now. Him touching an apple device to display a slideshow doesn't imply he doesn't use linux. Now, a lot of people with big seats on the linux foundation don't use linux, but remember, companies at microsoft bought their seats there, so those placeholders guys don't even need to know and understand linux, but that's another topic.
@adhamsalama4336
@adhamsalama4336 4 жыл бұрын
@Dex4Sure He uses Linux on his MacBook, you idiot.
@FireicerCooper
@FireicerCooper 10 жыл бұрын
Microsoft representatives are manipulating the meaning of the word backdoor. They are exclusively stating that backdoors are program bugs meaning that if you actually deliberately program a backdoor then it effectively is not a backdoor but a feature. Clever play on words.
@otljaymz3611
@otljaymz3611 10 жыл бұрын
i think what they mean is that accidental backdoors (ie exploitable aspects) are hard to test for and exclude from software.
@StellaEFZ
@StellaEFZ 3 жыл бұрын
@@otljaymz3611 And that's why QA exists, lmao
@kevinasher1347
@kevinasher1347 3 жыл бұрын
@@StellaEFZ yes, but no QA system test is complete. The QA process assumes that there is a limited amount of effort/time/other resources to test for, and that if a bug is not found early and is easily documentable, then it's not a bug that deserves a QA flag.
@ilesalmo7724
@ilesalmo7724 3 жыл бұрын
Let's give an analogy: What if Linux Foundation and Microsoft were construction companies instead of IT-firms and an intelligence agency asked for a physical secret door to every building they construct. Microsoft could do it because their business-model gives their customers a pre-built building. Linux-foundation only gives the blue-prints on how to make the building and anyone with any construction skills can see the design-flaws that's left there
@supernenechi
@supernenechi 3 жыл бұрын
Disagree. Microsoft would build the whole thing for you and only tell you about the things they want you to know about. Linux would build the building as well and let you inspect the entire process of building as well as showing all the blueprints
@ralphschraven339
@ralphschraven339 3 жыл бұрын
Microsoft would eject you out of the building every two weeks because of mandatory maintenance to the building. Microsoft would only give you access to certain rooms and floors. Microsoft would open and close doors, and when you ask to change this programming, flat-out denies this request. Microsoft doesn't let you put your name on the building, it puts its own name on the building. You don't own the building, you are just a renter. Microsoft purposefully breaks a window or two every week, so that eventually, you're inclined to purchase a new and "improved" version of the same building. This time, with more floors you can't access, more programming you can't change, and more proprietary stuff to your left, right, and center.
@MrCmon113
@MrCmon113 10 ай бұрын
@@supernenechi Nope. You don't download "linux", you download a specific OS based on linux like ubuntu or red hat or sth.
@iAPX432
@iAPX432 3 жыл бұрын
Last week Microsoft closed a -backdoor- bug enabling anyone to take control of any Exchange server. And it was used by nefarious foreign hacker groups. Let's get serious: any backdoor for NSA will be used by other actors on the long run, this should stop. Kudos for Linus and his father.
@HyperMario64
@HyperMario64 Жыл бұрын
NSA computer guys are mainly hackers from my understanding, so I don't think they actually need any deliberate backdoor to begin with, as they have already plenty of attack surface to play with as you mentioned. Though I do think that the idea of a backdoor can be implemented in a rather secure manner. sshd can be seen a backdoor server. The obvious issue is what happens when the master private key gets compromised. Linux package manager keys are highly sensitive, and can be seen as an authority over a large group of systems. Similar issues can happen with website certificates being tampered with and/or stolen. I don't think any approach is truly secure unless cutting internet access off. About Windows having backdoors, I actually don't know about this. Proving that can be challenging but a motivated hacker could very well decompile the code of some critical sections of Windows to figure that out. I think a huge issue for NSA is that they operate very similarly to black hat hackers and these other foreign hackers, governmental or not. They have no motivation to patch backdoors they figured out. They exploit them for their own interest instead.
@iAPX432
@iAPX432 Жыл бұрын
@@HyperMario64 they also have an incredible budget to create backdoors, billions on the long-run in fact, adding to that is their capacity to use personal information and intimate access to -blackmail- convince devs. And I totally respect the hackers they have, the NSA is probably the most advanced organisation in this matter, with brilliant if not genius people. sha[-0] was briliant but was broke, sha-1 is incredible. You have to respect your adversary, and understand its strength and its goals.
@jagardina
@jagardina 6 жыл бұрын
Microsoft admitted they had back doors. They spent a great deal of time explaining how they comply with legal requests, court orders, to access customer information. We still don't know if they're accessing our data without our knowledge.
@DyoKasparov
@DyoKasparov 3 жыл бұрын
They admitted? Got proof?
@BrotherO4
@BrotherO4 2 жыл бұрын
@@DyoKasparov do a quick google for their statement. This is not a theory that they have back doors. Its a known fact.
@DyoKasparov
@DyoKasparov 2 жыл бұрын
@@BrotherO4 I don't give enough of a shit, I hate them since Win8, I dont use their trash
@sb6489
@sb6489 4 жыл бұрын
The irony is that Security Enhanced Linux is written by the NSA, but still source-code eyeballed and tested by people around the world so not much chance of any backdoor going undetected.
@cybersechs1368
@cybersechs1368 Жыл бұрын
I wanna use a distro that's been made by the NWA
@realdragon
@realdragon Жыл бұрын
Not that I would take their Linux anyway
@xxXXuser69420XXxx
@xxXXuser69420XXxx 11 ай бұрын
@@realdragon do you even know what SELinux is?
@realdragon
@realdragon 11 ай бұрын
@@xxXXuser69420XXxx Enlighten me what it is. And I don't think I will change my mind on downloading linux from agency that actively tries to spy on people
@skmgeek
@skmgeek 11 ай бұрын
​@@realdragonah, the infamous conundrum of attributing art to the artist and their morales.
@timothyhitchcock1975
@timothyhitchcock1975 10 жыл бұрын
The NSA has also been installing backdoors in popular hardware chips since at least the 1990s.
@phonyfelony3935
@phonyfelony3935 9 жыл бұрын
Timothy Hitchcock they have in Routers too so they are maybe the ones some DDOS everything
@keinunvergebenesaliasgefunden
@keinunvergebenesaliasgefunden 6 жыл бұрын
Oh, 1990s... thought that happened many years later
@dinhero21
@dinhero21 9 күн бұрын
good ol' Ken Thompson hack
@petersmythe6462
@petersmythe6462 3 жыл бұрын
"There's no backdoors" If a subpoena can get private user information via compliance by MS, then the software is insecure even if it isn't explicitly backdoored.
@spudhead169
@spudhead169 4 жыл бұрын
NSA: "Hey Linus, we need you to put backdoors in Linux" Linus: * *uncontrolled laughter* * NSA: "What's so funny?" Linus: * *Hands over "Open-Source For Dummies" book* * New Linux Kernel Source: /** * NAS Dack Boor Section **/
@genericuser1505
@genericuser1505 4 жыл бұрын
If "closed source" were the solution, we would not have any security issues, on windows. But every admin know that story better.
@evilthinker1893
@evilthinker1893 9 жыл бұрын
1 dislike from me, That's not Linus Torvalds, this is not NSA and They are discussing Windows not Linux!
@bretmohler9719
@bretmohler9719 9 жыл бұрын
Evil Thinker it does sat nils torvalds in the title.. but the mention of linus being approached is a very minimal side mention
@walterstraub150
@walterstraub150 9 жыл бұрын
Evil Thinker This channel is the king of misleading titles
@theforgetfulbuddha
@theforgetfulbuddha 9 жыл бұрын
Evil Thinker It's is Dad bro
@mochabean5042
@mochabean5042 9 жыл бұрын
Evil Thinker The title clearly says it's Nils. Nils is Linus's dad.
@Agret
@Agret 7 жыл бұрын
1:14 is the relevant timestamp though
@screamengine
@screamengine 10 жыл бұрын
They have simply bypassed all kernels and gone straight for UEFI and Hypervisors. As well, the residential gateways, DSL(siemens especially), Cable, Fiber are all, no doubt, comprised.
@AhnafAbdullah
@AhnafAbdullah 5 жыл бұрын
Yeah I find it very funny how Linux fanboys are pushing for Linux for security, when it doesn't even matter anymore because the very processor you are running your PC on has already pledged allegiance to NSA
@sup2320
@sup2320 5 жыл бұрын
Well said.
@KingJellyfishII
@KingJellyfishII 4 жыл бұрын
@@AhnafAbdullah Well not _really,_ there's little a processor or UEFI or motherboard can really do if the OS is designed correctly. Also, people are praising Linux for its security from hackers and not the NSA.
@leathernluv
@leathernluv 4 жыл бұрын
To be fair, there are sec improvements there too. There are IME videos all over youtube.
@rabbitdrink
@rabbitdrink 4 жыл бұрын
@@AhnafAbdullah no longer a problem with amd. they made it so you can drop their own ime.
@adammontgomery7980
@adammontgomery7980 3 жыл бұрын
I'm impressed at the politicians[?] understanding of technology. We could only hope for this kind of conversation in the US
@pajeetsingh
@pajeetsingh 3 жыл бұрын
Is this EU Court?
@philippvelimirovic2284
@philippvelimirovic2284 3 жыл бұрын
It's a Parliamentary Comittee hearing of the European Parliament. So yes EU Politicians.
@RadikAlice
@RadikAlice 2 жыл бұрын
Sadly, they're all either all in the pockets of corporations or too cowardly to speak out
@user-lb1ib8rz4h
@user-lb1ib8rz4h 2 жыл бұрын
@@RadikAlice i think the point Adam was making was, at least the EU politicians know enough about technologies to talk about them without sounding clueless. compare this to the zucc's hearing in the senate, all the people questioning him had no idea what they were talking about.
@RadikAlice
@RadikAlice 2 жыл бұрын
@@user-lb1ib8rz4h I got that, but if we're being real. Exceptions to the rule
@salcolonsc
@salcolonsc 9 жыл бұрын
Microsoft wants US to trust Them! LMFAO! By the way, the fact that open source IS open source negates ANY backdoors from being put in place.
@JanVerny
@JanVerny 9 жыл бұрын
sal colon No, it doesn´t there could simply be backdoors that nobody can find. Like heartbleed for example, how long it took to find it, huh?
@salcolonsc
@salcolonsc 9 жыл бұрын
One big difference is that the good folks at "open source" are not actively trying to screw us. The same cannot be said about Microsoft and Apple where best case scenario, "we" are the product. Worst case scenario, well, I hate to think about it. Again, the difference here is that Microsoft and Apple are working against our best interest and/or certainly in their best interest.
@totex77
@totex77 9 жыл бұрын
+Jan Věrný But those kind of bugs are more easily found when every single person in the world with programming knowledge can look through the code and help out maintain it. When you have closed source software there may only be 50 persons who keep the code maintained, maby less. Then its clearly the safest to use open source software.
@JanVerny
@JanVerny 9 жыл бұрын
Screw You And how can you prove this? Why wasn´t heartbleed found sooner? The problem I have with claims of this backdoor free, more secure open sourced software is no one can prove it. I can say with the same amount of evidence (none) that because the code is open, hackers can more easily find the security flaws. I like open source, but for different reasons, since I am not convinced that openness brings that much more security over closed professionally maintained code.
@salcolonsc
@salcolonsc 9 жыл бұрын
Jan Věrný At open-source, the minute that something is found, it is posted. The developers themselves are usually the ones that find it, but also the community. They then work together to resolve. You yourself can join in and see everything that is going on. Can the same be said about Microsoft & Apple? they will stay tight lipped until an independent finds it. This faith you have in Microsoft & Apple is sorrily misplaced.
@Usertrappedindatabase
@Usertrappedindatabase 4 жыл бұрын
There should be more discussion upon the ethics of hardware level intrusion by Intel and AMD. Libreboot should be the norm. The potential for abuse is too high, absolute power corrupts absolutely.
@InventorZahran
@InventorZahran 3 жыл бұрын
The Intel Management Engine was originally intended (as its name implies) for enabling remote management of computers owned by corporate offices. However, this capability has the potential to be abused...
@Twkd1988
@Twkd1988 3 жыл бұрын
its much more cloaks and daggers then you may think. All it takes is for one planted engineer for things to start to fall apart.
@DF-ss5ep
@DF-ss5ep 2 жыл бұрын
@@InventorZahran Of course. If it wasn't indented for that, they would have called it Intel Spying Engine.
@MrHatoi
@MrHatoi 5 жыл бұрын
It's amazing how adamantly Microsoft's rep is saying that they're not doing everything on a long list of things that they were actually doing.
@digable_celestial_dwarfs6778
@digable_celestial_dwarfs6778 4 жыл бұрын
Best use TempleOS just to be safe 👀
@AredioVani
@AredioVani 3 жыл бұрын
Cant be monitored if your os has no Network capabilities :D
@TigransTips
@TigransTips 3 жыл бұрын
@@AredioVani I mean you can implement TCP/IP because you're running in ring level 0 AFAIK. 😉
@ChristianTheChicken
@ChristianTheChicken 3 жыл бұрын
TempleOS had a backdoor to heaven.
@tschak909
@tschak909 10 жыл бұрын
Now I see where Linus gets his sense of humour. :)
@fritsgerms3565
@fritsgerms3565 3 жыл бұрын
I'm not sure the story is true that the NSA approached Linus for a backdoor into Linux. Here is why: Linus has the oversight of the main line kernel. Nothing more. The kernel is open software with a developer hierarchy that is transparent. Anybody at all times can see the patches made to the kernel. Most people use popular distributions of Linux which derive their Kernels (but modify) from the Linus's kernel. (but they are also open source). This means if one wants to install a backdoor, thousands of developers will need to turn a blind eye. This is impossible. The NSA knows this (it is that obvious). It's much easier to approach KDE or Gnome developers, as less people will view their software. But it's also open software. So also not a good group to ask. The best group of people to ask for a backdoor is the guys that build distributions. But that is also open source for most distributions and there are signature keys to check if binaries (executables) match the source code. Lastly, the NSA can try to ask Nvidia if they are willing to add a backdoor. But that is unlikely because many people watch what these drivers do. Backdoors are only useful in combination with networking. So as a conclusion: dedicated backdoors (and involving people to do so) into Linux is very, very, very unlikely. It's much easier to exploit bad code and it's bugs. Everybody (should) in security knows this.
@obiwac
@obiwac 3 жыл бұрын
The NSA is never going to approach KDE and GNOME to implement a backdoor. Those aren't the systems they're targeting. They're likely targeting certain very specific devices which use custom Linux installations. The only way they'd be able to benefit from a backdoor then is to try and sneak one into the kernel itself.
@sycration
@sycration 3 жыл бұрын
@@obiwac Then probably PAM would be a target. It is not part of linux but used on most multiuser linux systems
@ferry602
@ferry602 Жыл бұрын
Why you not believe that? They already did to Truecrypt (now Veracrypt) encryption software.
@larkalfen9510
@larkalfen9510 3 жыл бұрын
Even if the Windows didn't had a backdoors which they do It would be pointless One critical backdoor is built into Intel CPUs and AMDs motherboards since 2008
@tux8664
@tux8664 3 жыл бұрын
intel ME can be disabled with firmware
@LyricsQuest
@LyricsQuest Жыл бұрын
Actually, a bit earlier than that. Think it all changed with the 2001 patriot act, and the sudden change in hardware lines from AMD/Intel in the same month. Untested, but suspected.
@Nacalal
@Nacalal 5 жыл бұрын
"what is a backdoor?" You can't be seriously insinuating it's not clear enough. It's a way to bypass system security that is placed there by the author of the software (intentionally or unintentionally).
@Code_Machine
@Code_Machine 3 жыл бұрын
When someone goes on a tirade after a simple question then you know they're hiding something
@simonbour
@simonbour 10 жыл бұрын
Lol! she says that open source software might be more vulnerable than propriety software. Nmap Microsoft servers for OS guess and see how they are NOT using windows, curious.
@JanVerny
@JanVerny 9 жыл бұрын
simonbour Well, it may as well be true, speaking purely hypothetically of course, because let´s MS says to NSA: "No backdoors", then they´re screwed. But Linus says to NSA: "No backdoors", well, they can just submit new code to be implemented over and over and one day maybe they´ll have their own backdoor, of course the Linux community will discover it in about a year or so, but by that time another one may pass,....
@superslimanoniem4712
@superslimanoniem4712 3 жыл бұрын
@@JanVerny but don't forget that once one backdoor is found, all commits by the same group are instantly not trusted and checked intensely. I also don't doubt that because it's the NSA, some people would look at it a bit more closely.
@antred11
@antred11 10 жыл бұрын
Bit of a description about what we're seeing here would have been nice.
@JohnOShaughnessy
@JohnOShaughnessy 10 жыл бұрын
hear, hear! I agree, instead of the off-beat title remarking a statement by Linus's dad.
@thedude4795
@thedude4795 9 жыл бұрын
+John O'Shaughnessy i think the german lady is defending windows while senior torvalds is telling the truth =)
@mattymattsidebyeach
@mattymattsidebyeach 9 жыл бұрын
+antred11 read the description before commenting, LOL
@antred11
@antred11 9 жыл бұрын
+ɥɔɐǝʎqǝpısʎʇʇɐɯʎʇʇɐɯ What *description*? There is no description. What there is is a very vague video title.
@whuzzzup
@whuzzzup 11 ай бұрын
<a href="#" class="seekto" data-time="175">2:55</a> this is the correct point. NSA does not implement a backdoor that says NsaBackdoorW32Run(arg). They introduce little bug that you can exploit and that are not obvious to other coders. Especially if you only ever have a handful of people look at the code because it's closed source. And even if you find that planted bug, it's just some coder who did a mistake.
@Yotanido
@Yotanido 9 жыл бұрын
"Did you know of any program that behaves like that?" "We had no part in ..." *clarifies question multiple times* "I think you should be asking..." So... they knew about it? I'm not exactly sure what this is about, but why don't they just lie? They dance around the truth and give themselves away, why don't they lie?
@SolomonUcko
@SolomonUcko 3 жыл бұрын
AFAICT, if they tell the truth, they get in trouble with the NSA, but if they lie, they get in trouble with the EU, so they have to hint at the truth without explicitly saying it.
@violet4034
@violet4034 3 жыл бұрын
"Open source is a security risk, and closed source is better, where everything is based on trust." - my as*
@crazyredneck7244
@crazyredneck7244 3 жыл бұрын
How is it OK for the NSA to request backdoors and not OK for Huawei to comply with the Chinese government requests?
@plrndl
@plrndl Жыл бұрын
I have always suspected that the campaign against Huawei is because they don't have the backdoors that the US administration demands.
@RadkeMaiden
@RadkeMaiden Жыл бұрын
It's not okay.
@MrCmon113
@MrCmon113 10 ай бұрын
Do you comprehend the concept of groups of people being against each other and disagreeing?
@krishnamalleboina8410
@krishnamalleboina8410 7 жыл бұрын
Where is Linus Torvalds in this video??
@lionheart7313
@lionheart7313 5 жыл бұрын
Fight NSA and others keep Linux clean and Beautiful keep Evil Out.
@crapphone7744
@crapphone7744 3 жыл бұрын
"it's all about trust" according to Microsoft. That's a relief because Microsoft is of course completely trustworthy. for instance they promised for three versions of Windows that there was preemptive multitasking at the heart of windows and everybody in the audience that I was in who heard that claim, laughed.
@unidorsalicosahedron7416
@unidorsalicosahedron7416 10 жыл бұрын
<a href="#" class="seekto" data-time="284">4:44</a> did i just hear somebody respond "that's intercourse"?
@samuellourenco1050
@samuellourenco1050 4 ай бұрын
Like father, like son. I appreciated his intervention. Kudos to that man!
@vejovim
@vejovim 3 жыл бұрын
NSA just went upstream for the backdoor. NSA has both Intel's ME and AMD's PSP and Acorn/ARM has belonged to the British government since it started in the 70's. Now they don't care what OS you run; they're on the silicon itself.
@honkhonk8009
@honkhonk8009 3 жыл бұрын
Honestly I'm cool with that. I consider the equivalent to no knock raids. They should require a warrant every time they backdoor into someone's property tho. From what iv read, their not spying on people, but rather have it incase they can exploit it when a country like Iran or China starts using these chips in anything that pertains to national security. Backdoors are common knowledge. If the gov didn't want us to know abt their bsckdoors, we wouldn't know.
@maxthexpfarmer3957
@maxthexpfarmer3957 3 жыл бұрын
China can probably make its own computer chips.
@honkhonk8009
@honkhonk8009 3 жыл бұрын
@@maxthexpfarmer3957 They already do lol. Have you not read the news about Huawei and 5G?
@LyricsQuest
@LyricsQuest 4 ай бұрын
@@honkhonk8009 They're spying on interests all over the the world, a lot of them American citizens.
@MrHatoi
@MrHatoi 5 жыл бұрын
I love the reaction at <a href="#" class="seekto" data-time="378">6:18</a> , exactly how I would expect someone to react to those two statements.
@richardfry5991
@richardfry5991 8 жыл бұрын
<a href="#" class="seekto" data-time="320">5:20</a> Completely False <a href="#" class="seekto" data-time="335">5:35</a> Completely False (Closed source software is not inherantly safer than open source software) Example Compare the number of existing viruses for Windows closed source system vs. Linux open source system. Guess what the number of viruses for windows in the MILLIONS, over 7 digits and for Linux it's less than 100, ... only 2 digits The difference is huge!
@AbcXyz-1
@AbcXyz-1 8 жыл бұрын
Yes, she just easily said that open source means that anyone can read code and find vulnerability, How she just said, if millions people can't able to find such vulnerability then she think one men can able to find. ( By Millions means their contributor ). And yes, linux is highly secure this is why most major tech giant company like Oracle, Google using linux instead windows.
@marc2377
@marc2377 8 жыл бұрын
You are right, but your example is not very good. Not only there are other, more likely reasons on why Windows gets more malware (mind you that Windows is orders of magnitude more popular than GNU/Linux), but also, there are notorious examples of security issues within Open Source products. Remember OpenSSL (heartbleed), Android (Stagefright, FakeID, others) etc...
@PixelTrik
@PixelTrik 4 жыл бұрын
@@searcyredd9520 During my internship, I saw Linux Desktops in Amazon for tech and non tech employees as their main computers. So there is a possibility of that happening.
@anitquahharlom6143
@anitquahharlom6143 3 жыл бұрын
Theres obviously a backdoor if they are able to get access to your computer for legal reasons.lol lawyers are so good at bending the truth good lord
@spencerjones1844
@spencerjones1844 4 жыл бұрын
Surprised they have lights on in the room given how much these people glow in the dark.
@piperman9870897
@piperman9870897 8 жыл бұрын
What is this? I mean, the actual meeting, who are they kind of thing? I'd be dead interested in watching more of these conferences or whatever you'd call them.
@Mbeluba
@Mbeluba 4 жыл бұрын
I think it's a court hearing? I'm guessing though
@man1utdfan
@man1utdfan 3 жыл бұрын
@@Mbeluba It's the European Parliament
@eternal864
@eternal864 Жыл бұрын
Yeah @TFiR should have really gave more context in the video description. Through Nils Torvalds wiki page I was able to determine that this was the 'LIBE Committee Inquiry on Electronic Mass Surveillance of EU Citizens[24] - 11th Hearing, 11 November 2013' but I still don't know who the woman saying "there's no backdoor" is.
@grayjappe562
@grayjappe562 3 жыл бұрын
Linus and his people are correct, open source is potentially more dangerous to be hacked. So, not allowing a back door or limiting access via their servers is paramount in protecting users. I suspect some government agencies and companies are trying to find a way to hack Linux systems, either for their own gain or to obtain information.
@RealityInc
@RealityInc 2 жыл бұрын
you see there is such a thing as "removing code" and "removing backdoors" heard of it?
@jasonbagshaw5345
@jasonbagshaw5345 4 жыл бұрын
the backdoor is built into your intel or amd chip at the hardware level with the the Intel Management Engine and the AMD Platform Security Processor so having totally secure software is irrelevant
@lewis_base
@lewis_base 3 жыл бұрын
Spectre and Meltdown were vulnerabilities and not backdoors.
@leonbishop7404
@leonbishop7404 3 жыл бұрын
@@lewis_base they are linked with menioned engines, but the security problem is still there, as those engines are physical chips on the motherboard, that run proprietary MINIX that has exclusive OS-independent access to your system RAM, network card and other hardware. thus, you cant monitor what the engine is doing from a perspective of an OS. and since these chips OS is closed-source, it may have vulnerabilities, which, if detected, might be abused to infect/compromise security of x86-64 systems all over the world. all amd and intel-compatible motherboards since around 2010 have those engines. this is also the reason why libreboot cant be installed on modern laptops, since now you cant even disable intel ME with custom bios
@leonbishop7404
@leonbishop7404 3 жыл бұрын
also I dont agree, simply because those engines are for governments, that are not going after you, at least not yet. but you still need a more efficient system where you have all the control. and yes, truly good security is very costly(at this point you might go full isolated from outside world and store everything important on an offline machine). and yet, open source is still much better for your daily tasks if you're willing to learn, it's not that hard really in the modern era
@bummers
@bummers 3 жыл бұрын
This reminds me of the knights and the knaves. She basically admitted to being a knave. Also, she's giving standard answers by saying that open source is more vulnerable. That is categorically untrue.
@plrndl
@plrndl Жыл бұрын
When large powerful and wealthy organisations are being queried about dubious practices, they field people who are genuinely ignorant of such matters, but are highly educated on the official line, to be repeated ad nauseam.
@petersmythe6462
@petersmythe6462 3 жыл бұрын
The correct response to any request for private user information should be "we can't give you any information." Not "we refuse" but "it's not possible for us to do so."
@thegardenofeatin5965
@thegardenofeatin5965 5 жыл бұрын
"You show some governments your source code, but they can't verify that THAT source code is the same that gets compiled into the distributed binary." Compile the source code and compare the resulting binary with the retail version?
@Intens12
@Intens12 4 жыл бұрын
I think NSA could commit an binary blob to the kernel as Netflix and such did with DRM. Linux has parts that are proprietary software, granted you can disable those modules
@dan-tv1kp
@dan-tv1kp Жыл бұрын
I see what you're saying, but just so you know, the kernel itself is FOSS. Yes, Linux systems may load proprietary kernel-mode drivers. As more drivers move to user-mode, such backdoor will be mitigated. Additionally, it is beyind impossible to hide such a thing; just use a kernel debugger and watch syscalls or watch network traffic externally. Due to self-protection features in the kernel and modern CPU hardware, no way the NSA could use the whole kernel address space to hide the infection either.
@RazaSid
@RazaSid 3 жыл бұрын
The NSA would require a software company to neither confirm nor deny the existence of a backdoor. The fact that they are denying the accusation, as opposed to a 'no comment' or 'cannot disclose' says they are either truthful or lying uneccessarily.
@tonyvelasquez6776
@tonyvelasquez6776 2 жыл бұрын
Not the NSA. The NSA would absolutely tell them to deny, deny, deny. Once you get into the deeper levels of government, especially when they are doing highly illegal things, all of that sides peak goes out the window.
@nuxar8778
@nuxar8778 3 жыл бұрын
These people have obviously never heard of IDA and reverse engineering… For all of the windows driver and the kernel there are PDBs available to make it even easier to reverse the files.
@MacEwanRobert
@MacEwanRobert 11 жыл бұрын
Linus' dad grilling #Microsoft about #NSA #backdoors - pure gold! #LinuxTorvald #Linux #OpenSource
@johnwhite7700
@johnwhite7700 4 жыл бұрын
geez
@pigworts2
@pigworts2 10 жыл бұрын
It is possible to verify it. Surely, you could just read the instructions as they were loaded into ram and compare them with compiled byte code from the non-backdoor source
@ShadowManceri
@ShadowManceri Жыл бұрын
Few problems: That would only detect monkey patched backdoor but it would not verify that there is no backdoor in the source. This is the MAIN problem. Why it would need to be monkey patched anyway. And secondly if you don't have the source, then this approach is pointless. And thirdly checking byte code in a scale of OS would take ages, in practical terms impossible.
@codeinject
@codeinject 7 жыл бұрын
learning x86-64 assembly makes everything open source :)
@Kevzz2srs
@Kevzz2srs 7 жыл бұрын
even with asm, good luck trying to understand huge programs
@MrNoNamedIdiot
@MrNoNamedIdiot 6 жыл бұрын
no it doesnt .... firstly EULAs and secondly there are great mechanisms to disguise variables and functions in your compilation ergo in asm aswell
@wsxedcrfv1755
@wsxedcrfv1755 6 жыл бұрын
In ASM you can see only params but just use IDAPro and custom naming convention to understand. just write quick little script in python or js deobfuscates string and address based fuckery. how do you think scene keygen is made?
@Formerlyi
@Formerlyi 2 жыл бұрын
asking linus torvalds to plant a backdoor on linux is like an owner of a swimming pool asking his own guests who are having fun in the pool "can i pee in here?"
@iain777uk
@iain777uk 4 жыл бұрын
Probably best to do a search on: Ken Thompson's "Reflections on Trusting Trust" To think Linux (even versions without systemD) don't already have multiple backdoors is very Naive.
@93matarl
@93matarl 4 жыл бұрын
i liked the guy who said i'm busy doing a status update telling that he is in the same room as Linus Torvalds's dad, seems like linus has some supporters(fans) in every corner of the world.
@kjetilhvalstrand1009
@kjetilhvalstrand1009 4 жыл бұрын
Outlook is designed to spread viruses, it ignores the file content of attachments, it allows scripting for automation. Its over powered for most users.
@GT-tj1qg
@GT-tj1qg 3 жыл бұрын
The first speaker says it's impossible to verify whether the source code they are being shown is the same as in the applications. This is NOT ACCURATE. You can simply do the following: 1. Compile the application from the source code they give you. 2. Hash the compiled application and hash any copy of the application you want to verify. 3. If the hashes match, it's verified.
@RM-xr8lq
@RM-xr8lq 3 жыл бұрын
the problem is that the source code they are shown might not be the same as what is going to be used in prod (just changing some config files the source uses, but not actually changing the source, will change compiled program). you can get around this, but not all applications will be designed like that (to use env variables for instance) unless they are given the exact source and configuration that is used for production compilation (which could have secrets in it), they wont be able to verify it
@colinquirke4256
@colinquirke4256 3 жыл бұрын
I can put the backdoor in my compiler. You can look at all the source code you like, and you won't see it there
@nucleonjohn
@nucleonjohn 7 жыл бұрын
Looked up an article about "detecting lies" while listening that microsoft women... Well the article pretty much predicted what she actually did
@maxthexpfarmer3957
@maxthexpfarmer3957 3 жыл бұрын
Yeah those don’t work
@pearz420
@pearz420 3 жыл бұрын
There is no scientific method for telling if a person is lying. However, you don't need to read anything to intuit that a representative for a company that relies entirely on intellectual property is never telling the whole truth about anything.
@MrCmon113
@MrCmon113 10 ай бұрын
You're delusional.
@Demonspeeding251
@Demonspeeding251 3 жыл бұрын
Is there anything that allows direct and unfettered access? Yes, get in touch with the customer you're trying to get info on directly.
@gerff01
@gerff01 8 жыл бұрын
LOL..."We are telling you the truth when we are". That is a direct quote, not out of context, does anyone else catch this?
@Elite7555
@Elite7555 4 жыл бұрын
Actually, this is called a tautology. It's like saying, "It is raining when it is". A statement that will always be true.
@alfx4356
@alfx4356 7 жыл бұрын
it would be helpful if you could add to the description who is who in this video
@JoeyGonzalezFineArt
@JoeyGonzalezFineArt 11 жыл бұрын
SO when do we get the right to opt out of the NSA search unless they produce a warrant by a judge in good standing!
@karlnul
@karlnul 5 жыл бұрын
5 years down the line, and we're hardly a step closer to that reality
@rixille
@rixille 3 жыл бұрын
@@karlnul Still not there.
@MegaLokopo
@MegaLokopo 3 жыл бұрын
microsoft doesn't need a back door into windows for the nsa, the front door is open. Even for linux a back door is not necessary when most users use other programs that have their front doors open.
@kipwallice4568
@kipwallice4568 3 жыл бұрын
Just found out about Intel ME. Everything is vulnerable.
@leonbishop7404
@leonbishop7404 3 жыл бұрын
potentially, yes. and no, not everything. learn about coreboot/libreboot devices. and other architectures, since amd/intel me is only for x86_64 systems
@danwlan0
@danwlan0 4 жыл бұрын
They can just use Ring -1 and lower.. why would they need to ask Linus for access?
@ZLau13
@ZLau13 7 жыл бұрын
The claims that "open source software is more vulnerable because anybody could easily develop exploits when the source is available" (or similar wording) really make me laugh. I wish everybody understood that there is no such thing as securiry from obscurity.
@oahts5906
@oahts5906 8 ай бұрын
There are backdoors in processors, the NSA already has what they want.
@timmy7201
@timmy7201 3 жыл бұрын
I'm a software engineer. The reason why proprietary software doesn't have back-doors is very simple, they're written so poorly that they don't need it. A toddler could've access to most proprietary software in mere minutes. Proprietary code is written by frustrated and stressed developers being micromanaged by a tech illiterate baboon. Open source code is written by relaxed developers, that want to write some honorable clean code. Open source is the way to go!
@GoldSrc_
@GoldSrc_ 3 жыл бұрын
Nice try NSA.
@timmy7201
@timmy7201 3 жыл бұрын
@@GoldSrc_ I'm not sure if your comment was addressed against open source or against proprietary software?
@GoldSrc_
@GoldSrc_ 3 жыл бұрын
@@timmy7201 Wasn't it obvious? Proprietary software does have backdoors, Windows being the biggest player. If Autodesk has a way to know how many pirated copies of their niche software are being used, what makes you think that Windows, a software used by billions of people, don't have backdoors?
@timmy7201
@timmy7201 3 жыл бұрын
@@GoldSrc_ I recommend you read my previous comment again. I'm joking about proprietary software (Windows) being so badly coded, everything becomes a backdoor. Or at least that's my experience working as a software engineer. Management wants everything fast, rather than good. Problems, issues and bugs are left in with the idea to patch them later on. Proprietary commercial software is a mess... I work on a lot of open-source projects in my free time, I've never seen such amounts of clean code at my full time jobs...
@GoldSrc_
@GoldSrc_ 3 жыл бұрын
@@timmy7201 You are deluded if you think Windows doesn't have backdoors in place, backdoors that were put in place because the goverment asked for them.
@sebastianwardana1527
@sebastianwardana1527 5 жыл бұрын
You know, theres a clear difference between having some entity, that accesses data and changes it to where there could be a case of security breach between the user/client/software relationship and the user not being able to check him or herself who changed what and what was changed and where that change took place and who overlooked this change! Theres the difference between private entities taking private changes in private circles between private people to put it hyperboly!
@KaliforniaJani
@KaliforniaJani 4 жыл бұрын
Its SE-Linux, security enchanged linux. NSA uses this. It was introduced to kernel in 2000's
@badpussycat
@badpussycat 3 жыл бұрын
NSA developed this. Security is their job. Unfortunately they work for both sides :-(
@sogood007ha
@sogood007ha 6 жыл бұрын
In linux even if you don’t see the backdoor in the code the compiler can put some in
@kapilk1644
@kapilk1644 4 жыл бұрын
To everyone that keeps claiming that backdoors in Linux are impossible just because it's open source, absolutely not even close to true. Innocuous memory errors which can lead to severe exploits have gotten into the kernel on numerous occasions, and I don't imagine a skilled programmer would have a hard time disguising one in such a way that it just appears like a small mistake, if it's noticed at all. Someone with good knowledge of compiler optimizations could probably even design a piece of code that on the surface looks perfectly memory safe, but in reality is not after certain (legal) optimizations that rely on obscure UB are run.
@volodyanarchist
@volodyanarchist 3 жыл бұрын
Not impossible, but not impossible to fix either.
@justincameron9123
@justincameron9123 3 жыл бұрын
tldr "someone out there smart enough could theoretically do it, not me tho but some big smarty might"
@Littlefighter1911
@Littlefighter1911 3 жыл бұрын
<a href="#" class="seekto" data-time="380">6:20</a> So you're telling me.... Eternalblue was not a backdoor?
@xylophone897
@xylophone897 6 жыл бұрын
It is an intelligence test, lady. And you just failed. <a href="#" class="seekto" data-time="337">5:37</a>
@starlord7548
@starlord7548 3 жыл бұрын
For open source software there is a saying that everyone is watching it and monitoring it but how is actually doing the monitoring.
@czos9239
@czos9239 8 жыл бұрын
"Going back to intercourse..." (<a href="#" class="seekto" data-time="98">1:38</a>) Only words spoken by a government official I would recommend for everyone!
@lassef3692
@lassef3692 3 жыл бұрын
So what he is saying your software should be open source so that we can see what is going on. Tell that to samsung, apple Microsoft
Linus builds Linus’ new PC!
17:39
Linus Tech Tips
Рет қаралды 3,6 МЛН
What Everyone Missed About The Linux Hack
20:24
Theo - t3․gg
Рет қаралды 288 М.
小丑教训坏蛋 #小丑 #天使 #shorts
00:49
好人小丑
Рет қаралды 54 МЛН
Tuna 🍣 ​⁠@patrickzeinali ​⁠@ChefRush
00:48
albert_cancook
Рет қаралды 148 МЛН
Quando A Diferença De Altura É Muito Grande 😲😂
00:12
Mari Maria
Рет қаралды 45 МЛН
Wisdom From Linus | Prime Reacts
12:18
ThePrimeTime
Рет қаралды 516 М.
Unix vs Linux
13:59
Gary Explains
Рет қаралды 1,6 МЛН
Linus Torvalds: Speaks on Hype and the Future of AI
9:02
SavvyNik
Рет қаралды 268 М.
The Most Legendary Programmers Of All Time
11:49
Aaron Jack
Рет қаралды 639 М.
The Tragedy of systemd
47:18
linux.conf.au
Рет қаралды 1,2 МЛН
The mind behind Linux | Linus Torvalds | TED
21:31
TED
Рет қаралды 6 МЛН
The Making of Linux: The World's First Open-Source Operating System
11:33
ForrestKnight
Рет қаралды 1,3 МЛН
小丑教训坏蛋 #小丑 #天使 #shorts
00:49
好人小丑
Рет қаралды 54 МЛН