A computer, and especially hosting services, are powerful communication and broadcasting systems into today’s world. If you control and have unfettered access to such systems, you basically control the world. Encryption is only as strong as its endpoints. e.g. if you’re running a very secure protocol on a system with a compromised OS, you’re owned. Be it Windows, Apple, Andriod, Symbian, Linux, BSD, or any other. Keep in mind how Linux is almost entirely engineered by the government / military affiliated Red Hat corporation.
Could the recent Heartbleed bug be merely a red herring? Not in the sense that the bug isn’t real, but more of a decoy; could this be used to justify smearing OpenSSL’s name while a big cronie (Red Hat) goes public with an in-house solution that promises “better security”? This tactic was used against sysvinit and other init systems to displace them in favor of systemd. It may only take a more sane API and strong documentation to get people to move away from OpenSSL. Then wait until the seed’s been planted (the new crypto gets adopted) and take advantage of people.
By the way in June 2014, Google announced its own fork of OpenSSL dubbed BoringSSL, the earlier OpenSSL bug can possibly be planted and spread by the predator as a panic strategy, who knows? Whose heart really bleeds with such invasions, it’s common and honest small players, NOT the biggies and cronies. BSD and other OSes are falling in line with big daddy, and even Google can dare to say “Yes, we scan all Gmail messages”, come and dare our own great security cum brand, we’re the invincible Govt for all!
Basically there isn’t any OS that is not heavily engineered by government-connected corporations, unfortunately governments are more becoming part creamy looters, not with commoners whom they pretend to represent. We are in a place of no good options. Even aside from security, the larger problem that the whole community development model of Linux is being betrayed. We’re ending up with just another Windows variant, centrally engineered, closed, insecure. It’s being engineered to be inaccessible to independent developers, especially at lower levels, yet even in the GUI layer.
Nothing said here is rooted in any hard facts, but it seems odd for a critical bug to be brought to light before it’s been patched. Not a surprise if the information was leaked deliberately, to cause panic and uncertainty. Be on the lookout for promising OpenSSL alternatives and be very skeptical. Heartbleed was the last nail on the coffin. The “FOSS makes you more secure” illusion is busted. Look at what the Russians and Chinese do in software. As for India, we are still a nation slowly colonized by few tech cronies.. need to wait for the disaster few years down the line. Our desi #bhakts will love if US Deep State (Father of Global #Cronies) air strikes all regions anti-crony. Then inject / spread #gujju viruses & recommend its #cronies selling anti-virus via abuse of social media and appware universities, same way missiles / anti-missiles are sold by smart #capitalists.
At the World Hosting Days Global 2014 conference in April, Julian Assange discussed encryption technology in the context of hosting systems. He discussed the cypherpunk credo of how encryption can level the playing field between powerful governments and people, he discussed how UNIX-like systems are engineered by nation-states with backdoors which are easily introduced as ‘bugs’, and how the Linux system depends on thousands of packages and libraries that may be compromised.
To a degree this is a matter of national sovereignty. The news is all flush with talk about how Russia has annexed the Crimea, on the other end, United States, have annexed the whole world as a result of annexing the computer systems and communications technology that is used to run the modern world,” stated Julian Assange.
Speaking of botched security affecting Red Hat, Debian, Ubuntu, Gentoo, SuSE, and more, the nightmarish OpenSSL recently botched SSL. It’s very hard to believe this wasn’t deliberate, as botching the memory space of private keys is about as completely incompetent as you can get, as this area is ultra-critical to the whole system.
“The sharing of information, the communication of free peoples, across history and across geography, is something that creates, maintains, and disciplines laws [governments].”