Linux is a botnet. How do you know the kernel isn't teeming

File: 1293699.jpg (80KB, 492x559px)

80KB, 492x559px

>>56830250
Really makes you think.

>>56830250
>runs trisquile

>>56830272
Just cause something is all open source doesn't mean shit. Linux has something like 15+ million lines of code.

File: 1452084633117.jpg (43KB, 480x451px) Image search: [Google]

43KB, 480x451px

>>56830297
I personally have read every single line. I deem it safe.

File: BTFO.webm (1MB, 1718x938px) Image search: [Google]

1MB, 1718x938px

>>56830250
I checked the code and wiresharked the traffic. No outgoing connections.

Unlike windows [webm related]

>>56830433
Stallman says all proprietary software is either malware or possible malware, because it's closed source, we don't know. The same can be said for open source, because who the fuck is gonna go through all the lines of code themselves. Impossible.

>>56830537
I did, it's command work.

>>56830537
people that discover bugs frequently go through code, or report it to support who go through code.

>>56830526
/thread

>>56830526
>2016
>not using tcpdump

>>56830526
But what if there is untraceable outgoing connections that bypass software like this. I'm not trying to be tinfoil hat nutter. Just thinking out loud.

>>56830537
This is why readability, maintainability, provability and having well defined behaviour are all exceedingly important.

This is why C is a massive pile of shit that should have been nuked from orbit decades ago.

>>56830645
It isn't possible, for being sure you can sniffer trafic from another device, becouse your OS may detect activity like snifing from this OS itself.
Just like your internet provider scans all of yours traffic.

>>56830720
Obtaining a device to sniff traffic that you can trust is an interesting problem in itself.

>>56830645
speaking hypothetically if there were a rootkit operating at a lower ring than wireshark it would be possible to hide the traffic if you were running wireshark on the infected machine.

however the same test could be run on an intermediate machine or appliance between the affected machine and the wan which would absolutely be visible.

Going deeper, there are also sideband ways to exfil data from a computer without using a networked connection, really crazy bonkers ways, but they are generally extremely slow (fast enough to exfil crypto keys in a few hours or days) and/or require some degree of proximity.

>>56830712
>2016
>fall in C++ meme
>fall in OOP meme
Oh lol. C - best programming language ever made.
It's very simple and very easy to read.
Also fastest language, compiling also very fast.
Just KISS.
Go to sleep, you must be in school tomorrow

File: tux pepe.png (105KB, 883x1024px) Image search: [Google]

105KB, 883x1024px

>>56830250
Care to give evidence to backup your claims?

>>56830537
>Impossible
Maybe for idiots like you.

>>56830790
ok kid

>>56830712
Woah there. OOP is 10^9 times harder to read.

>>56830754
Just another device (ARM64, PPC64,SPARC64) and another OS with another kernel (BSD, Plan9) should be enough.
You must also chech another device with linux kernel, becouse bad activity may be not from linux but from hardware backdoor (Intel MEI etc.).

>>56830847
>he thinks the burden of proof is on the people suggesting there is a bug/backdoor in millions of lines of code
I see you have no clue about computer security.

>>56830875
HURD kernel also.

>>56830250
>teeming with backdoors.
>backdoors are individuals or groups you can teem with

>>56830526
This

>>56830250
Linux Kernel is used by largest corporations in the world, it is readed thousends of time by Microsoft, Apple (to destroy Linux), IBM, NASA, Cisco, Samsung (to trust)

>>56831008
This means literally nothing. Corporations these days consider it cheaper to spend less on security and just deal with the inevitable compromise.

>>56830862
>he thinks avoiding the C shitpile means invoking the OOP boogieman
(Not implying that ADTs are bad, mind.)

>>56831008
To backdoor

Whereas it's common knowledge Windows is teeming with backdoors.

>>56831078
Duck

>>56831078
All mainstream OSes are shit. Some are just a bit less shit than others.

>>56831037
>cheaper
Not corps. like IBM, Intel, Google, Samsung, they have enough money to write own kernel.
If Linux contains backdoor for Apple, Intel, Nvidia, Microsoft it's easy to destroy linux, and easy to proof that in linux is backdoor.

>>56831108
Nah. If there is a backdoor and it becomes publicly known, it'll be passed off as a "bug" and patched, with everything carrying on as normal. Y'know, like heartbleed, shellshock, and a bunch of others that weren't given cutesy names. Backdoors aren't usually obviously labeled as such.

>>56830875
WHAT IF TCP/IP STACK IS BACKDOORED

>>56831153
Except the examples you provided actually were investigated pretty extensively to see if they were being actively exploited or were in the past, and the consensus in both cases was that they were not, at least not arbitrarily or at scale

>>56831153
Backdoor it's not a bug, and can't be labeled so.
Linux may have vulnerability that provides some backdoor-like functions, but if there is one IBM, Cisco, Google, Debian, RedHat, Gentoo will switch to another more secure kernel.
Linux don't have any backdoors, if not you can proof me wrong, just show me backdoor in Linux.

>>56831253
I mean... How could they check something like that?

>>56831205
Do a bitwise scan.

>>56830250
Before systemd this was nothing but a mere shitpost.

>>56831259
>I don't see it so it doesn't exist.

>>56831276
Read code, test the Linux, wow!!!

>>56831259
>proof me wrong, just show me backdoor in linux
Again, absolutely zero comprehension of computer security. Go back to school kid.

>>56831205
you mean the spec? How do you backdoor a spec?

The implementations are going to be different on all of those different operating systems (except BSD and windows, kek)

>>56831299
Kek. You have no idea what you are talking about, do you?

I have come to a realization. All computers are possibly infected with malware. The only way to have completely secure devices is to live in a utopia where everyone does what is right and is honest. This is not our world though. So choose what you like to use and be happy and strive to be a better person. Anon out.

>>56831293
Nobody have ever seen a backdoor in Linux. Backdor itself is pretty big bunch of code, you can't hide it from everyone.

In fat OS like Windows and Apple you can hide everything, this exectly what they do.

>>56831301
Show a vulnerability, kid. But you can't.
Go to school nigga.

>>56831276
historical network logs.
heartbleed specifically exploited an *unused* (slightly hyperbolic) component of openssl, and required a lot of traffic to be generated using this protocol before something like an ssl key could be exfiltrated.

>>56831357
>linux has ten of millions of lines of code in the kernel alone, never mind systemd
>not a fat OS

>>56831357
Yes, you mean like a == b being a = b could lead to a backdoor... That's a pretty big chunk. No devs ever miss it right?

>>56831282
>2016
>not using OpenRC
>Always complainig about SystemD
Install Gentoo, seriously.

> I have inspected the linux kernel line by line
*tips fedora*

>>56831390
Zero. Fucking. Comprehension. Basic security principle is that you assume it's compromised and attempt to prove/show it isn't. I bet you think that Truecrypt audit was a waste of time too. After all, nobody had shown a vulnerability.

>>56831334
You can't test the working kernel or read it?

>>56831423
How about this one? :^)

if <condition>

    <single statement>;

If your so worried, then start creating stuff for seL4.

>>56830875
>hardware backdoor (Intel MEI etc.).

>using an Intel CPU newer than Core2

>>56830758
>>56830758

Your third point is interesting as fuck. Are you talking about side channel attacks from things such as power analysis?

>>56831445
I'm not a sybersecurity. But I can read code, just like everyone who writes the Linux (thousands of people).
Linux - basicly it's just drivers, and interface for using it, nothing else.
If you want put backdoor better target for it is much bigger bunch of code, like KDE, systemD, WebKit, Chromium, Firefox.

Aren't red hat distros full of back doors?

>No sources

>>56831356
Everything you need for such utopia is just Free Hardware (released under GPLv3).

>>56831611
>GPLv3
>not CC+BY-SA with additional CC0 permissions 10 years after date of first publication
Your taste in licenses is shit anon.

>>56831423
It's obviously man, you have never read a code, don't you?

>>56831611
That's a great way to never make any money and have no incentive to move computing and technology forward.

>>56831664
>>56831423
Of course, non-shit languages don't have the == vs = problem to begin with...

>>56830526

What the excuse even be? Checking for updates because of muh CVE?

>>56831405
Linux is tiny kernel (4MB when compiled), GNU is tiny OS (0.5-7GB).
Windows and Apple even can't be used on embedded devices.

>>56831526
What if I can't afford IBM Power9?

>>56831534
There have been papers written of pretty much everything.

power useage
the whine from cpu fans monitored from a cellphone (or hdd spinups, floppy, cd etc....)
screen flicker
audio analysis of keystrokes to determine what a user's input is.
network jitter
static charge of the computer case

The last thing I heard about was a paper on how to use the reflections and absorption of ambient wifi signals to determine the position and orientation of people within a building.

And pretty much all of these work without access to the processor at all. If you had a rootkit onboard, you could probably exfil anything without detection, but the flip side of that is that is that you probably wouldnt be able to hide a rootkit like that inside of the linux source code, it would have to come in somewhere else.

The screen flicker one I think is particularly cool. Its not really relevant any more, but with old CRT monitors, the electron gun only excites one pixel at a time (ie, one color at a time). Some researchers found out they could reconstruct the entire screen image by watching the ambient glow of a room with a high speed camera.

Stuff like that

>>56831592
>RedHat
>no sources
What???

>>56831737
I said Intel. Just get a fast Core2 or Bulldozer system

>>56830634

I'm sure you're just being pedantic, but while both tools do packet analysis, they are two different approaches to analysis.

Wireshark is use a high level language. It can decode hundreds of protocols, it can do stream reassembly, pull files easily out of streams, statistics and a lot more. While tcpdump is more low level. It uses BPF, and allows for analysis regardless of whether or not the packet meets protocol spec or not. I'd say both tools are essential in any netsec analysts toolbelt.

>>56831752

Thats sick as fuck

I am aware of audio keystrokes- I actually went and saw Snowden and the part where he puts a blanket over his head while he typed the password was so fucking dumb. Im pretty sure theyve been able to analyize keystroke audio since like, 2003.

honestly side channel analysis is the flyest shit, but sadly most of it is not applicable unless youre a state actor, and even then thats hardcore shit

>>56831675
>Proprietary-fag opinion
Opposite anon, hardware will become just like Free Software, just like Science, everyone can see it and improve, and just pay to factory to create chip, pay to engineers to improve scheme.

>>56831646
But it's free, your product will be free, why change a license?

>>56831806
Yeah, because all those highly intelligent people designing chips will do it for free and release all schematics, and I'm sure those billionaires investing in multi million dollars facilities will do it just out of the kindness of their heart, and they will even give them away for free because gommunism is great =DDDDDD.

>>56831681
>implying that lisp is better

>>56831804
Some of them are only relevant to state actors. but stuff like the static charge of a laptop chasis is accessible and super scary.

tl;dr - being able to exfil crypto keys by touching an electrode to a laptop (only possible when they are in use).

>>56831827
To ensure works pass into the public domain in a timely manner, like they would if copyright law wasn't a corrupt broken shitshow.

>>56831772
What about AMD Zen or any ARM64?
I want power like intel, IBM in fact 2 times faster, and little cheaper, but 8 cores minimum (powerful as 16 intel). I need only 6-10 cores intel.
ZEN will be 8 cores, but very cheap, I want to wait for ZEN.
It's very sad that IBM don't do a Desktop CPU

>>56831804
is that keystrokes audio thing so accurate that it could detect someone's input on DVORAK or Colemak? if not I feel oddly positive on my investment to have learned colemak

>>56831930

Most likely. All it would require is a machine, unless, of course, you were aware of the capability and intentionally developed a system in which either no sound was made (touchscreen?) or produced sound in such a way that it had no precedent to be compared to.

>>56831839
>Yeah, because of freedom
fix.

>>56831804
http://www.cs.tau.ac.il/~tromer/handsoff/
>>56831930
The attacks I've read about require some video to correlate audio patterns with your keystroke patterns. I suppose if you had a keylogger you could make the same correlations. But you need to establish this with any specific individual in question to have a good degree of accuracy..

>>56831930
It can detect any language on any keyboard. Just turn off your microphone.

>>56830881

Isnt it though? Usually in almost every logical debate the burden of proof is on the party arguing the affirmative. Not shit talking, just unfamiliar with standards.

>>56832014
>thinks that the bios actually completely turns off the mic
>thinks the microphone is the only thing capable of recording audio

nah you have to desolder/snip off all of those inputs anon

>>56830250
>Think every line of code is perfect? Think again.
Of course not. If there exists a method to create perfect code what would be the purpose of opening the source to more people? think for a momen what are the benefits of the open source: allowing people to study and improve the code. Perfect code doesn't need to be improved so the open source wouldn't need to exist.

>>56830297
>Just cause something is all open source doesn't mean shit.
I don't get it, this is some kind of "what is the purpose of taking a bath today if i'm gonna get dirty tomorrow anyway" mentality?
It does mean shit because a project needs to be nurtured. I don't have anything against closed source code however i think the source being open is an advantage precisely because as you said, one person cannot read all the code but the source being open means anyway can read it for any reason. When the source is closed is necessary to trust blindly on the capacity of the team developing the project and when that's not necessarily a bad thing is also a limitation.

>>56832014
Lets add another fun side channel hack.

>Dont need your microphone, I brought my own
https://en.wikipedia.org/wiki/Laser_microphone

>>56831993
ahh so I'd be under the security-by-obscurity clause. whelp I learned something new today

>>56831993

>Electromagnetic (EM). We performed key extraction by measuring the induced EM emanations, using an antenna (near-field probe) placed near the laptop.

>Scenarios. Electromagnetic probes are easily hidden in nearby objects. A glove, containing a concealed probe loop and hovering over the target laptop, would unveil its key within seconds

holy shit thanks anon, thats the most radical thing I've read in a long time

>>56832029
Good security practice is to always start with the assumption that whatever thing you're using can be or is compromised in some way, then either prove/show it isn't or take measures to mitigate the potential damage. Compartmentalization, principle of least privilege, minimizing attack surface, code audits, range checking, input sanitizing, etc, all stem from that way of thinking. Highly likely related to the mathematical roots of computer science with proof by contradiction.

>>56832115
ya I think once the profiling has been done the keyboard layout is probably irrelevant

>>56832070

just out of curiosity, do you study this in your free time anon? Or is this knowledge required for some kind of career because if so tell me who youre working for

File: REXANT.jpg (6KB, 250x250px) Image search: [Google]

6KB, 250x250px

>>56832039
>>56832070
Just put this thing (Reactal Decryptor(RD)) in ass of victim and turn it on, and you will know every single login and password of this person, laser microhone, oh lol, fucing liberals, and yes I am from Russia.

>>56832157

Ah, right. Im somewhat familiar with the crypt-analysis framework (i.e attack has cipher and plain, attacker has only cipher, so on and so forth) I guess im just too dumb to abstract it out

>>56832187
I'm a software dev currently underemployed (read: not doing anything related for $$$) with a bit of IT/OPS experience. Security is an interest and a hobby partially by necessity because I've always had to do my own.

I have done some academic physical security research as well.

>>56832200
Poccия, ФCБ. Mы cлeдим зa вaми.

>>56832200
lold
>*Rectal Decryptor
ftfy

>>56832304
Rectal, sure, in my language it spells like Peaктaльный Кpиптoнaнaлизoтop
(Rectal Cryptoanalyzer).
Very cheap and powerful thing.

File: $_32.jpg (24KB, 500x327px) Image search: [Google]

24KB, 500x327px

>>56832200
So simple, so brilliantly, soldering iron, yeah...

>>56830712
>This is why C is a massive pile of shit that should have been nuked from orbit decades ago.
And what should have replaced it?

>>56832390
For systems/realtime/embedded purposes? Ada and SPARK, of course.

>>56832390
I think this faggot had implying C++, lol.
C++ absolutely different language, it's designed for high level software, not for drivers and simple tools.

>>56832409
This languages very, very slow, delete this.

>>56832447
>he thinks Ada is slow
kek

>>56832460
C much faster, do you know at least 3 Ada complilers?
Does Ada have direct memory access?

>>56832504
>C much faster
Nope, generally same ballpark. Ada is usually 20-50% slower *with* compile time checks. Around the same speed as C++.
http://benchmarksgame.alioth.debian.org/
https://www.aicas.com/cms/sites/default/files/EADS_benchmark_language_comparison.pdf

>do you know at least 3 Ada compilers?
https://en.wikipedia.org/wiki/List_of_compilers#Ada_compilers

>does Ada have direct memory access?
Err, yes? You can use address representation clauses to place stuff anywhere you please, and an import pragma if you need to get some data that's already defined in memory. The language was literally designed for systems/embedded work and you ask a question like that?

>>56830250
Linux isn't a botnet. Neither are Chrome, Windows 10, and basically anything else /g/ has labeled botnets.

>>56834243
>chrome
>windows 10
>not botnets
You sure are making a solid case there.

>>56834253
Go learn what a botnet is. You're thinking of dataminers.

File: 621.jpg (56KB, 649x491px) Image search: [Google]

56KB, 649x491px

>>56830250

>>56832200
>>56832336
>Rectal
Thermorectal

>>56834261
No, I was using the local colloquial definition. As far as I know none of them qualify for the industry definition yet.

>>56832187
Not him, but in government comms you see this sort of thing all the time.

FYI, DISA and the NSA, etc, all publish their security practices that anyone is free to view and follow.,

>>56834379
In the future try referring to things by what they actually are. I'm sure everyone on /g/ can figure out what a dataminer is, no need to wrongfully call it a botnet.

>>56834422
But muh memes? What will I do without muh memes?

>>56834442
Be a better person

File: 1475067426525.png (19KB, 500x500px) Image search: [Google]

19KB, 500x500px

>>56830250

File: 1466001626174.jpg (353KB, 920x900px) Image search: [Google]

353KB, 920x900px

>>56830250
D-DELET

>>56830526
Are you running wireshark on another machine? Linux could be hiding it's own traffic.

>>56831423
>>56831664
https://lwn.net/Articles/57135/

>>56834671
I would do it with device drivers on firmware level.
Check intel, lenovo, etc.
It works on every platform.

>>56830526
I don't care because Edge can't play webms :^)