While this sounds convincing on the surface, it is utterly false in reality. You cannot determine from the contents of communication whether some people communicating are terrorists if they have at least minimal OpSec. You can, to a degree, identify groups when you have one member, but that works regardless of encryption.

These days there are only two kinds of terrorists (disregarding the ones created by the FBI): The dead ones and those with good OpSec. Of course, there are not many of either, and the whole thing is completely blown out of proportion. By "Qui bono?" is also becomes clear why it is being blown out of all proportion: It means more money and power for various police, state security and other anti-freedom organizations. These people are habitually lying to us these days and milking the fear for all its worth.

No, it is not. What spooks them is ordinary citizens being able to talk without them being able to listen in. These people are pathological paranoids and very, very afraid of the general population. Terrorists are not even using email or cellphones these days, the US drone-kill "strategy" made sure of that.

Terrorists do not use encryption for communication. With encryption, you can still determine sources and destinations and that gets people drone-killed on the mere suspicion of being terrorists. Of course, those that survive have become smarter, as part of an ordinary evolutionary process under predator pressure.

As far as we know, not a single terrorist attack would have ever been averted if encryption had been breakable. This person is either terminally stupid or exceptionally dishonest. In either case he is a serious threat to society and should be removed from his position immediately.

This is TAILS. There are no guest accounts. This is not a distribution intended to be installed at all. It is intended to run from CD or (preferably write-protected) memory stick. Without jumping through major hoops, you cannot even write persistent changes to it even if is on an unprotected memory stick.

That said, if configuration changes by a legitimate user, installing of packages by legitimate user, etc. are needed to open a backdoor, then that is not a security vulnerability. For example, it just takes one small change to the tunneling config of TAILS to send clear-text messages out over the normal network. It it just takes some very small config changes to open up any Unix installation to the world. Or it just takes a very small configuration change to your car to make it exceptionally easy to steal (leave the key in the ignition and the door open). These are not security vulnerabilities.

Indeed. Internet censorship fortunately does not work, but one has to wonder why are they trying so hard to establish it nonetheless. My only explanation is that those in power are extremely scared of those they are supposed to serve.

TOR has this as one of its project-goals. And since they are in an arms-race with the "Chinese wall" firewall, I expect TOR has quite a head-start.

Of course, it is a sign how much of a problem western governments have become these days if one seriously needs to contemplate using TOR to fight back against them.

The whole purpose of battle is that one side thinks its lives are worth more....

You seem to have no clue whatsoever what you are talking about.

'tails-autotest-remote-shell' in /etc/init.d includes a rather obvious test for a kernel parameter:

if grep -qw "autotest_never_use_this_option" /proc/cmdline
then
                :
else
                exit 0
fi

If that parameter is missing, the script aborts. I guess you do not know how to read shell-scripts or you did not bother to even look what it does.

And 'tails-autotest-remote-shell' in /usr/local/lib is different from the file in /etc/init.d and actually the python script called from there if needed. It also includes a pretty clear and accurate statement at the start: "ATTENTION: Yes, this can be used as a backdoor, but only for an adversary with access to you *physical* serial port, which means that you are screwed any way." As this very clearly says this is a serial-port connected remote shell, I guess you did not look for one second into the file. And if you had looked and looked at the code as well, you would have seen that it does indeed only open serial port.

So, in total: This script opens a remote shell on a serial port if you give a very specific kernel-parameter on startup.

Remind me again where there is _any_ security problem here? My guess is you are just an honor-less shill spreading FUD for money to keep people from trusting TAILS.

Excellent example!

Thanks!

Incompetence and only be fully developed and utilized to its maximum potential if it is paired with arrogance, as otherwise people could utilize undesirable insights into their own skills (or rather lack thereof) as motivator to increase their competence level. One of the tried-and-true ways of establishing arrogance is fostering high self-esteem that is not founded in accomplishments, but in the believe that everybody can and should regard themselves as highly valuable, regardless of whether they have actually accomplished something.

Makes me wonder whether this drive to give young people high self-esteem is actually a coordinated attempt to sabotage education and self-improvement.

I do not think it can be fixed. The western world managed to acquire technological leadership, and then its governments found out that they do not actually like their citizens to be educated and smart. Hence they have been sabotaging that systematically for a long time and the fruits of that sabotage are obvious now. This decline will continue for a long, long time.