Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?

Comment Re:You can't trust any mainstream Linux distro (Score 4, Interesting) 472

I believe you can trust OpenBSD totally but it lacks many of the features and much of the convenience of the main Linux distros. It is rock solid and utterly secure though, and the man pages are actually better than any Linux distro I've ever seen.

Three points:

1) See the above discussion: you cannot trust anything that you did not create and compile yourself. With a compiler you wrote yourself. On a machine you created yourself from the ground up, that is not connected to any network in any way. OpenBSD does not make any difference if your compiler or toolchain is compromised.

2) Speaking of which, I cannot but note that OpenBSD had a little kerfuffle a while back, about a backdoot planted by the FBI in the OS? (Source 1) (Source 2). I am willing to bet that (a) it's perfectly possible (though not likely), (b) if it was done, it was not by the FBI and (c) that the dev are, right now, taking another long and hard look at the incriminated code.

3) Finally OpenBSD lacking features and convenience? Care to support that statement? I have a couple of computers running OpenBSD here, and they are just as nice - or even nicer - to use than any Linux. Besides, you don't choose OpenBSD for convenience - you use it for its security. Period.

The possibly bigger problem is that no matter what OS you use you can't trust SSL's broken certificate system either because the public certificate authorities are corruptible. And before someone says create your own CA, sure, for internal sites, but you can't do that for someone else's website.

This goes way beyond a simple question of OpenSSL certificates - think OpenSSH and VPN security being compromised, and you will have a small idea of the sh*tstorm brewing right now.

Submission + - A dinner with NSA General Alexander

Noryungi writes: Jennifer Granick, former Civil Liberties Director of the Electronic Frontier Foundation, now Director of Civil Liberties at the Stanford Center for Internet and Society, recently had dinner with NSA Director, General Keith Alexander. Her story is well worth reading... Especially for the cognitive dissonance between the NSA objectives and Civil Liberties activists.

Comment Re:Notice (Score 1) 986

Nope. But they can shut down abruptly, like Groklaw and Lavabit did.

No, they are part of a much larger conglomerate. Said conglomerate may choose to cooperate with NSA/TLA agency, and choose not to divulge the fact to their users. (This being said, Slashdot has had problems of that nature before, although much less dire). The only solution would then be for the Slashdot crew to take the high road and resign "en masse", while publicly stating why as the Lavabit founder did.

I bet a LOT of people would be freaked and outraged by such an event.

I am not so sure of that, unfortunately. (sigh)

Hell, imagine the fallout if something like Wikipedia were to suddenly shut down with no explanation beyond a message like the one currently sitting on Groklaw.

Been there, done that. Maybe that is what is needed: worldwide protest against the NSA? Black pages everywhere? Again, I am not sure that this would change anything, but one can dream.

Comment Re:Where will this end? (Score 5, Insightful) 986

Educate yourself: Lavabit founder has specifically stated that he did not wat to compromise the privacy of his users.


My Fellow Users,

I have been forced to make a difficult decision: to become complicit in crimes against the American people or walk away from nearly ten years of hard work by shutting down Lavabit. After significant soul searching, I have decided to suspend operations. I wish that I could legally share with you the events that led to my decision. I cannot. I feel you deserve to know what’s going on--the first amendment is supposed to guarantee me the freedom to speak out in situations like this. Unfortunately, Congress has passed laws that say otherwise. As things currently stand, I cannot share my experiences over the last six weeks, even though I have twice made the appropriate requests.

What’s going to happen now? We’ve already started preparing the paperwork needed to continue to fight for the Constitution in the Fourth Circuit Court of Appeals. A favorable decision would allow me resurrect Lavabit as an American company.

This experience has taught me one very important lesson: without congressional action or a strong judicial precedent, I would _strongly_ recommend against anyone trusting their private data to a company with physical ties to the United States.

Ladar Levison
Owner and Operator, Lavabit LLC

He has also stated that he could be arrested for shutting down his site:


I may be ''rather fucking stupid'' as you say, but, at this stage, I trust Lavabit more than I trust the NSA.

And please learn the difference between "convent" and "convenient". I am not a religious person and I have no intention of ever becoming a monk.

Comment Re:Where will this end? (Score 0) 986

You don't have to be a dick about the "her site, her rules" stuff. We, as her readers, are entitled to express our opinions about the closure just as she is entitled to do as she sees fit.

True, but a reminder about who owns the site is always a good thing. Besides, what are you doing here, except expressing an opinion ? (I'll grant you it's not on Groklaw itself, but still...)

Furthermore, she may well intend to serve our interests anyway, so our input as her readerbase would be welcome, presumably.

She is taking pre-emptive action, in the interests of her readers and contributors. I respect that.

Comment Re:Where will this end? (Score 5, Insightful) 986

Pj, you gutless coward! Come back!

Two points:

1) It's HER site. If she does not want to continue, for whatever reason, it's HER choice. Disagree with her? Create your own Groklaw.
2) Especially given the Lavabit precedent, I can understand her decision.

Remember: you may be secretly ordered to spy on your own users, and secretly prevented to even mention this to anyone - including your own lawyers - and threatened with criminal prosecution if you decide to do right thing and shut everything down. Big Brother wants to be able to watch you. All the time.

As for being a ''gutless coward'' (your words, not mine), try running a high-traffic, high-visibility web site for a while, with all the attendant legal problems and shenanigans (see above), and we will talk about it for while, mmmmmkay?

Comment Re:Yep (Score 5, Informative) 407

Let me add a few datapoints here, as a reminder...

1) The AES competition was launched in part because DES and 3DES were cracked by EFF using FPGA-based brute-force decryption machine. Source :

As a reminder, DES was THE standard crypto algorithm, vetted and approved by NSA. It could be cracked by EFF only because of Moore's Law and some serious budget and effort.

2) Public-key cryptography was invented separately at GCHQ (UK NSA) and NSA itself, several years *before* Diffie-Hellmann. Source:

So, yes, these people (NSA/GCHQ) are very good at what they do. They have had at least 10 years of head-start, since cryptography was considered for many years just a branch of mathematics in academic circles. These guys work on nothing but crypto and digital/analog communications, year in, year out. Do not underestimate them.

3) One of the first electronic computers, was delivered to the NSA in the 1950s. NSA later suggested improvements to the company that built it. The first Cray supercomputers were delivered straight to NSA. Again, that was in the 1950s, when most computer companies (IBM comes to mind) were still struggling to define what a computer was good for. Source:

4) The NSA and GCHQ have a long history of backdoors. They love these things, as they make their life so much easier. Read on Venona, Enigma, Ivy Bells: all of these were made possible by intercepting/copying one-time pads, selling "unbreakable" German encryption machines and tapping undersea Russian cables. And I am willing to bet these are just a small fraction of what these people have done over the years. Source:

Again, this is just a small fraction of what NSA and GCHQ have done over the years. So, yes, suspecting backdoors in open-source software is... shall we say... only natural.

If I was paid to be a professional paranoid, I would be taking a very long hard look at my computers and telecom equipment right now.

User Journal

Journal Journal: Some more utilities for the toolbox...

From the excellent Daemon Keeper blog:

IPSET (Quickly add numerous IP addresses to NetFilter/Iptables) :

Slashdot Top Deals

I judge a religion as being good or bad based on whether its adherents become better people as a result of practicing it. - Joe Mullally, computer salesman