Wireless interface

Valeri Galtsev galtsev at kicp.uchicago.edu
Sun Jan 27 17:14:44 UTC 2019 


On 1/26/19 6:37 PM, Polytropon wrote:
> On Sat, 26 Jan 2019 16:09:44 -0700, JD wrote:
>> IMHO, today, there are no OS'es available to the public,
>> sans backdoors, spyware and other malware.
> 
> What does make you believe this is true?
> 
> Taking FreeBSD as an example, in how far does it include
> either a backdoor, a piece of spyware, or a piece of
> malware?
> 
> I'm explicitely _not_ talking about something that you
> can install afterwards, or you can be "talked into"
> installing. I'm also not talking about web technologies
> for tracking and spying, because they use the web browser
> and its complexity, which is comparable to the complexity
> of a whole OS. And I'm not talking about the means an ISP
> can use to track its users or modify their traffic.
> Regarding backdoors, considering exploitable errors
> (which we don't know of yet) is different from mechanisms
> intendedly placed into the OS to circumvent security
> barriers provided by the OS or added by the user.
> 
> This is not a sarcastic question. I'm really asking
> myself (and you) why FreeBSD could _not_ be considered
> to be available to the public _without_ containing
> backdoors, spyware, or malware.

I 100% agree with Polytropon, and would just add one simple point: 
FreeBSD is open source system. Everyone in the World can (and some/many 
do) go and audit the code for backdoors and/or vulnerabilities. This 
significantly adds to the point that there are none, and it is hard to 
introduce one that will not be noticed by anyone. To the contrary to 
proprietary systems which not only hide the source, but also will do all 
to put you in jail if you reverse engineer (disassemble) their binary 
code and attempt to publicize spy part if you discover one. Just to 
mention one example: google's android system. It is _based_ on open 
source kernel, but has closed source proprietary chunk in it. So, you 
can re-consider your trust to your android smartphone (if you ever had one).

Of course we all learned mathematics, and logically it is difficult to 
prove FreeBSD does not have malicious code. However for those who claim 
an opposite: that FreeBSD does have malicious code in it, it is very 
easy to prove their point. It is sufficient to point to one of them. If 
one can not point even to single malicious chunk in FreeBSD, one 
shouldn't insist there is one.

Just my $0.02

Valeri

> 
> Sure, as soon as you add a web browser to the mix, you
> can get at least the commonly accepted (!) "crap of the
> web" if you wish - but that's not something the OS will
> contain in a default installation. :-)
> 
> 
> 

-- 
++++++++++++++++++++++++++++++++++++++++
Valeri Galtsev
Sr System Administrator
Department of Astronomy and Astrophysics
Kavli Institute for Cosmological Physics
University of Chicago
Phone: 773-702-4247
++++++++++++++++++++++++++++++++++++++++

More information about the freebsd-questions mailing list