||[Jul. 7th, 2014|05:34 pm]
http://habrahabr.ru/post/228665/ - NSA looks after those interested in Linux and information security|
To those having some interest in the field of information security all is clear when it comes to proprietary systems by Microsoft and Apple corporations. However, a conventional wisdom is still around telling that the Linux operation system securely protects the personal data of its users from third parties. Aside from the signature SELinux module by the NSA USA that is built into the Linux core, the most of contemporary distributives has proprietary packages built-in, the coded contents of which are anybody’s guess.
In theory, ignoring Slackware and GNU-distributives released more than two years ago (such as Zenwalk), one can suppose that the NSA vulnerabilities that are available in popular Linux repositories (RedHat and Debian at the first place, along with other 90% that are based on these two) continue to emerge on an annoyingly regular basis – more often than they can be identified.
And considering the news warning about the OpenSSL compromises (such as one, two and three) – one can come to the conclusion that embedding backdoors into the source code presently takes the effort of much more people than there are open software enthusiasts monitoring the source code of possibly dangerous packages.
But for those who do not like the idea of being transparent for USA security services there is, at last, a durable solution, provided with a russian-speaking technical support and an audit from russian intelligence services: Mandriva-based ROSA distributives, certified by FSTEC and Russian Ministry of Defence. These distributives have been diligently customized by the application software developers of SNORT, VYATTA and Information Security Systems, as part of a project to create a national software platform prototype. Using the ROSA distributives, you can make yourself and your data unavailable to the American intelligence services.