Other Distros

[starhawk]

If your netbook is black, put two strips of electrical tape over the cam. One is probably enough, but overkill here is not going to hurt anything.

Or, if you know your netbook very well, you can simply open it up and remove the webcam entirely.

FWIW, most if not all webcams have a little LED next to them. Watch that LED -- you're only in trouble when it's on that's a hardware function that cannot be defeated in software, AFAIK.

It's worth noting, at least for the record, that this is quite likely tinfoil hat territory -- I have a netbook myself, I've had it since 2009, and the only times the webcam has ever been in use, for sure, is when I've accidentally triggered it. I have no use for it, but once in a while in XP I'd hit the wrong button and have to turn it off again. Nobody has ever remotely triggered that webcam, and I rather suspect that nobody ever will.

[nooby]

Barry would have detected such differences
and would have warned us not to use the
these features on modern computers.

Where do I look or knowing my hardware/software that have the
that remote control at usage time installed and active?

Do you have any links to back up your claim with?

[bark_bark_bark]

FWIW, most if not all webcams have a little LED next to them. Watch that LED -- you're only in trouble when it's on that's a hardware function that cannot be defeated in software, AFAIK.

Mine doesn't have an LED. Techincally the NSA could still record without triggering the LED.

[CLAM01]

Physical disablement of devices is the only sure way to prevent remote monitoring, with physical removal being the most sure. remote operation for monitoring accesses are done at low-level and operate in background, so notification information is optional. Most on-screen indication is echo function, and echo must be specified, and can be to turned off ('noecho'), and usually is not called and is turned off by remote operators. The most common remote monitoring I have encountered has been sound, done broad-spectrum to look for pirate music, followed by key-stroke for user-info. If you put your own monitoring program in your computer you can monitor your sound volume (for example) and be alerted, for example, if it is un-muted, if muted, or turned up, if no sound is heard by a remote monitor, but he thinks there should be some (if you have put sound to a visual echo to draw them, for example). The same with web-cams. If you have an active-web-cam program monitoring your web-cam but have the cam blocked you can be alerted when remote operation and adjustment efforts are made, as a remote operator tries to get a picture from the operating but not "seeing" cam.

Nooby,
BK has installed some of the monitoring software in puppies, including the write-home feature to the NSA's data-mining enterprise "Nugget Enterprises" and net-bot center "ICANHAZIP" and the backdoor in his last, 571. Both appear to be to let "law enforcement" in, and so appear to be "law enforcement" "request" installations, which usually means coercions, since resisting "law-enforcement" is futile (or expensive, as Kim DotCom could tell you). The problem today is that "law enforcement" is equivalent to "gangster". This means that it is not, or not for long, for real law-enforcement purpose, or law-enforcement purpose only. In addition, once a backdoor is installed, and used, it becomes known and once known is not that hard for professionals to find and operate. Criminal abusers are professionals, and, today, as often as not may also be "law enforcement" and government spy professionals, and ones to whom commercial data captures are potential trading stock to make mutual back-scratch deals with industry "partners" to help gain an entry, or a "favor".

What we have today in internet-land is gangster-land anarchy. For this I recommend to go back to paper and post office, to not do any business electronically that might expose anything you want to keep private, or protect from theft, and to set up for your personal use only a computer that cannot attach to any network. This will not, of course, protect you from government-agent burglarizing, which is also popular among "law enforcement" agents today.

[James C]

BK has installed some of the monitoring software in puppies, including the write-home feature to the NSA's data-mining enterprise "Nugget Enterprises" and net-bot center "ICANHAZIP" and the backdoor in his last, 571. Both appear to be to let "law enforcement" in, and so appear to be "law enforcement" "request" installations, which usually means coercions, since resisting "law-enforcement" is futile (or expensive, as Kim DotCom could tell you). The problem today is that "law enforcement" is equivalent to "gangster". This means that it is not, or not for long, for real law-enforcement purpose, or law-enforcement purpose only. In addition, once a backdoor is installed, and used, it becomes known and once known is not that hard for professionals to find and operate. Criminal abusers are professionals, and, today, as often as not may also be "law enforcement" and government spy professionals, and ones to whom commercial data captures are potential trading stock to make mutual back-scratch deals with industry "partners" to help gain an entry, or a "favor".

Totally unsubstantiated bulls**t.How about some evidence instead of just your vivid imagination.

[James C]

To Nooby, you can read the entire thread I'm linking to but this one post pretty well addresses the subject....
http://www.murga-linux.com/puppy/viewto ... 573#757573

[nooby]

Thanks guys for standing up for Barry K.
I see the text from as a kind of ill willed attempt to ruin his good name.

Why would Barry deceive us that way.
Sounds like a bad conspiracy to me

[Pete]

I don't know if CLAM01 is being serious or just stirring the pot, but he does bring up an interesting point.

We all know that law enforcement agencies use strong arm tactics to bully ISPs and our friends at the "plex" and Redmond, so why not poor old Barry?

Now don't get me wrong, I have only the highest of respect for Barry and what he has done with Puppy, but it's not impossible that he has been "contacted" by the men in suits and dark glasses and persuaded/bullied/forced/intimidated (call it what you want) to co-operate and of course keep quite about it.

I challenge anyone to provide irrevocable proof that Puppy does not have one or more deeply embedded back doors.

[James C]

I don't know if CLAM01 is being serious or just stirring the pot, but he does bring up an interesting point.

We all know that law enforcement agencies use strong arm tactics to bully ISPs and our friends at the "plex" and Redmond, so why not poor old Barry?

Now don't get me wrong, I have only the highest of respect for Barry and what he has done with Puppy, but it's not impossible that he has been "contacted" by the men in suits and dark glasses and persuaded/bullied/forced/intimidated (call it what you want) to co-operate and of course keep quite about it.

I challenge anyone to provide irrevocable proof that Puppy does not have one or more deeply embedded back doors.

You are free to look at any of the code in Puppy, do your research and then provide irrevocable proof that Puppy does have one or more deeply embedded back doors.

It's very easy to post unsubstantiated crap in a forum,let us see some proof from one of you.

[Pete]

It' not for me to prove that it has.
I'm not saying that it has, all I'm saying is that it could, although I certainly hope it does not.

The point I'm trying to make is that it's impossible to inspect every line of code in the kernel, modules, scripts and everything else that makes up Puppy.
Over and above, unless one recompiles the kernel (and all other pgms), there is no sure way to tell that the source we are inspecting is what is in the compiled finished product.

Much of the code also presumably comes from up-stream, is every line of the source inspected before being compiled (where applicable) ?
I doubt it.

James C wrote:

It's very easy to post unsubstantiated crap in a forum,let us see some proof from one of you.

Now that is just plain childish.
Since when is questioning something crap?
Just like I can't prove that it has, similarly you can't prove that it hasn't.

[nooby]

Thanks James, theoretically the claimers can be right
but they have to give us some example

When no such evidence have emerged
then I prefer to trust Barry in practice.

[Pete]

Nooby,
I agree with you, but what if Barry was sworn to secrecy?
Another potential for back doors are the extra pets we load.
Do you inspect every bit of code in them before loading them?
I know I don't.

I'm not trying to run Barry down, even if he has been forced to do things which are not in his nature.

The fact still remains, that no one here can tell me with 100% certainty that Puppy has no back doors.

Sometimes it takes years or even decades for the truth to emerge, although in this case I hope that it's not applicable and that Puppy is 100% clean.

[rokytnji]

http://www.aaos.org/news/aaosnow/nov13/managing9.asp

There is a sinkhole that should keep you awake at night.


Instead of webcams and other remote possibility OMFG reasoning.

[Pete]

Interesting article and although a lot of the points mentioned in it relate to Windows, it's foolish to think that Puppy (and other distros) are somehow immune.

Almost everyday we hear of new attack vectors, weaknesses in encryption algorithms and other exploits in programs that some of us also use in Puppy.
Adobe Flash comes to mind, so does Java and SSL.

So it stands to reason that whether it's via code purposely inserted into the kernel, modules, programs or simply a shortcoming in a piece of code, shouting the odds that Puppy has potentially no back doors is akin to burying your head in the sand.

[puppy_apprentice]

Interesting article and although a lot of the points mentioned in it relate to Windows, it's foolish to think that Puppy (and other distros) are somehow immune.

Nothing is immune. But suggesting that Barry is doing something in secrecy eg. he implements backdoors because he works for NSA is strange to me. Barry is not kernel hacker. So if Linus team (and other voluntary kernel coders) didn't notice bug in kernel quick we will be affected but as i said suggesting something against BK is not nice.

Have you asked (if used Ubuntu) MS if he works or worked for NSA, CIA or maybe for Vatican's Opus Dei?

[Pete]

But suggesting that Barry is doing something in secrecy......but as i said suggesting something against BK is not nice.

I'm not suggesting he did anything underhanded willingly or knowingly.
All I said was that he could have been forced/intimidated into doing it, not impossible.
If it happens at Microsoft which is a huge organization, why not a single person?

Have you asked (if used Ubuntu) MS if he works or worked for NSA, CIA or maybe for Vatican's Opus Dei?

Couldn't care less about Shuttleworth's affiliations as I don't use Ubuntu.

[puppy_apprentice]

I've quoted you but my questions was especialy for those posters that suggest something eg. CLAM01.

Myself i have more respect for Linux coders than for coders that works for big commercial corporations. If somebody needs more security he should use Libre distros. Those don't have closed source blobs.

[Pete]

I've quoted you but my questions was especialy for those posters that suggest something eg. CLAM01.

Understood.
I certainly don't agree with CLAM01 that Barry purposely and under no duress put something fishy in the kernel.

If I was the one that created an enormously popular distro and one day got a knock
on my door and was told in no uncertain terms by a government agency to do this or else, I know what I would do.
I'm no Snowden and certainly have no martyr tendencies.

Myself i have more respect for Linux coders than for coders that works for big commercial corporations. If somebody needs more security he should use Libre distros. Those don't have closed source blobs.

Agreed.

[James C]

More for the conspiracy theorists.....

Julian Assange: Debian Is Owned By The NSA

https://igurublog.wordpress.com/2014/04 ... y-the-nsa/

I recommend watching his 36 minute Q&A in its entirety, keeping in mind my recent warnings about how GNU/Linux is almost entirely engineered by the government/military-affiliated Red Hat corporation.

We all must immediately turn off all electronic devices........we can't trust anyone.......spies are everywhere.

[Pete]

From the article that James C posted a link to above, one line says it all:

the Linux system depends on thousands of packages and libraries that may be compromised.

I rest my case.

Does the NSA (and other agencies) have the capability to spy on you via your computer?
Absolutely.

Do they?

Who knows, unless you are engaged in some seriously dodgy stuff, why should they spend time and resources on of the Terabytes of data generated daily (and intercepted by them) to single you out.