Microsoft and Mac OS's are tapped

I'm just going to make the assertion and then let the chips fall where they may.

If ATT, Verison, etc had to cooperate with the Fed, why do you think that Microsoft and Apple are any different?

The Feds don't want to discuss WHAT they are doing 'cause it's sitting on your desk and you own computer is working for them.

Linux...open source...Ubuntu it's the only way to be sure.

The major reason why I make the assertion is the LACK of conversation about it. And indeed, this little entry certainly brought out the nay sayers with just as much proof against the statement as I have for it.

If it is not so let AGAG come out and state under oath that the US Gov has not forced the OS companies to bug their own software.

At least up to the core graphics level. If they've tapped it, it's not done in the kernel.

:evilgrin:

There's about 800 engineers who have access to every line of that code. I was there through 2003 and we were never kept out of any of the mainline OS code.

And very few people would be wiser. You remember they control the entire process not just the source itself.

Since I ran the Compiler/Linker team. :rofl:

http://homepage.mac.com/jgraz/jgrazResume.html


I'll say HI to your mom the next time I'm in London. ;)

Even if we took your resume at your word.
Does it mean anything to the blog? AGAG has a resume too. Big deal.

Would it not be in your best interest to close this discussion down?

The only way out of this is for AGAG to make a statement that there is no such thing in operation or planning by the US Gov.

Must be all that inbreeding in the british royal family.

They ARE verrrrrrrrrrrrry sneaky.

http://en.wikipedia.org/wiki/NSAKEY

I could use a good laugh.

Here's an interesting discussion about how one could even manage to install a back door into an opensource OS, which is why it is important to get your distro files from places/people you feel you can trust, check your MD5s, and why those who really need to be completely confident do as pure a sourcecode bootstrap of their compiler as they can afford to do and run on obscure hardware.

As far as "tapping" goes it is most certainly possible for it to be done both in the network driver layer, and in the network hardware firmware. A simple routine to fire up a paratrace-like mechanism when triggered by odd-but-legal TCP flag combinations on an existing connection would be a pretty subtle method that would elude easily most firewalls, many IDSs, and naivigate NATs with zero effort, and the "magic words" could be injected either by the other endpoint or anywhere packet modification or spoofing capabilities are poorly secured or intentionally available.

How much you worry about it depends entirely on how much tinfoil you care to wear on your head, but by the same token, just because you are paranoid doesn't mean they aren't out to shaft you, and an ounce of prevention is worth a pound of cure.

I don't even trust MS to handle keeping my data safe from its coder's mistakes, much less the NSA, and personally I think people are fools to use that crap. But they seem to think it is intuitive (I find it far from that.) Then of course these are the same people who manage their bank accounts over an unencrypted wireless AP they slapped onto their cable modem with no clue what they were doing.

that for MS and Apple would be next to impossible to prove.

... you do not have any idea in regards to what you are talking about.

with things like packet logs or some other proof that Windows and/or Macs are "tapped."

MS and Apple OSs are closed source. It would be hard for me to prove without quite a few years of reverse compiling.

It's the problem with closed source OSs. You never know what your getting.

It would provide moments of amusement.

It would provide moments of amusement.

An Error has occurred and the OS would like to call home.

What if there's one that doesn't ask?

:shrug:

because they're closed source

we should assume that they are tapped.

That's a Wise assumption IMO....

http://www.ubuntu.com/

And then compiled it yourself? Because if not and at your paranoia level, Ubuntu might as well be as closed as Windows.

It's a Debian distribution. The Debian philosophy is pristine compilation of every unit from the CVS libs. And all over the world every line of code in LINUX is reviewed.

:wow:

It's just a credible assertion made by looking at the extent that the FEDs are taking to tap the world.

And let's face it ... this is a BIG JUICY PEACH.

until you put some FACTS up behind it. I wish the mods would move this BS to the lounge.

even on LINUX. So, if not a credible assertion then it is a valid opinion.

Here's a trivia question: why was UNIX designed from the start with multi-user multi-tasking security?

The story has it that Ken Thompson, Dennis Ritchie were playing an interactive game an instead of playing the game they started hacking each other. So they designed in security from the start.

Every spambot out there operates in this fashion. I want the proof that Windows has stuff that is BUILT-IN which "phones home" to the FBI/NSA/whatever.

:crazy:

We're having too much fun over there.

I think I'm going to change my sig lines to include: Absence of evidence IS evidence of absence unless you can show me fairy poo and fairy predators as circumstantial evidence.

"I'm just going to make assertion" from one poster on the internet is enough evidence for you? Sorry, I tend to need a bit more evidence beyond that.

The bullshit flowing through this thread is no different from Bush in 2002 telling us that Iraq is a threat, involved in 9/11, and has WMDs up the ying yang. That was his assertion. It wasn't a correct assertion, but that's how it played out.

I guess that's why you chose the handle you did.

Do you know what that is?

been there done that. And your point is?

Anybody implement all seven layers yet? I got out of it years ago ... it was boring.

Fear mongering and unsubstantiated conspiracy theory is a lot more fun.

The quickest way for you to stop looking like an idiot is to post some packet traces from a Windows or Mac proving that there are nefarious bits in the stream.

Put up or shut up.

For a bunch of people that would generally state that Gates is evil and MS is the ruin of CS on any other thread.

Like I said it's just an assertion based on the extent that the Feds are going to tap us and "Deep Modems" assertion that "it's not just email", think outside the box for a minute.

The message out could be as simple as a single bit buried in a transmission. You know, one of the "reserved bits" that nobody uses.

XOR the reserved bits "nobody uses" and post the results. I'm on the edge of my seat.

NSA provided security help for Windows, Mac OS X
http://www.homelandstupidity.us/2007/01/09/nsa-provided-security-help-for-windows-mac-os-x/

NSA Security Enhanced Linux
http://linux.about.com/cs/linux101/g/nsasecurityenha.htm

:evilgrin:

Log all your outbound traffic from your net if you think there is something fishy going on with one or more of your systems and be sure to block all inbound requests. I do. We have all three of the OS's mentioned above running here at the house. I routinely check the outbound connections for anything that looks odd and check the dropped packet (connection) list to see who is trying to connect in. I do this mostly to make sure some cleaver soul has not decided to "phone home" as you put it with information I did not authorize to be sent.

That aside, The deal with ATT and Verison is about capturing all that traffic. In effect doing the same thing I do locally (capturing all inbound/outbound headers and packet details before it leaves my net) they can do upstream at the ISP. No need to "tap" my computer when they can get the same information from my ISP and avoid having to be "cleaver" and hide malicious code from us annoying software engineers.

MZr7

I have worked with some very clever people that would be the first to say, "I don't know everything."

The next thing is that the ISP only gets what you transmit. Your OS gets your internal documents, images whatever that are never sent out.

I'm fairly computer savvy but I wouldn't know how to recognize a malicious "outbound packet" from a watermelon.
??

But that's not the point. The Feds monitor trunk traffic. That's what AT&T is doing because they host a lot of trunk traffic. It doesn't matter if you are using Windows, Mac, Linux, or z/OS, chances are near certain that some of your data goes over AT&T's network. It's a massive amount of data, but it's certainly easier to get away with than what the OP is suggesting.

But if they can mask traffic going in- and out your PC then they can mask it in the Linux kernel too.

How do you suppose they surpass third-party firewalls?