this post was submitted on 21 Apr 2025
206 points (97.2% liked)

BuyFromEU

3391 readers
370 users here now

Welcome to BuyFromEU - A community dedicated to supporting European-made goods and services!

We also invite you to subscribe to:

Logo generated with mistral le chat Banner by Christian Lue on unsplash.com

founded 2 months ago
MODERATORS
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
206
The full guide to switching from big US tech to supporting more ethical and EU-based companies! (Redone with OSs added) (lemmy.world)
submitted 2 days ago by [email protected] to c/[email protected]
42 comments fedilink hide all child comments
 
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] -1 points 2 days ago (2 children)

I do not want to start a discussion about Linux since I'm no expert and a million of Linux experts will know better.

But don't all the suggested distros here (as well any user friendly ones in general) rely on the kernel written by Torvald's team. With that team being based in the US and at least Linus himself having acted as a three letter agency asset before, can they really be called privacy friendly or even secure? (I'm talking about the CIA or NSA having had a backdoor into Linux in the past and Linus also having banned Russian contributions last year while not banning American contributions, much less moving the operation outside of the US)

[–] [email protected] 1 points 2 days ago (1 children)

What is this backdoor you speak of?

[–] [email protected] 2 points 1 day ago (1 children)

Bvp47

[–] [email protected] 2 points 1 day ago (1 children)

Having not heard of this one, I was curious so checked some sites about it, like:

https://www.reddit.com/r/linux4noobs/comments/kd0yml/does_the_nsa_have_a_backdoor_to_linux_this/

https://www.theregister.com/2022/02/23/chinese_nsa_linux/

https://www.bleepingcomputer.com/news/security/nsa-linked-bvp47-linux-backdoor-widely-undetected-for-10-years/

My quick impression from those seems to match what was said by some commenters on the FreeBSD forum - https://forums.freebsd.org/threads/nsa-linked-bvp47-linux-backdoor-widely-undetected-for-10-years.84258/

msplsh: This looks like an implant that opens a backdoor, not an intrinsic backdoor built into the OS.

and:

sko: From el reg: To us it seems whoever created the code would compromise or infect a selected Linux system and then install the backdoor on it. So if someone already gained privileges to install anything on one of your machines, it doesn't matter what it is - this host is compromised and has to be nuked from orbit.

So, unless I'm missing something this is not really about "the Linux kernel devs being compromised by NSA" as much as the endless list of Windows-targetting malware is not about "the NT kernel devs being compromised by NSA".

[–] [email protected] 1 points 1 day ago (1 children)

If this is the case, this still wouldn't exclude a NSA compromise though. There is the ban of Russian contributions.

You can say this is all about politics and the war, but then those politics are clearly aligned with US agencied interests. American contributions are still allowed despite the US being just as much as if not more of a threat to security and privacy. Just like they're just as war mongering.

[–] [email protected] 1 points 1 day ago

I don't know the details of that part directly, but I do remember reading things like this which seemed to indicate delisting of some maintainers (positions of responsibility, as opposed to blocking all developer contributions) who were associated with certain sanctioned Russian companies. This seems to be in line with standard sanctions being imposed by many companies & organisations in various countries (not just USA). Regardless of personal opinions about whether that was "right, wrong, or otherwise" at the time it at least seems a far cry from "an NSA compromise".