The more I start using Linux, the more I’m into Linux stuff. The new thing I have is listening to Linux audio podcasts. I realized, that I like to hear other people’s opinion. And also, since I have been thinking about starting my own podcast, get some ideas maybe. And I heard in one of the podcasts a mention about open source and security and privacy. I don’t mean to say, that authors of the podcast forgot about this or don’t know about this. I just want to write something like reaction to what I heard in the podcast or my addition to what I heard. Something I would add if I was in the podcast, even it would probably need a whole episode for that. I also put a little backstory there.
Try to think about the age we live in nowadays. Big example could be situation I experienced while sitting in a train writing this. Young couple got on and the first thing that the woman said was: “Turn on the WiFi hotspot and give me the password.” That is pretty nice example of the age I want you to think about. I don’t wanna say, that it’s bad. I mean, I live in the same age and I fully try to use its advantages. I’m talking about this virtual age, online age, age of information technologies and whatever name or description that comes to your mind. Try to think, how many people you know are not online. If we forget our grandmas and grandpas, who are just “too old for that stuff” and parents of some of us, who just don’t have time for that, it’s almost nobody. Most of the young people own a smartphone these days, not mentioning PC or laptop. And they don’t use it just to make calls. Sometimes I think that they don’t even know it can be used to make calls. Anyway, how many of those people realize, what is behind all of this. I’m not saying I can fully realize it, but I can imagine it.
I started listening to the podcast called Going Linux. And in the episode 291, the host mentioned something in matter, that we should use open source to preserve privacy and security. He mentioned, that governments would like to have backdoor into operating systems, into security systems, into encryption etc. Another question is whether they would like to have or they already have that. And if government has that, than the bad guys can have it too. Of course, I agree with the host of the show – they shouldn’t. And I also agree, that open source is a great tool to achieve higher privacy and better security. But, unfortunately, it can also be used exactly the opposite way. And that is what I would like to mention in this post. Cases, where the possibilities of open source were actually used in a bad way (on purpose or not).
North Korea and their Linux operating system
As probably some of you know, countries like China or North Korea are countries, which can brag about ditching all the operating systems and running on Linux. Unfortunately, most of the times, there is a “but”. You can find the “but” in this case in the article I found online recently. It’s about North Korea’s modified Linux called RedstarOS. You might think, that there is nothing special about that. Linux distributions are modified all the time, to create new ones. That is the case here too. But North Korea decided to add a little tweak to make it special. And that tweak is a little piece of code, which can help to track all the files and external media used on that PC. You can read the details in the article.
Ubuntu’s online search
Another issue at the beginning of Unity was its capability to include online results, when searching for local files or apps in your PC. Now, I’m not saying, that the “spy” part, as some people like to call it, was made on purpose. And I’m also not saying, that Canonical knew something they shouldn’t know. But it brought a big controversy. Arstechnica even wrote about big boss Richard Stallman calling Ubuntu “spyware” because of this feature. Yes, you can turn that option off, but why is Canonical going to make that option switched off completely by default in Ubuntu 16.04? You can read more about this topic on OMG Ubuntu.
These are the two cases, that came to my mind after I listened to the podcast. And I’m pretty happy, that I can’t recall any other. As I said at the beginning, I believe, that open source can bring more positive cases of its impact on online security and privacy.