Has NSA and CIA infiltrated Kali Linux like it did with Windows, etc? What safeguards are in place to foil such an attempt?
Junior Member
Has NSA and CIA infiltrated Kali Linux like it did with Windows, etc? What safeguards are in place to foil such an attempt?
Senior Member
It is not kali-linux that you need to worry about it is your firmware.
MTeams
Junior Member
Firmware of what?Originally Posted by mmusket33
Senior Member
of everything including wifi toaster in the kitchen
Repetitio est mater studiorum
Senior Member
Interesting topic
The US government does seem to have its tentacles in a lot of places these days. But I have faith that the Kali team takes care to keep the repos free of tampering.
Administrator
Kali is open source.
Feel free to audit it.
This is a Kali-Linux support forum - not general IT/infosec help.
Useful Commands: OS, Networking, Hardware, Wi-Fi
Troubleshooting: Kali-Linux Installation, Repository, Wi-Fi Cards (Official Docs)
Hardware: Recommended 802.11 Wireless Cards
Documentation: http://docs.kali.org/ (Offline PDF version)
Bugs Reporting & Tool Requests: https://bugs.kali.org/
Kali Tool List, Versions & Man Pages: https://tools.kali.org/
Senior Member
Yes it is.Interesting topic
systemd ...
http://arstechnica.com/information-t...ge-since-1993/Debian 8: Linux’s most reliable distro makes its biggest change since 1993
The controversial "systemd" comes to an OS known for stability.
Is systemd really an attempt of NSA to corrupt GNU distributions?
https://muchweb.me/systemd-nsa-attempt/
Ignoring for the moment the various technical problems with systemd, I have my suspicions that its provenance and scope are cause for alarm.
Systemd comes from Red Hat. Red Hat, in the Linux world, is the company with the largest ties to the US government and the various state security organizations around the world–including NSA. The US government (DoD) is Red Hat’s number one customer. Red Hat also happens to be Lennart Poettering’s employer.
The Linux kernel, I believe, is clean. As long as Linus lives, you’re not going to subvert the kernel. Let’s just assume that is true for the sake of argument. If you can’t get into the kernel, what is your next option? You need something low level (PID 1?), ubiquitous, and vast in scope and complexity.
This describes systemd perfectly. It was almost like it was designed to touch as much of a Linux system as possible. It has hooks into some many different subsystems and APIs that it’s almost impossible to build a modern distro with current software without pulling in systemd as a dependency. This happened almost overnight, and I think there are malicious forces at work here.
We must remember Heart Bleed. Heart Bleed appeared to be an innocent mistake, and it was a tiny typo in one line of a C program. If it’s possible to do that much damage with a tiny little error, imagine when you have an attack surface as wide as systemd, written in a language like C that is almost designed to produce security holes when not written absolutely perfectly–and humans are not absolutely perfect programmers.
Systemd is dangerous. It’s too big to be audited as quickly as its developed. It’s complexity adds as much attack surface to a Linux system as the kernel itself. We can’t get away from these facts. Shitfighting about init systems is a waste of our time. Sytemd is horrible because of where it comes from and how complex it is. Backdoors will be hidden in it.
— (?)
Kali Linux USB Installation using LinuxLive USB Creator
Howto Install HDD Kali on a USB Key
Clean your laptop fan | basic knowledge
Posting Permissions
