Author: Christopher Clements Date: To: dng Subject: Re: [DNG] [ann] heads 0.0 is out!
On Tue, Feb 28, 2017 at 10:21:49PM +0100, Adam Borowski wrote: >On Tue, Feb 28, 2017 at 04:06:16PM -0500, Hendrik Boom wrote:
>> On Tue, Feb 28, 2017 at 09:12:34PM +0100, parazyd wrote:
>> > heads 0.0 is out!
>> > It finally happened and it's not vaporware!
>>
>> It's out, it's not vaporware, it boots into a VM or bare hardware
>> from USB, but...
>>
>> What Is It?
>
>Ever heard of Tails?
>
>An independent remake (not a fork!) of Tails is an awesome thing. Not
>because of details like systemd (which is really harmful only on a system
>you need to actively administer), degradation of its user interface because
>of relying on Gnome3 being also only a minor concern.
>
>The big reason are rumours about Tails being infiltrated by US bad guys, and
>backdoored. Those rumours may be or may not be true -- I seriously hope
>they are not -- but there's no way to prove a negative. If I was a spook,
>taking over a Tails developer would be a really, really high on my list of
>priorities, and it's not that hard to recruit/bribe/threaten the family
>of/hack/etc one of a team. Conversely, if I was a spook but failed at that
>task, I'd badmouth Tails to make potential dissidents fear using it...
>
>Thus, a from-scratch remake gives a chance to avoid either the risk of Tails
>being really subverted, or false allegations of it being subverted.
... but what keeps heads from having the same problem?
Is there really any way to be 100% sure that a project and/or team
member is not compromised?
Also, (no disrespect meant, just an innocent question),
who are these types of distributions meant for, apart from
the paranoid, whistleblowers, drug lords, and high-profile criminals?
(Please don't think I'm lumping them all together.)
I honestly can't think of any legitimate, ethically sound use of "extreme
privacy" software apart from whistleblowing and sticking it to extremely
aggressive advertisers like AT&T's clients.
As a curious "I have nothing to hide" type of guy, I'm wondering if
there are any other legitimate reasons to use this stuff, or is it
logical for "Big Brother" to simply add everyone who downloads Tor to
a watchlist? (That would include me, I guess, since I've used Kali
linux, which comes with Tor IIRC.)
Once again, these are just questions. I am not saying I'm against
"extreme privacy" stuff, I'm just curious; please don't fire me out of a
cannon into the sun or something. (I'm a filesystems guy, not a
communications guy.)