Tin Hats Ready, RMS No Problems Linux Used for Evil
Security and privacy seemed to be my theme this week and tonight's news brings more. Richard Stallman, "software freedom fighter," told Swapnil Bhartiya, "A program must not restrict what jobs its users do with it." In related news, the same RMS was included in the Business Insider "12 most influential programmers working today" list. Back to the NSA, Michael Larabel said you should be wearing tin foil hats if you're worried about them working on KDBUS. The NSA also uploaded code to Github for sysadmins to "lock down" their Linux machines.
Michael Larabel at Phoronix.com wrote today that someone emailed in to ask if he should be concerned about the NSA nosing around KDBUS. Larabel treated the writer shabbily putting "news tip" and "concerns" in quotes. After outlining why it wasn't newsworthy he then said the tipster and anyone else who thinks it might be should break out their tin foil hats.
Apparently, Richard M. Stallman isn't among the tin hat crowd, at least as far as the NSA is concerned. Swapnil Bhartiya asked him, "Should free software care or dictate who should use it? Shouldn't any such free project be agnostic to 'who' uses it?" To which Stallman replied, "I basically agree with you. A program must not restrict what jobs its users do with it." Bhartiya continued by saying, "I wouldn't have problems with Red Hat offering their solutions to the NSA. But I would have problems if Red Hat created backdoors in its software for the NSA, which doesn't seem to be the case."
But if there isn't enough NSA software in your Linux just yet, how about adding new System Integrity Management Platform? The Register said today it is "designed to make sure networks comply with US Department of Defense security standards, but the spy agency says it can be adapted by admins to meet individual security needs as well." It runs only on Red Hat EL or CentOS 6.6 or 7.1 and "there are no commercial requirements for the use of SIMP outside of the purchase of Red Hat Enterprise Linux licenses as applicable." Its Github home describes it as:
SIMP is a framework that aims to provide a reasonable combination of security compliance and operational flexibility.
The ultimate goal of the project is to provide a complete management environment focused on compliance with the various profiles in the SCAP Security Guide Project and industry best practice.
In other news:
* Same but Different - UNIX Vs Linux: How Do They Measure up?