On Wed, Jul 09, 2014 at 11:11:44PM -0400, Darius Jahandarie wrote:
If Tux Q. Debiannewbie doesn't know what adversaries with what powers they are/aren't protected against for their use cases without looking hard and being a security expert, it's hard to make serious claims that Debian is actually protecting its users.
I frankly find it hard to believe that someone who is unwilling to click past the first link when researching actually cares much about any kind of writeup of threat models. I'll make it simple: if you're completely unsophisticated and worried about a government hijacking your linux distribution to spy on you, there's nothing debian can do to help you. If you're low profile and uninteresting, the government doesn't care about you. If you're actually being targeted by well funded and sophisticated adversaries, they're going to get you unless you put a heck of a lot more effort in than clicking on the first link.
Mike Stone