Re: Linux needs a security audit
"extraordinary claims require extraordinary evidence".
Please point to the evidence.
Both Linux and Tor, OpenSource,
and with source/version control and history, etc.
So if they were compromised at any point, or even
unintentional compromising bugs introduced, one should
well be able to point that out, and when, and the responsible
party that introduced such.
While I'm sure there are entities that would wish to compromise
Linux and/or Tor, actually doing so is quite non-trivial, given all the
eyes on the code, various testing and monitoring, etc. Even when a
bad actor intentionally compromised xz, that was caught in relatively
short order, and long before making it to any Debian stable release or the like.
May want to first look at simpler more probable explanations before presuming
the much less probable. E.g. if you believe you were compromised, were you
compromised via other simpler, easier means, e.g. somehow otherwise leaking
your information/data - such as a compromised Tor entry relay, or many
other possible
means, which would be a much simpler and easier attack/compromise
than what you claim. There are many other possibilities,
but that's just one that's far simpler and easier than what you're claiming.
So, if you claim compromise of the code, point to the actual evidence,
where exactly
in the code is the compromise? Otherwise you're making quite
extraordinary claims,
without the corresponding evidence to back those claims.
And you're claiming both were compromised? Really. Sounds like
conspiracy fodder without backing evidence.
On Wed, Sep 3, 2025 at 3:54 PM dreamy2004 <dreamy2004@proton.me> wrote:
> they backdoored both Linux and Tor.
> they compromised Linux and Tor.
Reply to: