Linux on every machine. Be careful what you wish for

I use WIndows and have been considering Linux since watching the show.
I'm not concerned about the learning curve.

In the event that I do, and, best case scenario, everyone else does as well, what is to stop Linux developers from also "hoovering" up everyone's data?
If it becomes the norm, will they be legally required to include hoovering schemes?
Will they yield to court orders to hand over data? If they don't and they go to jail, how could you be sure the people that take over to keep it updated would be willing to go to jail as well?
Even if there was a list of secure and safe distributions, how could you "tin foil hat" be sure. Would that become a hit list?

WIth the obvious incentive of cash, in the event that everyone does go to Linux, would data collection distributions make the best and most innovative distributions in the form of being able to pay qualified personnel?

Is it worth my while taking the time to learn this system (aside from the knowledge and experience) if they fall to the same urges?

Would you in fact be destroying your own security by bringing in the masses, and thereby the attention of the corporations and agencies that "need to know?"

To be clear, this is not an anti-Linux post, but a concern for the future of our security.

Thank you.

Slightly off topic- What would data collection do in the event of a singularity?

1 Like

Linux doesn't run on the same principles as Windows does. With windows, Microsoft can surreptitiously go in and grab whatever data they want and you'd never know, because you don't necessarily have access to those logs. With Linux, you have full access to the hardware underlying the operating system, and you have full control over the operating system itself. If there is something going on underneath the hood, then it's much more likely to be exposed because of the nature of the operating system. you could most likely stop it yourself or report it yourself if you're experienced in Linux enough. Even if there's some huge company that decides that Linux is a lovely place to gather information, they'll be screwed because someone else can just make a distro that fixes those problems or stops them from happening, and they're not really allowed to outlaw secure distros because Linux is free. You can't tell someone not to do something to it to change it. If the government tries to prevent said securities being implemented, then we're in a totalitarian regime at that point, and leaving would be a good option.


The kernel is open source, primarily meaning anybody can use it. If you don't like a package distributor, change over to another one. There are so many different selections of Linux distributions and graphical interfaces that it's hard for any one package distributor to become a monopoly. This inherently makes Linux more secure and code bugfixes are generated by average joe's like you and me.

as development of software continues, we're seeing software services (such as pandora, gmail/ google drive, amazon, siri, cortana, etc) move toward web applications. desktop and laptop computer sales and usage are definitely slowing down, as smart phones take over our lives.

now these web applications NEED to collect data in order to provide you with their sophisticated services (recommending music based on your tastes, reminding you that you were invited to your friend's birthday party after reading an email that was sent months ago, suggesting products that you might like). the software that produces these services will collect tons of data about you.

from a "progressive" standpoint, these services are amazing. they free up our time so that we can go off and do things we really want to do, instead of sitting on the computer all day doing research. i myself use these services almost daily, and am very grateful that they exist.

so essentially, we shouldn't be so concerned with specifically "linux" or "windows" security. we should focus our attention toward the web and internet security in order to prevent our web data from being misused.

What legal requirement is their currently? As far as im aware there is none, unless your already collecting data in which case the data collector may be required under law to give data under court order if someone is being investigated. Theres no legal requirement to insert data collecting code into programs.

Anyone who collects data may be required to hand over certain types of data depending on country and which law applies to the data requested. And not doing so could generally be fines or jail depending on country and law. currently very few if any (ubuntu really) collect any identifiable information used to track a user.

Audit the code. Maybe this isnt something you can do but others can, you can pay others to do so, you can work with others to do so. The key is you cant hide the code like propitiatory systems do so you cant hide added backdoors easily.

The problem here is most distros cant verify that the binary you use is make from the same code. Debian have recently set out plans to produce reproducible builds, essentially builds that if you take the source and build your self will result in the exact binary your would have downloaded from debian servers, so you can verify the binary hasn't been tampered with

Look at Ubuntu. They added the lens thing that searches amazon when you look for things in the distro and brings back sponsored results. Money is a key factor in that, they need to survive somehow. The execution was wrong though.

Not sure what your asking. But taking the time to learn Linux is always good. The thing to remember its its free software, you cant lock it down and control it, the moment you do theres another option out there that isnt doing what you dont like. People didnt like the ubutnu lens things for example, the left or removed it. People didnt like systemd so moved to gentoo for example, but some people did like systemd so gentoo added the option to use it. Linux is very flexable.

Linux is always run and developed mainly by corporations. Not just the Linux kernel but most Linux based applications. Theres big companies in the Linux works. Red Hat is a massive contributor, works on Gnome, systemd, and several other components. Blue systems sponsors many KDE developers. Ubuntu works on.. well Ubuntu and a number of other enterprise and cloud based components like open stack. SUSE, IBM, HP, the list goes on and on, they all have developers that work on the Linux kernel or other Linux based systems because they want to use Linux and its critical to their systems or business.

Security in Linux is improving and it needs to its a critical component in a lot of systems and infrastructure not just end users every day use so companies that use it want it to be secure. Thats not to say there isnt bugs or vulnerabilities in it or that they arent being exploited but the key difference is they can be found and fixed. If you absolutely needed a secure system, you can audit every single line of code and build it on your own secure build systems and know exactly whats going on. You cant get that with Windows.

it's open source the community won't stand for devs hoovering data they just won't use that program

The key word is Free and Open source. The code OS itself is widely available and free to review by anyone using it, thus if any such event occurs people will know immediately. Those that have the knowledge will also be able to take what is good about the code remove the spywere and create forks for everyone else to use.

The fact that the code can be seen, acquired, altered and distributed freely means there will always be a way to circumvent any nefarious code as long as it is free and open. Thus even if a commercial developer want to do this it is probably a very bad move.

A good recent example would be chromium. Some developer linked to google tried to move data monitoring code within chromium. The community to its credit saw it immediately and after enough backlash it was removed. The google guys claimed it was a mistake.

Additionally many organizations or teams that develop free software are not commercial organizations. Thus their goals compels them to have a completely different approach to the matter. Organizations like debian and Mozilla for example that their existence relies on them defending software freedom. Additionally the commercial developers also rely heavily on their community, not only as consumers but also as a developing force. Thus the commercialization that could compel a for-profit company to use such schemes in the expense of the users can be more effectively controlled by the user community.

Lastly again if any of these companies and organizations fail to uphold their promises of respecting their users rights there will always be the alternative of the fork, as long as the software is Free Software (free as freedom). And if there is a need someone will definitely do it.

Of course any non-free software you use in your Linux system has exactly the same dangers as any other proprietary software in any other system.

Basically the correct wish is not for everything to be Linux, but everything to be free software.

Why should we not fear linux the same as proprietary OSs? The answer is simple, but it is not that "linux is open source". Chrome and ChromeOS are open source, but both are massive data collection agents. Android is open source, and it too is full of spying devices.

The thing that makes Linux secure, is the development model: Yes it is open source, but the important thing is that new code is chosen by consensus. It's a little like a democracy in that respect. The trouble with the three google projects I mentioned is that while decisions are still chosen by consensus, it is a single company that is casting all the votes, and so the rest of us basically get to choose to use it, or choose not to. We don't get to choose the features.

With Linux (take the kernel as an example) there are many companies invested in the development as well as many individuals, if just one of them discovers one of the others putting malicious code in there, the that one is going to cry "wolf!", and everyone else will know simply to leave out that piece of code in their own compiled version.

With windows you get to use it, or not. With Linux you can pick and choose which features to include. So long as there is at least a minority in the community that don't pick malicious stuff, there will be a safe version of Linux.

In short Linux is what you get, when you mix democracy with anarchy and sprinkle it with technocracy all over.

Thanks for the perspectives.

These are better thought out answers than I was predicting to see.

Brilliant reply, as always. Awesome.

There's been a lot said on the Linux side, but I'd like to give an opinion on the Singularity.

Every major government wants this and they haven't a clue what it'll would really mean. We have one chance of getting it right first time, because it not the consequences could be dire. It's going to be a super alien intelligence on earth and even if it's initially totally benign, it could rapidly evolve into something that isn't.