subject:"Re\: \[pfSense\] NSA\: Is pfSense infiltrated by \"big brother\" NSA or others\?"

Re: [pfSense] NSA: Is pfSense infiltrated by "big brother" NSA or others?

2013-10-10 Thread Ducky BUNG

I'm older than all of you, and am perfectly convinced that thinker9 is
my ex-wife.

D


On 10/10/2013 07:00 PM, Jim Thompson wrote:
>
> On Oct 10, 2013, at 5:42 PM, Paul Mather  > wrote:
>
>>   I first started using mailing lists back in the mid/late 1980s,
>
> You're not the only one.  :-)
>
> I too was entertained by the n00b trying to tell grandpa how to use email.
>
> Jim
>
>
>
> ___
> List mailing list
> List@lists.pfsense.org
> http://lists.pfsense.org/mailman/listinfo/list

___
List mailing list
List@lists.pfsense.org
http://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] NSA: Is pfSense infiltrated by "big brother" NSA or others?

2013-10-10 Thread Jim Thompson


On Oct 10, 2013, at 5:42 PM, Paul Mather  wrote:

>   I first started using mailing lists back in the mid/late 1980s,

You’re not the only one.  :-)

I too was entertained by the n00b trying to tell grandpa how to use email.

Jim

___
List mailing list
List@lists.pfsense.org
http://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] NSA: Is pfSense infiltrated by "big brother" NSA or others?

2013-10-10 Thread Thinker Rix


Hi Paul.

On 2013-10-10 18:42, Paul Mather wrote:

Thank you for the valuable information about how to use mailing lists.


You are welcome! ;-)

I first started using mailing lists back in the mid/late 1980s, on the 
JANET network (British academic network)---back when the Internet was 
made up of networks like ARPA, BITNET, UUCP, and the likes and (in my 
case) you needed to know the gateway machines that would let you reach 
those networks and had to incorporate that routing into the recipients 
e-mail address.


I love it when users try to show off with what internet dinosaurs their 
are, as soon as someone tries to teach them how to do something better..
Well, I am an Internet Dinosaur, too, with quite a comparable track 
record as you, so I am not all to impressed ;-)


 I suspect "those people" you mention above actually know how to use a 
mailing list properly.  I know I do.


Well, as it seems, most readers here *may know* how it should be done, 
but yet *don't do* it correctly, since it has shown that most users do 
just read all incoming mail unsorted and not threaded.
While anybody has the right to do so - no one has the right to complain 
afterwards about drowning in mail that does not concern him. But 
awkwardly enough many users did complain. And I will not accept them 
blaming me for not using their mail readers correctly.


 I also know the value of good S/N ratio on technically-focused 
mailing lists.


Every user will consider different things to be noise. I do not consider 
this thread to be noise - at all. You do. Just read another thread that 
appeals you more?


Maybe if we can establish that, we can finally wrap up this thread 
as far as pfSense is concerned and get back to a pfSense-focused 
mailing list.


You can switch *right at this very moment* to a discussion thread 
that is of more interest for you and there you go!


Of course, you're right, and that is wise counsel


It would have been a wise sentence, if it would have stopped here ;-)

because it reminds me of one of the golden rules of mailing lists: 
unwelcome threads persist only so long as people reply to them.  (This 
is sometimes better known by the more insulting adage: "Please don't 
feed the trolls!"  I'm loathe to employ that, though.)  I thought I 
was making a reasonable point, but it seems as far as I'm concerned, 
this thread has passed the point of reasonableness.


FACK! The only difference is, that you consider me to be the troll 
(maybe because I backtalk without hesitation to those who try to muzzle 
and censor me?) - while I consider those to be the trolls, who do not 
contribute anything of value to the discussion but plainly interfere in 
this thread and bully the others to stop discussing about the topic, 
because they claim that it bores them - instead of just walking away.


 I'll leave it to you and your fellow concerned list members to 
continue mulling it over, and, in your case, to continue teaching your 
grandma to suck eggs when it comes to Netiquette. :-)


Thanks so much ;-)

As far as Netiquette is concerned, I am surprised how many of those 
"computer geeks" that participate at this mailing list are clueless 
about Netiquette, and the basic usage of mail readers, etc.
Take for an example how many postings are not quoting correctly, but 
have "text on top - full quote below" which is a no-go in newsgroups and 
mailing lists...



Cheers,
Paul.


Regards
Thinker Rix
___
List mailing list
List@lists.pfsense.org
http://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] NSA: Is pfSense infiltrated by "big brother" NSA or others?

2013-10-10 Thread Paul Mather

On Oct 10, 2013, at 10:13 AM, Thinker Rix  wrote:

> On 2013-10-10 16:52, Paul Mather wrote:
>> On Oct 10, 2013, at 9:08 AM, Giles Coochey  wrote:
>> 
>>> *BLINK!*
>>> 
>>> Incredible the way I am seeing the reaction to the initial question, 
>>> and trying to query very valid points are now leading me to seriously 
>>> reconsider the potential risk I have in continuing to use pfsense as a 
>>> security tool.
>> 
>> Some people value the S/N ratio of mailing lists.  I believe the people 
>> asking for the discussion to be moved elsewhere are motivated by that.
> 
> Those people should just learn how to use a mailing list properly, before 
> using one. A mailing list is *not* just "I enter my daily use email address 
> somewhere and receive emails".
> For participating properly at a mailing list you need a proper mail reader 
> that is able to sort mail into conversation threads 
> (https://en.wikipedia.org/wiki/Conversation_threading).
> Then you go and pick the threads that interest you and read them. And you 
> ignore those, who do not interest you.
> Additionally it is advised to use an email address only for reading mailing 
> lists.

Thank you for the valuable information about how to use mailing lists.  I first 
started using mailing lists back in the mid/late 1980s, on the JANET network 
(British academic network)---back when the Internet was made up of networks 
like ARPA, BITNET, UUCP, and the likes and (in my case) you needed to know the 
gateway machines that would let you reach those networks and had to incorporate 
that routing into the recipients e-mail address.  I suspect "those people" you 
mention above actually know how to use a mailing list properly.  I know I do.  
I also know the value of good S/N ratio on technically-focused mailing lists.

>> Maybe if we can establish that, we can finally wrap up this thread as far as 
>> pfSense is concerned and get back to a pfSense-focused mailing list.
> 
> You can switch *right at this very moment* to a discussion thread that is of 
> more interest for you and there you go!

Of course, you're right, and that is wise counsel because it reminds me of one 
of the golden rules of mailing lists: unwelcome threads persist only so long as 
people reply to them.  (This is sometimes better known by the more insulting 
adage: "Please don't feed the trolls!"  I'm loathe to employ that, though.)  I 
thought I was making a reasonable point, but it seems as far as I'm concerned, 
this thread has passed the point of reasonableness.  I'll leave it to you and 
your fellow concerned list members to continue mulling it over, and, in your 
case, to continue teaching your grandma to suck eggs when it comes to 
Netiquette. :-)

Cheers,

Paul.___
List mailing list
List@lists.pfsense.org
http://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] NSA: Is pfSense infiltrated by "big brother" NSA or others?

2013-10-10 Thread Thinker Rix


On 2013-10-10 16:52, Paul Mather wrote:
On Oct 10, 2013, at 9:08 AM, Giles Coochey > wrote:



*BLINK!*

Incredible the way I am seeing the reaction to the initial 
question, and trying to query very valid points are now leading me to 
seriously reconsider the potential risk I have in continuing to use 
pfsense as a security tool.


Some people value the S/N ratio of mailing lists.  I believe the 
people asking for the discussion to be moved elsewhere are motivated 
by that.


Those people should just learn how to use a mailing list properly, 
before using one. A mailing list is *not* just "I enter my daily use 
email address somewhere and receive emails".
For participating properly at a mailing list you need a proper mail 
reader that is able to sort mail into conversation threads 
(https://en.wikipedia.org/wiki/Conversation_threading).
Then you go and pick the threads that interest you and read them. And 
you ignore those, who do not interest you.
Additionally it is advised to use an email address only for reading 
mailing lists.


Of course anyone can use a mailing list as he desires, e.g. by just 
subscribing to a mailing list with his daily use email address and then 
get his daily use email inbox spammed with tons of unsorted and 
un-threaded email about all sorts of discussion topics that are of no 
interest to him. Everyone's own choice! But please: Those people should 
not complain about receiving tons of email that do not interest them. 
And of course they can't tell others to talk only about topics that are 
of their own interest, that is ridiculous. Full stop.


The original poster in this thread asked for a direct answer to a 
straightforward question and he got it, yet still he continues to 
pursue this thread.  To what end?


E, as long as a wish?! There is no quota on how long any member of 
this list is allowed to discuss a topic, is there? If you are not 
interested, just do not read this THREAD. You don't use a conversation 
threaded email reader to participate to a mailing list? Not my problem, 
sorry. Go use one. See above.


 People are outraged at the NSA revelations, but the pfSense mailing 
list is not the appropriate place to be outraged at that.


Sorry, this is not up to you to judge. I think that my question is very 
well related to pfSense and thus the mailing lists of pfSense is the 
right place to do so. And again: If you are not interested in this 
thread, DO NOT READ it. So simple actually?!


Maybe if we can establish that, we can finally wrap up this thread as 
far as pfSense is concerned and get back to a pfSense-focused mailing 
list.


You can switch *right at this very moment* to a discussion thread that 
is of more interest for you and there you go!


Regards
Thinker Rix
___
List mailing list
List@lists.pfsense.org
http://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] NSA: Is pfSense infiltrated by "big brother" NSA or others?

2013-10-10 Thread Paul Mather

On Oct 10, 2013, at 9:08 AM, Giles Coochey  wrote:

> On 10/10/2013 13:55, Ian Bowers wrote:
>> On Thu, Oct 10, 2013 at 8:17 AM, Alexandre Paradis 
>>  wrote:
>> indeed, i vote to continue. Because you don't mind being overlooked by NSA 
>> doesn't mean everybody don't care.
>> 
>> 
>> 
>> 
>> On Thu, Oct 10, 2013 at 7:33 AM, Rüdiger G. Biernat 
>>  wrote:
>> This discussion about security/NSA/encryption IS important. Please go on.
>> 
>> 
>> 
>> 
>> Whether or not this is an important conversation is irrelevant.  This is the 
>> wrong place to have the conversation.
>> 
>> I tried to turn this back into a product support discussion in the last 
>> thread but sadly my comments were not among those cherry picked.  This 
>> discussion does not suit the purpose of this list.  I see a bunch of hard 
>> working people reacting to their product's integrity being continuously 
>> questioned despite having all questions answered, and a few entitled 
>> consumers who can't be bothered to figure out technology well enough to come 
>> to their own conclusion on its integrity.As well as a bunch of people 
>> that want this discussion to go someplace more appropriate.  The "concerned" 
>> parties are not concerned enough to learn how to read code.  So you're 
>> paranoid, just not paranoid enough to actually learn how to answer your own 
>> questions.   
>> 
>> Unless there is an issue someone is having making a VPN work or getting NAT 
>> running right, this is the wrong place to hold this discussion.   If you're 
>> having an issue with this pfSense, networking protocols, or logical 
>> opertaion of the device, great!  let's talk about it!  I'm actually very 
>> good at these things, and I'd like to spend time helping people with network 
>> or network security related operational problems.  Otherwise, please find 
>> the email addresses of all the people who shown an interest in participating 
>> in this discussion, and send an email out to that list of people to discuss 
>> it among yourselves.  
>>  
>> 
> *BLINK!*
> 
> Incredible the way I am seeing the reaction to the initial question, and 
> trying to query very valid points are now leading me to seriously reconsider 
> the potential risk I have in continuing to use pfsense as a security tool.

Some people value the S/N ratio of mailing lists.  I believe the people asking 
for the discussion to be moved elsewhere are motivated by that.

As to people "trying to query very valid points," even if we take that on face 
value, what do you or they hope to accomplish by asking the pfSense project 
directly whether they have been approached by the NSA?  The reporting around 
the leaked NSA Files has established that one of the major concerns is the 
legal apparatus that enables the NSA to approach companies whilst compelling 
those companies not to reveal the fact.  So, it's highly likely that had the 
pfSense project been approached, part of that approach would have included a 
mandate not to tell anyone.  So how could a definitive answer be obtained given 
that silence from the pfSense project COULD be interpreted to mean "yes" but 
doesn't definitively mean "yes."  Some people have posited ways of evading such 
gag orders (e.g., 
http://www.theguardian.com/technology/2013/sep/09/nsa-sabotage-dead-mans-switch),
 but, AFAIK, they have not been battle-tested in court.

I am left wondering, therefore, what it would take for people to accept that 
pfSense is trustworthy in a good-faith sense?  The original poster in this 
thread asked for a direct answer to a straightforward question and he got it, 
yet still he continues to pursue this thread.  To what end?  People are 
outraged at the NSA revelations, but the pfSense mailing list is not the 
appropriate place to be outraged at that.  Go comment at the news outlets.  
Write your elected officials.  Support the EFF and the likes.  But what more 
can be accomplished on this mailing list?

There was an attempt to redirect the thread to something more practical and 
focused on pfSense, e.g., what now could be considered best practices settings 
to use for encryption, but it doesn't appear to be gaining much traction vs. 
this thread.  (Part of that might be due to the fact that not much practical 
information is available right now.)  As I've pointed out, the original thread 
query has been answered definitively (twice now).  The original poster has said 
that the availability of the source code for scrutiny is not sufficient, but it 
seems that ultimately that is all you have to go on in open source projects.  
It's not clear to me what response it would take to establish trustworthiness 
in pfSense for the original poster and the others that are apparently being led 
to "to seriously reconsider the potential risk ... in continuing to use pfsense 
as a security tool."  Maybe if we can establish that, we can finally wrap up 
this thread as far as pfSense is concerned and get back to a pfSense-focused 
mailing list.

Re: [pfSense] NSA: Is pfSense infiltrated by "big brother" NSA or others?

2013-10-10 Thread Oliver Hansen

*BLINK!*

Incredible the way I am seeing the reaction to the initial question,
and trying to query very valid points are now leading me to seriously
reconsider the potential risk I have in continuing to use pfsense as a
security tool.

The about list on the mailman page states: "pfSense support and discussion
list"...

About time someone quoted the mailman page. If you want the discussion to
end simply don't respond. If the majority *truly* agrees with you then it
will end.

I've been on this list for years and don't appreciate someone assuming to
speak for me about ending a thread.
___
List mailing list
List@lists.pfsense.org
http://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] NSA: Is pfSense infiltrated by "big brother" NSA or others?

2013-10-10 Thread ognen

I rarely participate in public political discussions but I have to say 
something:

In the United States if the government sent someonean NSL - they would not be 
allowed to comment. You have been told that already and have been told that to 
the best knowledge of the people involved, no other requests have been received.

You have turned this into a political discussion and I think at least I do not 
care about your political views. Yes, we all know NSA is evil and no, most of 
us do not like it.

Now, do you have a technical question on how to "protect yourself" from the 
evil spooks? If not, please go away, this is becoming boring.

Yes, it is an open public list but it does not mean it is your outlet to vent 
and abuse others.

My $.02

On Thu, Oct 10, 2013 at 04:23:20PM +0300, Thinker Rix wrote:
> On 2013-10-10 16:08, Giles Coochey wrote:
> >On 10/10/2013 13:55, Ian Bowers wrote:
> >>On Thu, Oct 10, 2013 at 8:17 AM, Alexandre Paradis
> >> >>> wrote:
> >>
> >>indeed, i vote to continue. Because you don't mind being
> >>overlooked by NSA doesn't mean everybody don't care.
> >>
> >>On Thu, Oct 10, 2013 at 7:33 AM, Rüdiger G. Biernat
> >> >>> wrote:
> >>
> >>This discussion about security/NSA/encryption IS important.
> >>Please go on.
> >>
> >>
> >>Whether or not this is an important conversation is irrelevant.
> >>This is the wrong place to have the conversation.
> >>
> >>I tried to turn this back into a product support discussion in
> >>the last thread but sadly my comments were not among those
> >>cherry picked.  This discussion does not suit the purpose of
> >>this list.  I see a bunch of hard working people reacting to
> >>their product's integrity being continuously questioned despite
> >>having all questions answered, and a few entitled consumers who
> >>can't be bothered to figure out technology well enough to come
> >>to their own conclusion on its integrity.As well as a bunch
> >>of people that want this discussion to go someplace more
> >>appropriate.  The "concerned" parties are not concerned enough
> >>to learn how to read code.  So you're paranoid, just not
> >>paranoid enough to actually learn how to answer your own
> >>questions.
> >>
> >>Unless there is an issue someone is having making a VPN work or
> >>getting NAT running right, this is the wrong place to hold this
> >>discussion.   If you're having an issue with this pfSense,
> >>networking protocols, or logical opertaion of the device, great!
> >>let's talk about it!  I'm actually very good at these things,
> >>and I'd like to spend time helping people with network or
> >>network security related operational problems.  Otherwise,
> >>please find the email addresses of all the people who shown an
> >>interest in participating in this discussion, and send an email
> >>out to that list of people to discuss it among yourselves.
> >>
> >*BLINK!*
> >
> >Incredible the way I am seeing the reaction to the initial
> >question, and trying to query very valid points are now leading me
> >to seriously reconsider the potential risk I have in continuing to
> >use pfsense as a security tool.
> 
> This is *exactly* the way I feel about this whole sensation that we
> are witnessing here! Some reactions are truly incredible!
> 
> >The about list on the mailman page states: "pfSense support and
> >discussion list"...
> 
> Correct!
> 
> But I guess those who waste our time by telling us we should shut up
> and walk away would like to rename the list to e.g. "Happy shallow
> chatting of pfSense fan boys who never dare to ask any critical
> question about their beloved firewall-distro that they take to bed
> each night" or something similar.
> 
> Self-censorship in a security software forum when it comes to
> discuss the security level of the security software! It's absolutely
> crazy!!
> 
> >This thread is clearly about discussing pfsense, therefore it is
> >on-topic, I could equally take the stance, take your technical
> >discussions to the dev list, however I am not the type of
> >exclusive close-minded minded person that you appear to be. Please
> >stop hijacking this thread.
> 
> FACK!!
> 
> Regards
> Thinker Rix

> ___
> List mailing list
> List@lists.pfsense.org
> http://lists.pfsense.org/mailman/listinfo/list

___
List mailing list
List@lists.pfsense.org
http://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] NSA: Is pfSense infiltrated by "big brother" NSA or others?

2013-10-10 Thread Ian Bowers

On Thu, Oct 10, 2013 at 9:07 AM, Thinker Rix wrote:

>  On 2013-10-10 15:55, Ian Bowers wrote:
>
>  On Thu, Oct 10, 2013 at 8:17 AM, Alexandre Paradis <
> alexandre.para...@gmail.com> wrote:
>
>>  indeed, i vote to continue. Because you don't mind being overlooked by
>> NSA doesn't mean everybody don't care.
>>
>>  On Thu, Oct 10, 2013 at 7:33 AM, Rüdiger G. Biernat <
>> rgbier...@rgbiernat.homelinux.org> wrote:
>>
>>>  This discussion about security/NSA/encryption IS important. Please go
>>> on.
>>>
>>
>  Whether or not this is an important conversation is irrelevant.  This is
> the wrong place to have the conversation.
>
>
> Ian, that is *your* opinion. As you can see, others here have a quite
> different opinion and they find this topic to be highly relevant for
> pfSense.
>
> Luckily this is an open mailing list, where everyone can pick the topics
> to read that interest him, so why you don't just walk away from this
> discussion instead of losing any time in telling others how uninteresting
> you find *their* discussion?
>
> And you even dare to tell us to go elsewhere... Who do you think you are?
>
> You are either a kind of sadomasochist - reading all day all kinds of
> discussions that do not interest you and telling the participants of that
> discussion that they should go elsewhere because they do not discuss what
> you find interesting and relevant - or you simply do not know how to use a
> mailing list properly. I suggest you go learn how to use a proper
> news/mailing-list reader. Hint: Threaded mode.
>
> Cheers
> Thinker Rix
>

"Personal opinion is irrelevant!  Here is my opinion of you".  seriously?


Who I think I am is a network security engineer.  And I'm very good at what
I do.  I eat breathe and sleep network security, and I have tons of
experience and expertise I'm willing to lend anyone.  I do this free of
charge, mostly in IRC, and occasionally even on this very mailing list.
I'm still very interested in helping everyone, even hostile folks like
yourself, with any technical problems they have.   But you don't seem
interested in that.

-Ian
___
List mailing list
List@lists.pfsense.org
http://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] NSA: Is pfSense infiltrated by "big brother" NSA or others?

2013-10-10 Thread Thinker Rix


On 2013-10-10 16:08, Giles Coochey wrote:

On 10/10/2013 13:55, Ian Bowers wrote:
On Thu, Oct 10, 2013 at 8:17 AM, Alexandre Paradis 
mailto:alexandre.para...@gmail.com>> wrote:


indeed, i vote to continue. Because you don't mind being
overlooked by NSA doesn't mean everybody don't care.

On Thu, Oct 10, 2013 at 7:33 AM, Rüdiger G. Biernat
mailto:rgbier...@rgbiernat.homelinux.org>> wrote:

This discussion about security/NSA/encryption IS important.
Please go on.


Whether or not this is an important conversation is irrelevant.  This 
is the wrong place to have the conversation.


I tried to turn this back into a product support discussion in the 
last thread but sadly my comments were not among those cherry picked. 
 This discussion does not suit the purpose of this list.  I see a 
bunch of hard working people reacting to their product's integrity 
being continuously questioned despite having all questions answered, 
and a few entitled consumers who can't be bothered to figure out 
technology well enough to come to their own conclusion on its 
integrity.As well as a bunch of people that want this discussion 
to go someplace more appropriate.  The "concerned" parties are not 
concerned enough to learn how to read code.  So you're paranoid, just 
not paranoid enough to actually learn how to answer your own questions.


Unless there is an issue someone is having making a VPN work or 
getting NAT running right, this is the wrong place to hold this 
discussion.   If you're having an issue with this pfSense, networking 
protocols, or logical opertaion of the device, great!  let's talk 
about it!  I'm actually very good at these things, and I'd like to 
spend time helping people with network or network security related 
operational problems.  Otherwise, please find the email addresses of 
all the people who shown an interest in participating in this 
discussion, and send an email out to that list of people to discuss 
it among yourselves.



*BLINK!*

Incredible the way I am seeing the reaction to the initial 
question, and trying to query very valid points are now leading me to 
seriously reconsider the potential risk I have in continuing to use 
pfsense as a security tool.


This is *exactly* the way I feel about this whole sensation that we are 
witnessing here! Some reactions are truly incredible!


The about list on the mailman page states: "pfSense support and 
discussion list"...


Correct!

But I guess those who waste our time by telling us we should shut up and 
walk away would like to rename the list to e.g. "Happy shallow chatting 
of pfSense fan boys who never dare to ask any critical question about 
their beloved firewall-distro that they take to bed each night" or 
something similar.


Self-censorship in a security software forum when it comes to discuss 
the security level of the security software! It's absolutely crazy!!


This thread is clearly about discussing pfsense, therefore it is 
on-topic, I could equally take the stance, take your technical 
discussions to the dev list, however I am not the type of exclusive 
close-minded minded person that you appear to be. Please stop 
hijacking this thread.


FACK!!

Regards
Thinker Rix
___
List mailing list
List@lists.pfsense.org
http://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] NSA: Is pfSense infiltrated by "big brother" NSA or others?

2013-10-10 Thread Giles Coochey


On 10/10/2013 13:55, Ian Bowers wrote:
On Thu, Oct 10, 2013 at 8:17 AM, Alexandre Paradis 
mailto:alexandre.para...@gmail.com>> wrote:


indeed, i vote to continue. Because you don't mind being
overlooked by NSA doesn't mean everybody don't care.




On Thu, Oct 10, 2013 at 7:33 AM, Rüdiger G. Biernat
mailto:rgbier...@rgbiernat.homelinux.org>> wrote:

This discussion about security/NSA/encryption IS important.
Please go on.




Whether or not this is an important conversation is irrelevant.  This 
is the wrong place to have the conversation.


I tried to turn this back into a product support discussion in the 
last thread but sadly my comments were not among those cherry picked. 
 This discussion does not suit the purpose of this list.  I see a 
bunch of hard working people reacting to their product's integrity 
being continuously questioned despite having all questions answered, 
and a few entitled consumers who can't be bothered to figure out 
technology well enough to come to their own conclusion on its 
integrity.As well as a bunch of people that want this discussion 
to go someplace more appropriate.  The "concerned" parties are not 
concerned enough to learn how to read code.  So you're paranoid, just 
not paranoid enough to actually learn how to answer your own questions.


Unless there is an issue someone is having making a VPN work or 
getting NAT running right, this is the wrong place to hold this 
discussion.   If you're having an issue with this pfSense, networking 
protocols, or logical opertaion of the device, great!  let's talk 
about it!  I'm actually very good at these things, and I'd like to 
spend time helping people with network or network security related 
operational problems.  Otherwise, please find the email addresses of 
all the people who shown an interest in participating in this 
discussion, and send an email out to that list of people to discuss it 
among yourselves.



*BLINK!*

Incredible the way I am seeing the reaction to the initial question, 
and trying to query very valid points are now leading me to seriously 
reconsider the potential risk I have in continuing to use pfsense as a 
security tool.


The about list on the mailman page states: "pfSense support and 
discussion list"...


This thread is clearly about discussing pfsense, therefore it is 
on-topic, I could equally take the stance, take your technical 
discussions to the dev list, however I am not the type of exclusive 
close-minded minded person that you appear to be. Please stop hijacking 
this thread.


--
Regards,

Giles Coochey, CCNP, CCNA, CCNAS
NetSecSpec Ltd
+44 (0) 8444 780677
+44 (0) 7983 877438
http://www.coochey.net
http://www.netsecspec.co.uk
gi...@coochey.net



smime.p7s
Description: S/MIME Cryptographic Signature
___
List mailing list
List@lists.pfsense.org
http://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] NSA: Is pfSense infiltrated by "big brother" NSA or others?

2013-10-10 Thread Thinker Rix


On 2013-10-10 15:55, Ian Bowers wrote:
On Thu, Oct 10, 2013 at 8:17 AM, Alexandre Paradis 
mailto:alexandre.para...@gmail.com>> wrote:


indeed, i vote to continue. Because you don't mind being
overlooked by NSA doesn't mean everybody don't care.

On Thu, Oct 10, 2013 at 7:33 AM, Rüdiger G. Biernat
mailto:rgbier...@rgbiernat.homelinux.org>> wrote:

This discussion about security/NSA/encryption IS important.
Please go on.


Whether or not this is an important conversation is irrelevant.  This 
is the wrong place to have the conversation.


Ian, that is *your* opinion. As you can see, others here have a quite 
different opinion and they find this topic to be highly relevant for 
pfSense.


Luckily this is an open mailing list, where everyone can pick the topics 
to read that interest him, so why you don't just walk away from this 
discussion instead of losing any time in telling others how 
uninteresting you find *their* discussion?


And you even dare to tell us to go elsewhere... Who do you think you are?

You are either a kind of sadomasochist - reading all day all kinds of 
discussions that do not interest you and telling the participants of 
that discussion that they should go elsewhere because they do not 
discuss what you find interesting and relevant - or you simply do not 
know how to use a mailing list properly. I suggest you go learn how to 
use a proper news/mailing-list reader. Hint: Threaded mode.


Cheers
Thinker Rix
___
List mailing list
List@lists.pfsense.org
http://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] NSA: Is pfSense infiltrated by "big brother" NSA or others?

2013-10-10 Thread Ian Bowers

On Thu, Oct 10, 2013 at 8:17 AM, Alexandre Paradis <
alexandre.para...@gmail.com> wrote:

> indeed, i vote to continue. Because you don't mind being overlooked by NSA
> doesn't mean everybody don't care.
>
>
>
>
> On Thu, Oct 10, 2013 at 7:33 AM, Rüdiger G. Biernat <
> rgbier...@rgbiernat.homelinux.org> wrote:
>
>> This discussion about security/NSA/encryption IS important. Please go on.
>>
>>
>>
>>
Whether or not this is an important conversation is irrelevant.  This is
the wrong place to have the conversation.

I tried to turn this back into a product support discussion in the last
thread but sadly my comments were not among those cherry picked.  This
discussion does not suit the purpose of this list.  I see a bunch of hard
working people reacting to their product's integrity being continuously
questioned despite having all questions answered, and a few entitled
consumers who can't be bothered to figure out technology well enough to
come to their own conclusion on its integrity.As well as a bunch of
people that want this discussion to go someplace more appropriate.  The
"concerned" parties are not concerned enough to learn how to read code.  So
you're paranoid, just not paranoid enough to actually learn how to answer
your own questions.

Unless there is an issue someone is having making a VPN work or getting NAT
running right, this is the wrong place to hold this discussion.   If you're
having an issue with this pfSense, networking protocols, or logical
opertaion of the device, great!  let's talk about it!  I'm actually very
good at these things, and I'd like to spend time helping people with
network or network security related operational problems.  Otherwise,
please find the email addresses of all the people who shown an interest in
participating in this discussion, and send an email out to that list of
people to discuss it among yourselves.

-Ian
___
List mailing list
List@lists.pfsense.org
http://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] NSA: Is pfSense infiltrated by "big brother" NSA or others?

2013-10-10 Thread Alexandre Paradis

indeed, i vote to continue. Because you don't mind being overlooked by NSA
doesn't mean everybody don't care.




On Thu, Oct 10, 2013 at 7:33 AM, Rüdiger G. Biernat <
rgbier...@rgbiernat.homelinux.org> wrote:

> This discussion about security/NSA/encryption IS important. Please go on.
>
>
> Von Samsung Mobile gesendet
>
>
>  Ursprüngliche Nachricht 
> Von: Giles Coochey **
> Datum:10.10.2013 11:39 (GMT+01:00)
> An: list@lists.pfsense.org
> Betreff: Re: [pfSense] NSA: Is pfSense infiltrated by "big brother" NSA or
> others?
>
> On 10/10/2013 09:38, Thinker Rix wrote:
> > On 2013-10-10 01:13, Przemysław Pawełczyk wrote:
> >> On Thu, 10 Oct 2013 00:05:22 +0300
> >> Thinker Rix  wrote:
> >>
> >>> Well, actually I started this thread with a pretty frank,
> >>> straight-forward and very simple question.
> >> That's right and they were justified.
> >
> > Thank you!
> >
> >> BTW, you pushed to the corner the (un)famous American hubris (Obama: US
> >> is exceptional.), that's the nasty answers from some.
> >
> > Yes, I guess I have hit a whole bunch of different nerves with my
> > question, and I find it to be highly interesting to observe some of
> > the awkward reactions, socioscientificly and psychologically.
> >
> > I have been insulted, I have been bullied, I have been called to
> > self-censor myself and at the end some users "virtually joined" to
> > give the illusion of a majority an muzzle me, stating, that my
> > question has no place at this pfSense mailing list. Really amazing,
> > partly hilarious reactions, I think.
> > These reactions say so much about how far the whole surveillance and
> > mind-suppression has proceeded already and how much it has influenced
> > the thoughts and behavior of formerly free people by now. Frightening.
> >
> >> Thinker Rix, you are not alone at your unease pressing you to ask
> >> those questions about pfSense and NSA.
> >
> > Thank you for showing your support openly!
>
> I too was surprised to see some activity on the pfsense list, after
> seeing only a few posts per week I checked today to find several dozen
> messages talking about a topic I have been concerned with myself - as a
> network security specialist, how much can I trust the firewalls I use,
> be they embedded devices, software packages, or 'hardware' from
> manufacturers.
> There are many on-topic things to discuss here:
> 1. Which Ciphers & Transforms should we now consider secure (pfsense
> provides quite a few cipher choices over some other off the shelf hardware.
> 2. What hardware / software & configuration changes can we consider to
> improve RNG and ensure that should we increase the bit size of our
> encryption, reduce lifetimes of our SAs that we can still ensure we have
> enough entropy in the RNG on a device that is typically starved of
> traditional entropy sources.
>
> This is so much on-topic, I am surprised that there has been a movement
> to call this thread to stop, granted - it may seem that the conversation
> may drift into a political one, with regard to privacy law etc...
> however, that is a valid sub-topic for a discussion list that addresses
> devices that are designed and implemented to safe-guard privacy.
>
> --
> Regards,
>
> Giles Coochey, CCNP, CCNA, CCNAS
> NetSecSpec Ltd
> +44 (0) 8444 780677
> +44 (0) 7983 877438
> http://www.coochey.net
> http://www.netsecspec.co.uk
> gi...@coochey.net
>
>
>
>
> ___
> List mailing list
> List@lists.pfsense.org
> http://lists.pfsense.org/mailman/listinfo/list
>
> ___
> List mailing list
> List@lists.pfsense.org
> http://lists.pfsense.org/mailman/listinfo/list
>
>


-- 
Alexandre
___
List mailing list
List@lists.pfsense.org
http://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] NSA: Is pfSense infiltrated by "big brother" NSA or others?

2013-10-10 Thread Rüdiger G . Biernat

This discussion about security/NSA/encryption IS important. Please go on.

Von Samsung Mobile gesendet

 Ursprüngliche Nachricht 
Von: Giles Coochey  
Datum:10.10.2013  11:39  (GMT+01:00) 
An: list@lists.pfsense.org 
Betreff: Re: [pfSense] NSA: Is pfSense infiltrated by "big brother" NSA or 
others? 

On 10/10/2013 09:38, Thinker Rix wrote:
> On 2013-10-10 01:13, Przemysław Pawełczyk wrote:
>> On Thu, 10 Oct 2013 00:05:22 +0300
>> Thinker Rix  wrote:
>>
>>> Well, actually I started this thread with a pretty frank,
>>> straight-forward and very simple question.
>> That's right and they were justified.
>
> Thank you!
>
>> BTW, you pushed to the corner the (un)famous American hubris (Obama: US
>> is exceptional.), that's the nasty answers from some.
>
> Yes, I guess I have hit a whole bunch of different nerves with my 
> question, and I find it to be highly interesting to observe some of 
> the awkward reactions, socioscientificly and psychologically.
>
> I have been insulted, I have been bullied, I have been called to 
> self-censor myself and at the end some users "virtually joined" to 
> give the illusion of a majority an muzzle me, stating, that my 
> question has no place at this pfSense mailing list. Really amazing, 
> partly hilarious reactions, I think.
> These reactions say so much about how far the whole surveillance and 
> mind-suppression has proceeded already and how much it has influenced 
> the thoughts and behavior of formerly free people by now. Frightening.
>
>> Thinker Rix, you are not alone at your unease pressing you to ask
>> those questions about pfSense and NSA.
>
> Thank you for showing your support openly!

I too was surprised to see some activity on the pfsense list, after 
seeing only a few posts per week I checked today to find several dozen 
messages talking about a topic I have been concerned with myself - as a 
network security specialist, how much can I trust the firewalls I use, 
be they embedded devices, software packages, or 'hardware' from 
manufacturers.
There are many on-topic things to discuss here:
1. Which Ciphers & Transforms should we now consider secure (pfsense 
provides quite a few cipher choices over some other off the shelf hardware.
2. What hardware / software & configuration changes can we consider to 
improve RNG and ensure that should we increase the bit size of our 
encryption, reduce lifetimes of our SAs that we can still ensure we have 
enough entropy in the RNG on a device that is typically starved of 
traditional entropy sources.

This is so much on-topic, I am surprised that there has been a movement 
to call this thread to stop, granted - it may seem that the conversation 
may drift into a political one, with regard to privacy law etc... 
however, that is a valid sub-topic for a discussion list that addresses 
devices that are designed and implemented to safe-guard privacy.

-- 
Regards,

Giles Coochey, CCNP, CCNA, CCNAS
NetSecSpec Ltd
+44 (0) 8444 780677
+44 (0) 7983 877438
http://www.coochey.net
http://www.netsecspec.co.uk
gi...@coochey.net

___
List mailing list
List@lists.pfsense.org
http://lists.pfsense.org/mailman/listinfo/list
___
List mailing list
List@lists.pfsense.org
http://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] NSA: Is pfSense infiltrated by "big brother" NSA or others?

2013-10-10 Thread Thinker Rix


Hi Giles

On 2013-10-10 12:39, Giles Coochey wrote:

On 10/10/2013 09:38, Thinker Rix wrote:

On 2013-10-10 01:13, Przemysław Pawełczyk wrote:

On Thu, 10 Oct 2013 00:05:22 +0300
Thinker Rix  wrote:


Well, actually I started this thread with a pretty frank,
straight-forward and very simple question.

That's right and they were justified.


Thank you!


BTW, you pushed to the corner the (un)famous American hubris (Obama: US
is exceptional.), that's the nasty answers from some.


Yes, I guess I have hit a whole bunch of different nerves with my 
question, and I find it to be highly interesting to observe some of 
the awkward reactions, socioscientificly and psychologically.


I have been insulted, I have been bullied, I have been called to 
self-censor myself and at the end some users "virtually joined" to 
give the illusion of a majority an muzzle me, stating, that my 
question has no place at this pfSense mailing list. Really amazing, 
partly hilarious reactions, I think.
These reactions say so much about how far the whole surveillance and 
mind-suppression has proceeded already and how much it has influenced 
the thoughts and behavior of formerly free people by now. Frightening.



Thinker Rix, you are not alone at your unease pressing you to ask
those questions about pfSense and NSA.


Thank you for showing your support openly!


I too was surprised to see some activity on the pfsense list, after 
seeing only a few posts per week I checked today to find several dozen 
messages talking about a topic I have been concerned with myself - as 
a network security specialist, how much can I trust the firewalls I 
use, be they embedded devices, software packages, or 'hardware' from 
manufacturers.


Exactly. The firewall is the neuralgic point of each of the networks 
that we administer. Thinking - and talking - about it's integrity is the 
most natural and most important thing on earth, IMO.



There are many on-topic things to discuss here:
1. Which Ciphers & Transforms should we now consider secure (pfsense 
provides quite a few cipher choices over some other off the shelf 
hardware.
2. What hardware / software & configuration changes can we consider to 
improve RNG and ensure that should we increase the bit size of our 
encryption, reduce lifetimes of our SAs that we can still ensure we 
have enough entropy in the RNG on a device that is typically starved 
of traditional entropy sources.


You made some highly relevant and interesting suggestions here, and I 
sincerely hope that a fruitful discussion will develop upon this so that 
we all can benefit of it!


This is so much on-topic, I am surprised that there has been a 
movement to call this thread to stop, granted - it may seem that the 
conversation may drift into a political one, with regard to privacy 
law etc... however, that is a valid sub-topic for a discussion list 
that addresses devices that are designed and implemented to safe-guard 
privacy.


This echoes my sentiments exactly!

Regards
Thinker Rix
___
List mailing list
List@lists.pfsense.org
http://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] NSA: Is pfSense infiltrated by "big brother" NSA or others?

2013-10-10 Thread Thinker Rix

Hello Chris,

Thank you for your unemotional, factual statement!

On 2013-10-10 03:17, Chris Buechler wrote:

On Wed, Oct 9, 2013 at 9:20 AM, Thinker Rix wrote:

today I posted the following on your blog at http://blog.pfsense.org/?p=712

“Worried User Says: Your comment is awaiting moderation.

October 9th, 2013 at 7:55 am

Hi guys,

I want to ask if you have been approached by any US government officials,
such as NSA, FBI, etc. and been asked/ forced to include any backdoors,
spyware, loggers, etc. into pfsense and if you did so.

Thank you

Worried User”

Some minutes later I could see that my entry was not released to the public
- but deleted by the moderator, without any further comment.

Not true, the comment was moderator approved. The only reason we have
moderation at all is because spam significantly outnumbers legit
comments and we don't want any spam on any of our sites, there isn't
some vast conspiracy going on.

I see. Well, it was pending moderator approval for an hour or so and
then suddenly appeared to me as being removed. Maybe it was just because
of some browser issue over here, i don't know. Today I see the posting
being published and also your answer to it. Thank you for that!

No, we have not been approached by anyone to backdoor or otherwise
compromise security of the project, at any point during our 9 year
history.

Thank you for this unambiguous, precise answer.
That is the kind of answer, that I was hoping for.

I have indeed met with the NSA in person related to the product of one
of our rebrand customers a couple years back, one of their groups was
interested in evaluating the product. It survived their security
analysis quite well (at least from what they declassified and
released), and better than most things that come into their lab from
what I understand. At no point did any discussion happen related to
back doors or other means of compromising security for them. I wasn't
under NDA nor do I have a security clearance.

Thank you for this additional, very valuable information, too.

It is effectively a moot question to ask, given if we were, there's no
way we could disclose that.

Well, sometimes you get the most interesting information out of simple,
straightforward questions. By my comprehension this whole thread is a
vivid proof for that.

And given that you where bound to a nondisclosure-dictate by your
government; you would have only three choices:

a) "We don't want to say"
b) or awkward answer
c) Lying

a) and b) are a clear "yes" and given that not everybody is comfortable
lying, chances exist that you might feel it.

Evidence suggests a number of huge tech
companies have complied. There hasn't been any evidence to date that
any open source projects were approached.

Well, there is some evidence to suggest that Linus/Linux has been
approached.

http://linux.slashdot.org/story/13/09/19/0227238/linus-torvalds-admits-hes-been-asked-to-insert-backdoor-into-linux
http://www.theregister.co.uk/2013/09/19/linux_backdoor_intrigue/

A number of widely-respected
security people have come out and said that open source solutions are
better in the aftermath of the recent revelations. One example:
"My guess is that most encryption products from large US companies
have NSA-friendly back doors, and many foreign ones probably do as
well. It's prudent to assume that foreign products also have
foreign-installed backdoors. Closed-source software is easier for the
NSA to backdoor than open-source software." -Bruce Schneier
https://www.schneier.com/blog/archives/2013/09/how_to_remain_s.html

Well yes, the publication of the source code allows others to review it,
and given that the code is being maintained in a public revision control
repository increases chances, that malicious changes are identified
quickly. These are advantages that cloused source projects do not have a
priori, I agree.
But in practice open source projects are no universal remedy to
malicious influences. Take for example the transition from the publicly
revised source code to the binary versions. Chances are extremely high
that no one will ever notice any last-minute changes to the local source
code, such as adding some surveillance "features", prior compiling the
binaries out of it and releasing them to the public, or am I mistaking?

So at the end everything stands or falls with the trust that you have in
a project, i.e. the key people of the project. So what was more obvious
than just asking them directly and see what they have to say about that
topic..

So, since we cleared that out, please allow me to ask some continuative
questions:
Has the project pfSense (i.e. it's leaders) ever thought about what
it/they would do if the day should come where those NSA-people (or
others) knock the door and demand infiltration, as they did e.g. with
Lavabit? Is there some way that the project

Re: [pfSense] NSA: Is pfSense infiltrated by "big brother" NSA or others?

2013-10-10 Thread Giles Coochey


On 10/10/2013 09:38, Thinker Rix wrote:

On 2013-10-10 01:13, Przemysław Pawełczyk wrote:

On Thu, 10 Oct 2013 00:05:22 +0300
Thinker Rix  wrote:


Well, actually I started this thread with a pretty frank,
straight-forward and very simple question.

That's right and they were justified.


Thank you!


BTW, you pushed to the corner the (un)famous American hubris (Obama: US
is exceptional.), that's the nasty answers from some.


Yes, I guess I have hit a whole bunch of different nerves with my 
question, and I find it to be highly interesting to observe some of 
the awkward reactions, socioscientificly and psychologically.


I have been insulted, I have been bullied, I have been called to 
self-censor myself and at the end some users "virtually joined" to 
give the illusion of a majority an muzzle me, stating, that my 
question has no place at this pfSense mailing list. Really amazing, 
partly hilarious reactions, I think.
These reactions say so much about how far the whole surveillance and 
mind-suppression has proceeded already and how much it has influenced 
the thoughts and behavior of formerly free people by now. Frightening.



Thinker Rix, you are not alone at your unease pressing you to ask
those questions about pfSense and NSA.


Thank you for showing your support openly!


I too was surprised to see some activity on the pfsense list, after 
seeing only a few posts per week I checked today to find several dozen 
messages talking about a topic I have been concerned with myself - as a 
network security specialist, how much can I trust the firewalls I use, 
be they embedded devices, software packages, or 'hardware' from 
manufacturers.

There are many on-topic things to discuss here:
1. Which Ciphers & Transforms should we now consider secure (pfsense 
provides quite a few cipher choices over some other off the shelf hardware.
2. What hardware / software & configuration changes can we consider to 
improve RNG and ensure that should we increase the bit size of our 
encryption, reduce lifetimes of our SAs that we can still ensure we have 
enough entropy in the RNG on a device that is typically starved of 
traditional entropy sources.


This is so much on-topic, I am surprised that there has been a movement 
to call this thread to stop, granted - it may seem that the conversation 
may drift into a political one, with regard to privacy law etc... 
however, that is a valid sub-topic for a discussion list that addresses 
devices that are designed and implemented to safe-guard privacy.


--
Regards,

Giles Coochey, CCNP, CCNA, CCNAS
NetSecSpec Ltd
+44 (0) 8444 780677
+44 (0) 7983 877438
http://www.coochey.net
http://www.netsecspec.co.uk
gi...@coochey.net




smime.p7s
Description: S/MIME Cryptographic Signature
___
List mailing list
List@lists.pfsense.org
http://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] NSA: Is pfSense infiltrated by "big brother" NSA or others?

2013-10-10 Thread Thinker Rix


On 2013-10-10 01:13, Przemysław Pawełczyk wrote:

On Thu, 10 Oct 2013 00:05:22 +0300
Thinker Rix  wrote:


Well, actually I started this thread with a pretty frank,
straight-forward and very simple question.

That's right and they were justified.


Thank you!


BTW, you pushed to the corner the (un)famous American hubris (Obama: US
is exceptional.), that's the nasty answers from some.


Yes, I guess I have hit a whole bunch of different nerves with my 
question, and I find it to be highly interesting to observe some of the 
awkward reactions, socioscientificly and psychologically.


I have been insulted, I have been bullied, I have been called to 
self-censor myself and at the end some users "virtually joined" to give 
the illusion of a majority an muzzle me, stating, that my question has 
no place at this pfSense mailing list. Really amazing, partly hilarious 
reactions, I think.
These reactions say so much about how far the whole surveillance and 
mind-suppression has proceeded already and how much it has influenced 
the thoughts and behavior of formerly free people by now. Frightening.



Thinker Rix, you are not alone at your unease pressing you to ask
those questions about pfSense and NSA.


Thank you for showing your support openly!

Regards
Thinker Rix
___
List mailing list
List@lists.pfsense.org
http://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] NSA: Is pfSense infiltrated by "big brother" NSA or others?

2013-10-09 Thread Chris L

Guess I struck a nerve.

You have no clue what my stance has been on the growing surveillance state for 
the past decades, so I think it is you who should curtail his speech.

Yup. They called us paranoid and tinfoil hat and conspiracy theorists.  
Surprisingly, it continues to this day.

On Oct 9, 2013, at 10:46 PM, Michael Schuh  wrote:

> @Chris L
> 
> i am not responsible, if you didn't get it.
> 
> if one comes to me with worries about an completely free open source system
> by using an Closed Source SHIT.
> <<< this is ridoculous
> 
> He should first consider his Closed Source Shit.
> Now i find also his nick misleading, he should name NON-Thinker!
> he should make his name a honor by doing himself the favor and use his brain.
> 
> 
> Get this out of the pfSense lists.
> This is a support list and not an philosophers corner what everything is bad 
> in the world.
> 
> SUPPORT LIST for pfSense. GET IT
> 
> just to point it out:
> ppl. whose are supporting closed source software are also supporting the NSA
> and all the other kind of shit.
> As long as one uses closed source software he should shut the fuck up.
> As long as one uses the internet he should shut the fuck up.
> As long as one uses TCP/IP he should shut the fuck up.
> As long one is using Smartphones, Credit-Cards, Onlinebanking, Online-shops 
> and so on
> shut the fuck up.
> 
> if one cannot understand why:
> Internet -> invented by DARPA
> TCP/IP -> invented by DARPA
> RSA encryption -> financed by DARPA/NSA/Government
> 
> alternatives: invent a new internet including a new internet protocol and all 
> the stuff around it.
> 
> otoh he is to late. he missed the important points.
> the leaked informations about Xkeysystem are from 2005 or 2008, huuuhaa and 
> now they all whine.
> if your holyness mr snowden wouldn't be such a hero, you wouldn't even know, 
> care or worry about it.
> so this is entirely ridiculous. one more time.
> where are you been as it was important to care about it? eh?
> 
> at the times we warned the people, nobody would listen and called us
> those who warned them: paranoid.
> 
> everyone uses high technologized stuff without to have any clue about how 
> this works,
> if ppl. like us told them: learn this stuff, it can be dangerous
> the answer was: naahh thats not important, i know what i am doing. you are 
> paranoid, nobody would ever do so.
> 
> i see. and now they come and whine ...pah *lol*
> 
> this has nothing to do with head meet sand.
> may be, your head should get out of the sand.
> 
> ridiculous. this entire thematics is ridicoulus.
> 
> 
> = = =  http://michael-schuh.net/  = = = 
> Projektmanagement - IT-Consulting - Professional Services IT
> Rev. Michael Schuh
> Ordained Dudeist Priest
> Postfach 10 21 52
> 66021 Saarbrücken
> phone: 0681/8319664
> @: m i c h a e l . s c h u h @ g m a i l . c o m
> 
> = = =  Ust-ID:  DE251072318  = = =
> 
> 
> 2013/10/10 Chris L 
> On Oct 9, 2013, at 9:06 PM, Michael Schuh  wrote:
> 
> > ridiculous
> 
> Head, meet sand.
> 
> Then again, consider the country of origin.  They have a history of not 
> recognizing naked tyranny and evil until it's far too late.
> 
> They will be in good company with all the apologists for the current American 
> surveillance state.
> 
> 
> >
> > vvv
> > From: Thinker Rix  > >
> > User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64;
> >  rv:17.0) Gecko/20130801 Thunderbird/17.0.8
> >
> > 
> >
> >
> >
> > = = =  http://michael-schuh.net/  = = =
> > Projektmanagement - IT-Consulting - Professional Services IT
> > Rev. Michael Schuh
> > Ordained Dudeist Priest
> > Postfach 10 21 52
> > 66021 Saarbrücken
> > phone: 0681/8319664
> > @: m i c h a e l . s c h u h @ g m a i l . c o m
> >
> > = = =  Ust-ID:  DE251072318  = = =
> >
> >
> > 2013/10/10 Chris Buechler 
> > On Wed, Oct 9, 2013 at 9:20 AM, Thinker Rix  
> > wrote:
> > > Dear pfsense-team,
> > >
> > > today I posted the following on your blog at 
> > > http://blog.pfsense.org/?p=712
> > >
> > >
> > > 
> > >
> > > “Worried User Says: Your comment is awaiting moderation.
> > >
> > > October 9th, 2013 at 7:55 am
> > >
> > > Hi guys,
> > >
> > > I want to ask if you have been approached by any US government officials,
> > > such as NSA, FBI, etc. and been asked/ forced to include any backdoors,
> > > spyware, loggers, etc. into pfsense and if you did so.
> > >
> > > Thank you
> > >
> > > Worried User”
> > >
> > > 
> > >
> > >
> > > Some minutes later I could see that my entry was not released to the 
> > > public
> > > - but deleted by the moderator, without any further comment.
> > >
> >
> > Not true, the comment was moderator approved. The only reason we have
> > moderation at all is because spam significantly outnumbers legit
> > comments and we don't want any spam on any of our sites,

Re: [pfSense] NSA: Is pfSense infiltrated by "big brother" NSA or others?

2013-10-09 Thread Michael Schuh

@Chris L

i am not responsible, if you didn't get it.

if one comes to me with worries about an completely free open source system
by using an Closed Source SHIT.
<<< this is ridoculous

He should first consider his Closed Source Shit.
Now i find also his nick misleading, he should name NON-Thinker!
he should make his name a honor by doing himself the favor and use his
brain.

Get this out of the pfSense lists.
This is a support list and not an philosophers corner what everything is
bad in the world.

SUPPORT LIST for pfSense. GET IT

just to point it out:
ppl. whose are supporting closed source software are also supporting the NSA
and all the other kind of shit.
As long as one uses closed source software he should shut the fuck up.
As long as one uses the internet he should shut the fuck up.
As long as one uses TCP/IP he should shut the fuck up.
As long one is using Smartphones, Credit-Cards, Onlinebanking, Online-shops
and so on
shut the fuck up.

if one cannot understand why:
Internet -> invented by DARPA
TCP/IP -> invented by DARPA
RSA encryption -> financed by DARPA/NSA/Government

alternatives: invent a new internet including a new internet protocol and
all the stuff around it.

otoh he is to late. he missed the important points.
the leaked informations about Xkeysystem are from 2005 or 2008, huuuhaa and
now they all whine.
if your holyness mr snowden wouldn't be such a hero, you wouldn't even
know, care or worry about it.
so this is entirely ridiculous. one more time.
where are you been as it was important to care about it? eh?

at the times we warned the people, nobody would listen and called us
those who warned them: paranoid.

everyone uses high technologized stuff without to have any clue about how
this works,
if ppl. like us told them: learn this stuff, it can be dangerous
the answer was: naahh thats not important, i know what i am doing. you are
paranoid, nobody would ever do so.

i see. and now they come and whine ...pah *lol*

this has nothing to do with head meet sand.
may be, your head should get out of the sand.

ridiculous. this entire thematics is ridicoulus.

= = =  http://michael-schuh.net/  = = =
Projektmanagement - IT-Consulting - Professional Services IT
Rev. Michael 
Schuh
*Ordained Dudeist Priest *
Postfach 10 21 52
66021 Saarbrücken
phone: 0681/8319664
@: m i c h a e l . s c h u h @ g m a i l . c o m

= = =  Ust-ID:  DE251072318  = = =

2013/10/10 Chris L 

> On Oct 9, 2013, at 9:06 PM, Michael Schuh  wrote:
>
> > ridiculous
>
> Head, meet sand.
>
> Then again, consider the country of origin.  They have a history of not
> recognizing naked tyranny and evil until it's far too late.
>
> They will be in good company with all the apologists for the current
> American surveillance state.
>
>
> >
> > vvv
> > From: Thinker Rix  > >
> > User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64;
> >  rv:17.0) Gecko/20130801 Thunderbird/17.0.8
> >
> > 
> >
> >
> >
> > = = =  http://michael-schuh.net/  = = =
> > Projektmanagement - IT-Consulting - Professional Services IT
> > Rev. Michael Schuh
> > Ordained Dudeist Priest
> > Postfach 10 21 52
> > 66021 Saarbrücken
> > phone: 0681/8319664
> > @: m i c h a e l . s c h u h @ g m a i l . c o m
> >
> > = = =  Ust-ID:  DE251072318  = = =
> >
> >
> > 2013/10/10 Chris Buechler 
> > On Wed, Oct 9, 2013 at 9:20 AM, Thinker Rix 
> wrote:
> > > Dear pfsense-team,
> > >
> > > today I posted the following on your blog at
> http://blog.pfsense.org/?p=712
> > >
> > >
> > > 
> > >
> > > “Worried User Says: Your comment is awaiting moderation.
> > >
> > > October 9th, 2013 at 7:55 am
> > >
> > > Hi guys,
> > >
> > > I want to ask if you have been approached by any US government
> officials,
> > > such as NSA, FBI, etc. and been asked/ forced to include any backdoors,
> > > spyware, loggers, etc. into pfsense and if you did so.
> > >
> > > Thank you
> > >
> > > Worried User”
> > >
> > > 
> > >
> > >
> > > Some minutes later I could see that my entry was not released to the
> public
> > > - but deleted by the moderator, without any further comment.
> > >
> >
> > Not true, the comment was moderator approved. The only reason we have
> > moderation at all is because spam significantly outnumbers legit
> > comments and we don't want any spam on any of our sites, there isn't
> > some vast conspiracy going on.
> >
> > No, we have not been approached by anyone to backdoor or otherwise
> > compromise security of the project, at any point during our 9 year
> > history.
> >
> > I have indeed met with the NSA in person related to the product of one
> > of our rebrand customers a couple years back, one of their groups was
> > interested in evaluating the product. It survived the

Re: [pfSense] NSA: Is pfSense infiltrated by "big brother" NSA or others?

2013-10-09 Thread Chris L

On Oct 9, 2013, at 9:06 PM, Michael Schuh  wrote:

> ridiculous

Head, meet sand.

Then again, consider the country of origin.  They have a history of not 
recognizing naked tyranny and evil until it's far too late.

They will be in good company with all the apologists for the current American 
surveillance state.


> 
> vvv
> From: Thinker Rix  >
> User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64;
>  rv:17.0) Gecko/20130801 Thunderbird/17.0.8
> 
> 
> 
> 
> 
> = = =  http://michael-schuh.net/  = = = 
> Projektmanagement - IT-Consulting - Professional Services IT
> Rev. Michael Schuh
> Ordained Dudeist Priest
> Postfach 10 21 52
> 66021 Saarbrücken
> phone: 0681/8319664
> @: m i c h a e l . s c h u h @ g m a i l . c o m
> 
> = = =  Ust-ID:  DE251072318  = = =
> 
> 
> 2013/10/10 Chris Buechler 
> On Wed, Oct 9, 2013 at 9:20 AM, Thinker Rix  wrote:
> > Dear pfsense-team,
> >
> > today I posted the following on your blog at http://blog.pfsense.org/?p=712
> >
> >
> > 
> >
> > “Worried User Says: Your comment is awaiting moderation.
> >
> > October 9th, 2013 at 7:55 am
> >
> > Hi guys,
> >
> > I want to ask if you have been approached by any US government officials,
> > such as NSA, FBI, etc. and been asked/ forced to include any backdoors,
> > spyware, loggers, etc. into pfsense and if you did so.
> >
> > Thank you
> >
> > Worried User”
> >
> > 
> >
> >
> > Some minutes later I could see that my entry was not released to the public
> > - but deleted by the moderator, without any further comment.
> >
> 
> Not true, the comment was moderator approved. The only reason we have
> moderation at all is because spam significantly outnumbers legit
> comments and we don't want any spam on any of our sites, there isn't
> some vast conspiracy going on.
> 
> No, we have not been approached by anyone to backdoor or otherwise
> compromise security of the project, at any point during our 9 year
> history.
> 
> I have indeed met with the NSA in person related to the product of one
> of our rebrand customers a couple years back, one of their groups was
> interested in evaluating the product. It survived their security
> analysis quite well (at least from what they declassified and
> released), and better than most things that come into their lab from
> what I understand. At no point did any discussion happen related to
> back doors or other means of compromising security for them. I wasn't
> under NDA nor do I have a security clearance.
> 
> It is effectively a moot question to ask, given if we were, there's no
> way we could disclose that. Evidence suggests a number of huge tech
> companies have complied. There hasn't been any evidence to date that
> any open source projects were approached. A number of widely-respected
> security people have come out and said that open source solutions are
> better in the aftermath of the recent revelations. One example:
> "My guess is that most encryption products from large US companies
> have NSA-friendly back doors, and many foreign ones probably do as
> well. It's prudent to assume that foreign products also have
> foreign-installed backdoors. Closed-source software is easier for the
> NSA to backdoor than open-source software." -Bruce Schneier
> https://www.schneier.com/blog/archives/2013/09/how_to_remain_s.html
> 
> On crypto-related components, we rely on what's in stock FreeBSD.
> There are no indications it has been weakened or compromised.
> ___
> List mailing list
> List@lists.pfsense.org
> http://lists.pfsense.org/mailman/listinfo/list
> 
> ___
> List mailing list
> List@lists.pfsense.org
> http://lists.pfsense.org/mailman/listinfo/list

___
List mailing list
List@lists.pfsense.org
http://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] NSA: Is pfSense infiltrated by "big brother" NSA or others?

2013-10-09 Thread Michael Schuh

ridiculous

vvv

From: Thinker Rix 
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64;
 rv:17.0) Gecko/20130801 Thunderbird/17.0.8






= = =  http://michael-schuh.net/  = = =
Projektmanagement - IT-Consulting - Professional Services IT
Rev. Michael 
Schuh
*Ordained Dudeist Priest *
Postfach 10 21 52
66021 Saarbrücken
phone: 0681/8319664
@: m i c h a e l . s c h u h @ g m a i l . c o m

= = =  Ust-ID:  DE251072318  = = =


2013/10/10 Chris Buechler 

> On Wed, Oct 9, 2013 at 9:20 AM, Thinker Rix 
> wrote:
> > Dear pfsense-team,
> >
> > today I posted the following on your blog at
> http://blog.pfsense.org/?p=712
> >
> >
> > 
> >
> > “Worried User Says: Your comment is awaiting moderation.
> >
> > October 9th, 2013 at 7:55 am
> >
> > Hi guys,
> >
> > I want to ask if you have been approached by any US government officials,
> > such as NSA, FBI, etc. and been asked/ forced to include any backdoors,
> > spyware, loggers, etc. into pfsense and if you did so.
> >
> > Thank you
> >
> > Worried User”
> >
> > 
> >
> >
> > Some minutes later I could see that my entry was not released to the
> public
> > - but deleted by the moderator, without any further comment.
> >
>
> Not true, the comment was moderator approved. The only reason we have
> moderation at all is because spam significantly outnumbers legit
> comments and we don't want any spam on any of our sites, there isn't
> some vast conspiracy going on.
>
> No, we have not been approached by anyone to backdoor or otherwise
> compromise security of the project, at any point during our 9 year
> history.
>
> I have indeed met with the NSA in person related to the product of one
> of our rebrand customers a couple years back, one of their groups was
> interested in evaluating the product. It survived their security
> analysis quite well (at least from what they declassified and
> released), and better than most things that come into their lab from
> what I understand. At no point did any discussion happen related to
> back doors or other means of compromising security for them. I wasn't
> under NDA nor do I have a security clearance.
>
> It is effectively a moot question to ask, given if we were, there's no
> way we could disclose that. Evidence suggests a number of huge tech
> companies have complied. There hasn't been any evidence to date that
> any open source projects were approached. A number of widely-respected
> security people have come out and said that open source solutions are
> better in the aftermath of the recent revelations. One example:
> "My guess is that most encryption products from large US companies
> have NSA-friendly back doors, and many foreign ones probably do as
> well. It's prudent to assume that foreign products also have
> foreign-installed backdoors. Closed-source software is easier for the
> NSA to backdoor than open-source software." -Bruce Schneier
> https://www.schneier.com/blog/archives/2013/09/how_to_remain_s.html
>
> On crypto-related components, we rely on what's in stock FreeBSD.
> There are no indications it has been weakened or compromised.
> ___
> List mailing list
> List@lists.pfsense.org
> http://lists.pfsense.org/mailman/listinfo/list
>
___
List mailing list
List@lists.pfsense.org
http://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] NSA: Is pfSense infiltrated by "big brother" NSA or others?

2013-10-09 Thread Chris Buechler

On Wed, Oct 9, 2013 at 9:20 AM, Thinker Rix  wrote:
> Dear pfsense-team,
>
> today I posted the following on your blog at http://blog.pfsense.org/?p=712
>
>
> 
>
> “Worried User Says: Your comment is awaiting moderation.
>
> October 9th, 2013 at 7:55 am
>
> Hi guys,
>
> I want to ask if you have been approached by any US government officials,
> such as NSA, FBI, etc. and been asked/ forced to include any backdoors,
> spyware, loggers, etc. into pfsense and if you did so.
>
> Thank you
>
> Worried User”
>
> 
>
>
> Some minutes later I could see that my entry was not released to the public
> - but deleted by the moderator, without any further comment.
>

Not true, the comment was moderator approved. The only reason we have
moderation at all is because spam significantly outnumbers legit
comments and we don't want any spam on any of our sites, there isn't
some vast conspiracy going on.

No, we have not been approached by anyone to backdoor or otherwise
compromise security of the project, at any point during our 9 year
history.

I have indeed met with the NSA in person related to the product of one
of our rebrand customers a couple years back, one of their groups was
interested in evaluating the product. It survived their security
analysis quite well (at least from what they declassified and
released), and better than most things that come into their lab from
what I understand. At no point did any discussion happen related to
back doors or other means of compromising security for them. I wasn't
under NDA nor do I have a security clearance.

It is effectively a moot question to ask, given if we were, there's no
way we could disclose that. Evidence suggests a number of huge tech
companies have complied. There hasn't been any evidence to date that
any open source projects were approached. A number of widely-respected
security people have come out and said that open source solutions are
better in the aftermath of the recent revelations. One example:
"My guess is that most encryption products from large US companies
have NSA-friendly back doors, and many foreign ones probably do as
well. It's prudent to assume that foreign products also have
foreign-installed backdoors. Closed-source software is easier for the
NSA to backdoor than open-source software." -Bruce Schneier
https://www.schneier.com/blog/archives/2013/09/how_to_remain_s.html

On crypto-related components, we rely on what's in stock FreeBSD.
There are no indications it has been weakened or compromised.
___
List mailing list
List@lists.pfsense.org
http://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] NSA: Is pfSense infiltrated by "big brother" NSA or others?

2013-10-09 Thread Przemysław Pawełczyk

On Thu, 10 Oct 2013 00:05:22 +0300
Thinker Rix  wrote:

> Well, actually I started this thread with a pretty frank, 
> straight-forward and very simple question.

That's right and they were justified.

BTW, you pushed to the corner the (un)famous American hubris (Obama: US
is exceptional.), that's the nasty answers from some.

Thinker Rix, you are not alone at your unease pressing you to ask
those questions about pfSense and NSA.

Regards to all.
Przemysław Pawełczyk

-- 
Home network based on pfSense 2.1.

pgpGkBt8vlxDS.pgp
Description: PGP signature
___
List mailing list
List@lists.pfsense.org
http://lists.pfsense.org/mailman/listinfo/list

84 matches

Mail list logo