On 12/22/2013 07:05 AM, Mike Wright wrote:
Hi all,
After Edward Snowden spilled the beans on the NSA I've become
extremely paranoid about system security. If not the NSA, who else?
I've been trying to find out if the versions of openssl shipped by
fedora use the "Dual Elliptical Curve" encryption method that RSA so
politely (for a tidy $um) made default at the request of the US's NSA.
That is the encryption method with the NSA's very own backdoor.
If so, has it been corrected? Is openssl even safe to use anymore?
What about previous versions of fedora?
And what about our certificates? Are they more or less useless now?
Where do we go from here?
If anybody is up on security I think we'd all like to know what is
going on here esp. re fedora.
Thanks *very* much for any help on this,
Mike Wright
ps. for spit and giggles maybe everybody ought to take all their
non-private email and CC them to the NSA. That will give them
something else to do with their time besides wiping their butts on the
constitution.
Not so funny thing for me is: When I was helping convert a religious
site in the USA to Russian language my email system at bigpond.com
eventually had a chronic backlog of emails and could send and receive no
more. Translators and reviewers kept getting email return notices that
my bigpond email box was full, even though it had no emails in it and
bigpond could find no problems. Security advice was that I was and still
have all my email addresses monitored. I hope they like the Linux chat
and other bland conversations.
I think, now that bigpond have gone over to windows server, it'll be far
easier to infiltrate, oops, I mean keep tabs on things.
Roger
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
