<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
<title></title>
</head>
<body bgcolor="#ffffff" text="#000000">
On 7/4/2011 9:45 AM, Processing Qbits wrote:
<blockquote
cite="mid:CAAwtDu4ikVFsSAdcPDiY6RDLcxxSxMABHm1D38xksH=4KZCBTA@mail.gmail.com"
type="cite">
<div dir="ltr">I agree with what you say, but you didn't argue
about my approach, you debated another point which is very
interesting to me too.<br>
<br>
Who knows if the OpenSource really doesn't have backdoors? If
you want to take the risk, you can just depend on whoever checks
the source code....if you don't want to take the risk, you could
check it...moreover, Who knows if the OS compiled on your
machine is the same? Again, that's another choice to make, do I
compile it? Do I trust whoever did?<br>
<br>
Currently, in my stage, I'm still developing/reading the source
code of a famous microkernel...Minix....which should take me to
a tougher kernel, perhaps Linux...or another Microkernel....but
until then, I have no choice....unless perhaps to compile the
ubuntu source code....which seems rather pointless because I
don't know what I've compiled....That's my personal story<br>
<br>
The original debate's reply with an added challenge....Even if
we checked and compiled every single OpenSource program on our
PC's and Cellphones, we would still have ClosedSource software
to deal with....not to mention the hardware....even if you
tamper with the hardware, which is not possible in all
cases....there might be a misleading chip that you do not know
much about, if you remove it, it would disable the
cellphone...what would you do then?<br>
<br>
All these questions and challenges lead us to one answer.....Do
What You Can! If you can do something to protect yourself,
anything, do it....taking the risk isn't a good option, it
shouldn't be an option in the first place, but let's just say
it's not a good option.<br>
<br>
Security theoretically doesn't exist in a pure form, as a
challenge, people say that there is doesn't exist a 100% secure
system....though things like OTP (which are very old but still
used in secret agencies) (I know that because I've read an
article yesterday and had a debate over it, I'm not a security
expert)...challenge that very sentence, but let's just say
"There isn't a 100% secure system"...<br>
<br>
Ok, we accepted that....but does that mean, since everything can
be hacked, that we don't need security? What do we do?...the
answer is "Do What You Can!"<br>
<br>
So allow me to collectively answer your email with that
sentence....no need to kill yourself over security and in the
end there are ways to still bypass your methods, but "Do What
You Can!"<br>
<br>
Google's power isn't ok for me, I prefer distributing parts of
my e-life around so that no one has it all....there are ways for
people to go around it, but "I'm Doing What I Can!"...at least
concerning the google issue<br>
<br>
<div class="gmail_quote">On Mon, Jul 4, 2011 at 3:30 AM, Amahdy
AbdElAziz <span dir="ltr"><<a moz-do-not-send="true"
href="mailto:amahdy7@gmail.com">amahdy7@gmail.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt
0.8ex; border-left: 1px solid rgb(204, 204, 204);
padding-left: 1ex;">
<div dir="ltr"><font color="#000066"><font size="2"><font
face="courier new,monospace">In fact, and you know
that, Android and Simbian are OpenSource, and you
can have full control on your small computer (the
smart phone) if you are using any of those OS's. But
following the "mo2mra" theory, one of the phone
manufactures decided to put an extra tracking/spying
piece of code (or hardware), you can never tell, and
you have to relay on the QC (FCC, FDA, ...etc).<br>
<br>
The men responsible of pen tracing the Linux code,
may get paid (following the mo2mra theory also), to
let a piece of spying code be installed on all of
our machines. (Anybody can pen trace, but nobody
does ... and nobody is able to do that for the ISO
that you download from Ubuntu or Fedora for example,
it's already compiled and closed ,,, only few who
get a kernel source, compile it, and compile on top
of it all what they need, but they can never read
all the source code of everything to make sure that
there isn't a spy code somewhere). Did you read <a
moz-do-not-send="true"
href="http://marc.info/?l=openbsd-tech&m=129236621626462&w=2"
target="_blank">this</a> before? OpenBSD contained
a backdoor "in the opensource implementation of
IPSec" for TEN years.<br>
<br>
I'll remind you what I said before, Google's power
is ok for me as far as it's not the only power and
there is good potential and competitive
alternatives.<br>
<br>
So let's imagine this situation, (who knows may it
will happen one day =)), you are the CEO of Google
and you want to please your concepts, so what would
you change in Google's strategies? putting in mind
that you have the responsibility of:<br>
(1) Getting a good revenue for the company to
survive.<br>
(2) Getting a good impact from the company to grow
(not disappear like MySpace for example).<br>
<br>
<br clear="all">
</font></font></font>
<div class="im">
<div dir="ltr">
<span style="color: rgb(0, 0, 0); font-family: courier
new,monospace;"><br>
</span><span style="color: rgb(0, 0, 102);
font-family: courier new,monospace;"><span
style="color: rgb(0, 0, 0);">-- Amahdy AbdElAziz</span><br
style="color: rgb(0, 0, 0);">
<a moz-do-not-send="true" style="color: rgb(0, 0,
0);" href="http://www.amahdy.net" target="_blank">http://www.amahdy.net</a><br
style="color: rgb(0, 0, 102); font-family: courier
new,monospace;">
</span></div>
<br>
<br>
<br>
</div>
<div>
<div class="h5">
<div class="gmail_quote">On Sun, Jul 3, 2011 at 05:29,
Processing Qbits <span dir="ltr"><<a
moz-do-not-send="true"
href="mailto:processingqbits@gmail.com"
target="_blank">processingqbits@gmail.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin: 0pt
0pt 0pt 0.8ex; border-left: 1px solid rgb(204,
204, 204); padding-left: 1ex;">
<div dir="ltr">I believe businessmen usually do
have more than one cellphone (though they have
it for a different reason and that reason is
probably fading with cellphones having the
capability to use more than one chip) but then
again, a cellphone is more like a computer<br>
Why do I choose Linux over Windows? It gives me
more control over my computer....anything that
goes wrong, anything that I wish to change...I
am able to<br>
So if I have similar control over my cellphone,
I believe it would be like my computer...<br>
<br>
As much as I respect google, I fear that it is
gaining too much power, but I guess I have to
respect other people's opinions too...while your
approach is "if you don't want your secret to be
out there, don't put it there"....my approach
would be "if you don't want one company to hold
all your secrets, give a piece to each so that
none has it all"<br>
<br>
Your approach: Security by Obscurity<br>
My approach is similar to anonymous emails
through 2 or more remailers....the first will
have your real email but your encrypted
message....the last will have your real message
and the person it is being sent to but not your
own email<br>
<br>
So I'll just agree to disagree!<br>
<br>
<div class="gmail_quote">On Sun, Jul 3, 2011 at
3:25 AM, Amahdy AbdElAziz <span dir="ltr"><<a
moz-do-not-send="true"
href="mailto:amahdy7@gmail.com"
target="_blank">amahdy7@gmail.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:
0pt 0pt 0pt 0.8ex; border-left: 1px solid
rgb(204, 204, 204); padding-left: 1ex;">
<div dir="ltr"><font color="#000066"><font
size="2"><font face="courier
new,monospace">+Islam: Yes I see
your point, I mean the mobile that
you mentioned, usually contains very
sensitive data maybe more than the
whole web (it contains phone numbers
of family, friends, SMS, ..etc) and
the more advanced is the phone, the
more information it has, (like
emails, businesses, calendar, memo,
... NFC? ... location, pictures,
...etc)<br>
Ok so Google is a bad company, I'm
not going to use Android, I'm going
to use what? Simbian? Windows7? iOS?
RIM? ...etc? it's all the same, the
individual IMO has to choose a
company and relay on it (give it
some trust) [[of course to some
extend, I'm saying being cautious
from the beginning]]. IMO also, I
won't get Android for family usage,
iOS for business, Simbian for
friends ...etc, no I'll choose one
only company at my own risk... or
else everybody should not use
technology because it's risky.<br>
<br>
One more interesting example of what
Google does, is the monthly email
they send to me about "Your Latitude
Service is ON, be careful!" it's
like asking "So,, are you going to
turn off the latitude account?" my
answer is always NO keep it ON, I'll
never go near "El Haram Street" so
I'm ok with that =))<br clear="all">
</font></font></font>
<div>
<div>
<div dir="ltr"><span style="color:
rgb(0, 0, 0); font-family: courier
new,monospace;"><br>
</span><span style="color: rgb(0, 0,
102); font-family: courier
new,monospace;"><span
style="color: rgb(0, 0, 0);">--
Amahdy AbdElAziz</span><br
style="color: rgb(0, 0, 0);">
<a moz-do-not-send="true"
style="color: rgb(0, 0, 0);"
href="http://www.amahdy.net"
target="_blank">http://www.amahdy.net</a><br
style="color: rgb(0, 0, 102);
font-family: courier
new,monospace;">
</span></div>
<br>
<br>
<br>
<div class="gmail_quote">2011/7/2
Islam Hassan <span dir="ltr"><<a
moz-do-not-send="true"
href="mailto:eng.islam_hassan@hotmail.com"
target="_blank">eng.islam_hassan@hotmail.com</a>></span><br>
<blockquote class="gmail_quote"
style="margin: 0pt 0pt 0pt 0.8ex;
border-left: 1px solid rgb(204,
204, 204); padding-left: 1ex;">
<div>
<div dir="ltr">
@Amahdy: I'm not saying that
they're doing that or they're
gonna do that, I'm just, as I
said, imagining what they can
do with it and no one can say
they can't. In my opinion, why
should any one take the risk,
as developers or engineers, we
always consider the worst
case.<br>
<br>
<div>
<hr>From: <a
moz-do-not-send="true"
href="mailto:amahdy7@gmail.com"
target="_blank">amahdy7@gmail.com</a><br>
Date: Sat, 2 Jul 2011
05:57:52 +0300<br>
Subject: Re: Online Meeting<br>
To: <a
moz-do-not-send="true"
href="mailto:ubuntu-eg@lists.ubuntu.com"
target="_blank">ubuntu-eg@lists.ubuntu.com</a><br>
<br>
<div dir="ltr"><font
color="#000066"><font
size="2"><font
face="courier
new,monospace">+Islam:
I believe NOT in the
"mo2amra" theory :D,
if I'm one of
America's enemy then
my e-life doesn't
add for them
anything. Yes Google
may decide to spy on
me, but who may not?
I don't have the
capability to
fabricate my own
cell phone yet so I
have to relay on
some companies to do
that for me ... :))<br>
<br>
One of the
interesting things
made by G+ (yes -so
far- they listen and
they care up to a
very high limit):<br>
<i><br>
</i></font></font></font>
<blockquote
style="padding-left:
1ex;">
<font color="#000066"><font
size="2"><font
face="courier
new,monospace"><i>If
you're sharing a
post with a
small circle of
people, you can
prevent
resharing. Click
the arrow at the
top-right of the
post and choose
"Disable
reshare."</i></font></font></font><br>
</blockquote>
<font color="#000066"><font
size="2"><font
face="courier
new,monospace"><br>
Will solve the "Send
something private to
someone, and he
FWD's it".<br>
This is not an
ultimate solution
BTW, he still can
copy the content and
post it again...<br>
</font></font></font>
<div dir="ltr"><span
style="color: rgb(0,
0, 0); font-family:
courier
new,monospace;"><br>
</span><span
style="color: rgb(0,
0, 102); font-family:
courier
new,monospace;"><span
style="color: rgb(0,
0, 0);">-- Amahdy
AbdElAziz</span><br
style="color: rgb(0,
0, 0);">
<a
moz-do-not-send="true"
style="color: rgb(0,
0, 0);"
href="http://www.amahdy.net"
target="_blank">http://www.amahdy.net</a><br
style="color: rgb(0,
0, 102);
font-family: courier
new,monospace;">
</span></div>
<br>
<br>
<br>
<div>2011/7/2 Islam Hassan
<span dir="ltr"><<a
moz-do-not-send="true"
href="mailto:eng.islam_hassan@hotmail.com" target="_blank">eng.islam_hassan@hotmail.com</a>></span><br>
<blockquote
style="padding-left:
1ex;">
<div>
<div dir="ltr">
@Amahdy:
<div>* You say you
don't mind if
any body else
knows what
you're doing,
that doesn't
mean every on
feels the same.</div>
<div>* Google CAN
know what's
going on in your
house and
between you and
your friends.
How? Google
Android @ Home
and Google open
accessories CAN
CONTROL what
happens in your
home.</div>
<div>* Imagine
that google or
the american
government for
example has an
enemy. they can
track his
location and
even kill him
and make it look
like an
accident. and by
enemy I mean any
one who'd be a
pain in the
throat like some
activist or
something like
that ( I'm just
going as far as
I can imagine).
let's say the
american
government
decide to keep
track of all
arabs or muslims
inside the US
for security
purposes or
something. they
can listen to
what you do by
activating the
microphone in
your android
phone or any
thing like that.
use your
imagination, as
I said, when I
watched google
IO day 1 key
note, suddenly,
I robot's VIKI
jumped into my
mind.</div>
</div>
</div>
<br>
--<br>
Ubuntu-eg mailing list<br>
<a
moz-do-not-send="true"
href="mailto:Ubuntu-eg@lists.ubuntu.com" target="_blank">Ubuntu-eg@lists.ubuntu.com</a><br>
Modify settings or
unsubscribe at: <a
moz-do-not-send="true"
href="https://lists.ubuntu.com/mailman/listinfo/ubuntu-eg"
target="_blank">https://lists.ubuntu.com/mailman/listinfo/ubuntu-eg</a><br>
<br>
</blockquote>
</div>
<br>
</div>
<br>
-- Ubuntu-eg mailing list
<a moz-do-not-send="true"
href="mailto:Ubuntu-eg@lists.ubuntu.com"
target="_blank">Ubuntu-eg@lists.ubuntu.com</a>
Modify settings or
unsubscribe at: <a
moz-do-not-send="true"
href="https://lists.ubuntu.com/mailman/listinfo/ubuntu-eg"
target="_blank">https://lists.ubuntu.com/mailman/listinfo/ubuntu-eg</a></div>
</div>
</div>
<br>
--<br>
Ubuntu-eg mailing list<br>
<a moz-do-not-send="true"
href="mailto:Ubuntu-eg@lists.ubuntu.com"
target="_blank">Ubuntu-eg@lists.ubuntu.com</a><br>
Modify settings or unsubscribe at:
<a moz-do-not-send="true"
href="https://lists.ubuntu.com/mailman/listinfo/ubuntu-eg"
target="_blank">https://lists.ubuntu.com/mailman/listinfo/ubuntu-eg</a><br>
<br>
</blockquote>
</div>
<br>
</div>
</div>
</div>
<br>
--<br>
Ubuntu-eg mailing list<br>
<a moz-do-not-send="true"
href="mailto:Ubuntu-eg@lists.ubuntu.com"
target="_blank">Ubuntu-eg@lists.ubuntu.com</a><br>
Modify settings or unsubscribe at: <a
moz-do-not-send="true"
href="https://lists.ubuntu.com/mailman/listinfo/ubuntu-eg"
target="_blank">https://lists.ubuntu.com/mailman/listinfo/ubuntu-eg</a><br>
<br>
</blockquote>
</div>
<br>
</div>
<br>
--<br>
Ubuntu-eg mailing list<br>
<a moz-do-not-send="true"
href="mailto:Ubuntu-eg@lists.ubuntu.com"
target="_blank">Ubuntu-eg@lists.ubuntu.com</a><br>
Modify settings or unsubscribe at: <a
moz-do-not-send="true"
href="https://lists.ubuntu.com/mailman/listinfo/ubuntu-eg"
target="_blank">https://lists.ubuntu.com/mailman/listinfo/ubuntu-eg</a><br>
<br>
</blockquote>
</div>
<br>
</div>
</div>
</div>
<br>
--<br>
Ubuntu-eg mailing list<br>
<a moz-do-not-send="true"
href="mailto:Ubuntu-eg@lists.ubuntu.com">Ubuntu-eg@lists.ubuntu.com</a><br>
Modify settings or unsubscribe at: <a
moz-do-not-send="true"
href="https://lists.ubuntu.com/mailman/listinfo/ubuntu-eg"
target="_blank">https://lists.ubuntu.com/mailman/listinfo/ubuntu-eg</a><br>
<br>
</blockquote>
</div>
<br>
</div>
</blockquote>
The way I see it, open source mentality was never about making
absolutely perfect secure software. (that's an impossibility
actually)<br>
It was rather a way to share code and build things as a community by
helping each other and building upon each other's knowledge and
experience. Nothing more and nothing less.<br>
Most open source software is driven by the desire to build something
better than what's available for a specific task, or just to have
fun :)<br>
<br>
[warning] rant about closed source thinking follows...<br>
But why did the open source mentality even exist and become a thing?
because there is the opposite.....<br>
Everytime I see a developer who thinks that what he writes is sacred
Alchemy only he can ever figure out and create.. I feel sorry, that
kind of mentality can only take him so far. Furthermore, I noticed
two common traits that come with it, the absolute irrational
devotion to one and only one closed software solution, and that they
usually dream about working for Microsoft/Oracle one day.<br>
Coding for them is a secret, not a way of life. <br>
The ones I know are even very proud about their closeness, I even
heard a term that a "closed" friend coined to describe that
mentality: the black box.<br>
Now, don't get me wrong I'm ok with closeness on the basis that it's
a personal point of view whether for individuals or companies, why
would I even care? However,... I care when I see a closed developer
deliberately misleading a newbie and throwing him into infinite
loops, I get angry and have to do something about it.</rant><br>
<br>
In the end, if you really really don't like your software (whatever
it was) you are the only one stopping you from developing your own
stuff. If you suspect open source software X of having a backdoor
and that's really really important for you, clone the repo and start
reading :)<br>
<br>
<br>
<br>
<br>
</body>
</html>