Germany warns: You just CAN'T TRUST some Windows 8 PCs

It has always been so, why should it change?

In times past, commercial operators have always been part of the government spy system.

This is most obvious in the way organisations like the Dutch East Inda Company etc operated. As part of the deals they got to explore and trade, they would be required to report back to the intelligence agencies of the time.

Exactly the same happened during more modern times with large companies that had offices in foreign lands. They were all riddled with both commercial and governmental spooks. These helped before/during WW1, WW2, cold war,...

So to think that the spooks are not deeply embedded in the large corporations of today, particularly those providing software, software-based services and communications, would be absurd. Human nature does not change that fast and intelligence organisations would not walk away from such resources - even if commanded to by the govt.

Pretty much all info worth gathering is in computers. As with drones, there is no need to expose humans to threat. Just bury spying deep in the computer and you can remotely access just about anything from anywhere.

Yeah, but judging from Microsoft's past history in the DoD affair (and multiple others), they'd say that anyway.

Now they're just saying that whilst thinking to themselves "and we really can't say anything else this time !".

Re: Whose system?

Not anymore! Didn't you know that?

Richard Stallman almost lost his voice barking this to all four cardinal points while we all of us had a good laugh at it.

Live and learn, folks!

Re: Whose system?

"I bought it, I own it, it's mine".

Except for the software, of course.

- Does my PC's file index and the things I search for on my HD get sent back to the mothership?

Answer: "No, of course not", leaving out: - "That is what the Anti Virus Software really does"! -

Or rather, it doesn't: It really search for hashes of files and returns "yes" or "no" - or " degrees of similarity", probably allows remote queries on "the kind of stuff" there is on a given computer. It gives a template of files that are on all computers, so one can find "interesting" computers (outliers) and maybe monitor the spread of ideas (same hash codes/similar documents propagating),

Can't remember anything about backdoors in any of the windows-on-dos series and, frankly, why would they have bothered when those OSs scarcely even pretended to offer any semblance of security at all?

Perhaps you're thinking of the NSA_KEY implanted in every 32bit Windows; from early in the conception of NT. Scott Culp of the "Microsoft Security Response Center" explained the existence of the NSA_KEY thus:

"In 1992-93, Windows NT program management identified a need for a cryptographic API set that would allow third-party cryptographic modules to be installed. Because of the obvious parallels to the "crypto with a hole" case, we went to State Department, who confirmed that they would not grant export approval for our design unless it controlled which third-party cryptographic modules could be installed."

http://cryptome.org/nsakey-ms-dc.htm

Re: Which PC's don't have TPM

The TPM itsself can't do very much without cooperation from the OS - all it can do is make sure BIOS updates are signed and enforce Secure Boot - a feature which, for now, Microsoft still generously permits you to disable. So if you run linux, it won't bother you. On the upside, the TPM does include a cryptographic accelerator and RNG (True R, not PR) - so if you get the linux drivers working, it could be used to give an SSL webserver or something a performance boost.

Any Linux you can inspect the source code of is pretty much guaranteed to not contain back doors. It can still contain vulnerabilities of course, but not back doors, there's simply too many people vetting it.

OpenBSD, it's not Linux though

>Whats the BEST non-US backed Linux?

Well, Linux (i.e. the kernel) is very much a distributed multinational effort but since its spiritual and de-facto leader has migrated right into the hart of the axis of evil, I'll presume you mean "distro" rather than the kernel and whole heartedly point you in the direction of OpenSUSE.

Mandriva/Mageia and KNOPPIX spring immediately to mind too. Probably both more "enthusiast" than "best" but that's a pretty subjective distinction. Ubuntu is "based" (registered - for tax reasons, etc) on the Isle of Man but main offices are London. Not that I'd let that bother you - (F)OSS is effectively a game of whack-a-mole for big-gov and their mega-corp minions... try to piss about with it and it'll just slip through your fingers and pop up again (sans pissing about) in ten different places. Just ask MS, Oracle, SCO, etc... That's what those "virus/cancer" licences are all about.

There are some significant government (national or regional) supported offerings from Spain, Greece, Germany, Turkey, Brazil, amongst others.

distrowatch.com is an excellent reference of all things distro. You can search its (surprisingly well maintained considering) database by all manner of criteria, including "country of origin."

Good hunting.

>And on that token why hasn't anyone ever brought up SELinux yet?

Probably because:

a) It's offered (publicly) to an open project which thoroughly and openly reviews it (as it does ALL contributions). Not secretly escrowbared into some take-it-or-leave-it immense binary blob by clandestine decree from upper ECHELONs.

b) It's optional. Use AppArmour if you prefer. Or ACLs, or something offered by whichever filesystem you favour, or hypervisors, or whatever. There are myriad ways to crack the nut and the diversity of (F)OSS is it's greatest strength. Choose whatever best suits YOU... rather than the M$ "you'll do it this way" doctrine. Have a quick squint at Qubes for an example... a new, simple yet ingenious and rather exciting approach at addressing these sort of trust problems by means of rigorous abstraction.

your Uncle is more informative than my Uncle