From owner-freebsd-questions@FreeBSD.ORG Wed Jun 11 21:03:13 2008 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 857591065671 for ; Wed, 11 Jun 2008 21:03:13 +0000 (UTC) (envelope-from davidfeustel@comcast.net) Received: from QMTA01.emeryville.ca.mail.comcast.net (qmta01.emeryville.ca.mail.comcast.net [76.96.30.16]) by mx1.freebsd.org (Postfix) with ESMTP id 6D88F8FC1C for ; Wed, 11 Jun 2008 21:03:13 +0000 (UTC) (envelope-from davidfeustel@comcast.net) Received: from OMTA10.emeryville.ca.mail.comcast.net ([76.96.30.28]) by QMTA01.emeryville.ca.mail.comcast.net with comcast id cbT51Z00U0cQ2SLA10Yt00; Wed, 11 Jun 2008 20:47:13 +0000 Received: from localhost ([69.245.196.200]) by OMTA10.emeryville.ca.mail.comcast.net with comcast id cknB1Z00B4KuD458WknCKK; Wed, 11 Jun 2008 20:47:13 +0000 X-Authority-Analysis: v=1.0 c=1 a=IbiW8lfIFwt9GK970O0A:9 a=CChghbCJtJg_cf5QwVbkHbV4E1kA:4 a=LY0hPdMaydYA:10 From: YANSWBVCG To: David Naylor In-Reply-To: <200806112225.36221.naylor.b.david@gmail.com> Message-Id: <20080611210313.6D88F8FC1C@mx1.freebsd.org> Date: Wed, 11 Jun 2008 21:03:13 +0000 (UTC) X-Mailman-Approved-At: Wed, 11 Jun 2008 23:13:26 +0000 Cc: freebsd-questions@freebsd.org Subject: Re: FreeBSD and User Security X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 11 Jun 2008 21:03:13 -0000 On Wed, Jun 11, 2008 at 10:25:32PM +0200, David Naylor wrote: > Hi All, > > Today I read an article describing how my government had lost ZAR200 000 000 > from fraud. This is just under $25 000 000. The article credited this loss > largely due to the use of spyware. > > My question is how secure is FreeBSD (including KDE, GNOME and XFCE) to > attacks, including cracking and spyware. In addition, is there anyway to > prevent a user from executing a program that is not owned by root (i.e. any > program installed by the user), this would prevent spyware being installed > (assuming root has been properly locked down) and subsequently run. > > If anyone, in addition, has answers for Linux and *BSD it would be great to > know as well. > > Best Regards > > David It is my understanding that since 1995 all computers must have a hardware back door that permits undetectable access by the government to the computer. This capability can be implemented using System Monitor(Maintenance) Mode which is built into all x86 computers now. It would appear that, if you are connected to the internet, the government has access to your computer.