Ever since the NSA PRISM scandal broke headlines there's been a slew of debates concerning the legality and ethics of the program. Some people argue that this kind of mass data collection is required to combat terrorism while others say it's a massive violation of the 4th amendment. I won't be arguing whether what the NSA is doing is right or wrong, rather I would like to write about one way the NSA is able to do this kind of massive data collection and how we can protect ourselves from it.
The vast majority of desktop and laptop computers today run Microsoft Windows. Windows is a proprietary, closed-source operating system designed by Microsoft. It allows users to run applications designed to run on Windows. Since Windows is a proprietary closed-source operating system nobody, except the developers, knows the exact specifics of what it does. If Microsoft wanted they could write code which sends all user data back to their servers or code that allows them access to any machine running Windows. This is what would be known as a backdoor and ever since the NSA PRISM scandal broke I have been inclined to believe that Windows has an NSA backdoor. If this is true, then this means the NSA has complete access to the data on any computer that runs windows. In fact, recently the Chinese Government banned Windows 8 from being installed on any government computers due to concerns over potential NSA backdoors.
So how can someone protect themselves from such a threat to their privacy? I think the best way to protect yourself is to run open-source software. Open-source software is any software where the source code is freely available to everyone. Any programmer can look at the code and examine it line by line for any potential backdoors. And while this does not guarantee that there are no backdoors I would say that the potential for a backdoor is much lower in such software.
One piece of software I have recently started using is Linux. Linux is a free, open-source operating system. It is developed by hundreds of people as a community effort for an operating system that is free, open-source and not controlled by one large corporation. Anyone can download a distro of linux and install it on their computer for free. This culture of open-source software continues within the linux operating system. Many of the applications written for linux are themselves open-source. In addition, another one of the biggest benefits of this software is that it is free. So you don't have to pay Microsoft $200 just to use your computer.
While we battle the NSA in the courts over the legality of this mass spying, the NSA continues to record all of our private data. The role of open-source software has become as important as ever. We can no longer trust corporation such as Microsoft or Apple to protect our data. If we wish to protect our privacy we need open-source software. While I doubt this blog post will convince anyone that they need to switch to linux I hope this at least gets some people to question whether they can really trust a massive corporation like Microsoft or Apple with their private data. However, if this blog has inspired you to try using an open-source operating system such as linux I would recommend starting with a user friendly linux distro such as Ubuntu or Fedora (which I wrote this blog post in).
While switching to an operating system built on top of the Linux kernel is a great step forward, it is in no case a "silver bullet" solution. As you are likely aware, Ubuntu is a distribution that is chiefly maintained and developed by Canonical Ltd. - a corporation similar to any other. While most of their operating system is indeed open source, they still enjoy including a "feature" that, by default, sends all of your search data to Amazon. Also, while you're right that many of the applications/packages written for any Linux-based OS are open source, note that common/popular applications like Spotify, Skype, and Steam (among others) are all closed source applications. Furthermore, like many other distributions, Ubuntu ships with a kernel that has various closed-source binary blobs compiled in (generally low-risk/harmless, but nevertheless).
ReplyDeleteLet's suppose you were to disable this feature, use only open source software, and compile the kernel from source yourself (carefully making sure to deselect all of the binary blobs) - or used a different distribution like Debian. A lot of drivers that you'll still likely require (NVidia, AMD, many wireless drivers, etc) are currently, and will probably always be closed source.
Suppose you're able to select your hardware carefully and choose only those devices which have open-source support/drivers - you're still at the mercy of your computer's almost definitely closed source firmware (BIOS).
All of that said, I do deal with Linux-based operating systems (along with plenty of Windows and FreeBSD) on a daily basis in both personal and professional capacities, and I do agree that open-source software is somewhat "safer" (barring occasional, publicly-disclosed vulnerabilities like OpenSSL's Heartbleed mishap), more versatile in some scenarios, and can be more stable if properly configured.
I agree with the point you made about ubuntu. The only reason I recommended it in the article is it is one of the most user friendly distros out there and would probably be one of the best to start in.
ReplyDeleteWhile you are right about the fact that you will probably always be using some proprietary bits, that doesn't mean switching to linux is a waste of time. One of the biggest reasons to switch to using linux is price. It's free and using linux means you aren't supporting microsoft's monopoly on the desktop computer.
Also, there are many open source alternatives to the closed source drivers you mentioned. For nvidia graphics you can use nouveau, and as for the BIOS there is a piece of open source software called coreboot which can be used to replace that (assuming your computer is one of the supported ones). While these open source solutions aren't as great as the proprietary ones they are progress and the closer we get to a fully open source system the better.