From owner-freebsd-questions@freebsd.org Mon Jan 28 11:27:36 2019 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id BD2C414AFB52 for ; Mon, 28 Jan 2019 11:27:36 +0000 (UTC) (envelope-from matthew@FreeBSD.org) Received: from smtp.freebsd.org (smtp.freebsd.org [96.47.72.83]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "smtp.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 61AEB8698E for ; Mon, 28 Jan 2019 11:27:36 +0000 (UTC) (envelope-from matthew@FreeBSD.org) Received: from smtp.infracaninophile.co.uk (smtp.infracaninophile.co.uk [81.2.117.100]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "smtp.infracaninophile.co.uk", Issuer "Let's Encrypt Authority X3" (verified OK)) (Authenticated sender: matthew/mail) by smtp.freebsd.org (Postfix) with ESMTPSA id 13ACA497C for ; Mon, 28 Jan 2019 11:27:36 +0000 (UTC) (envelope-from matthew@FreeBSD.org) Received: from leaf.local (unknown [88.212.184.97]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: m.seaman@infracaninophile.co.uk) by smtp.infracaninophile.co.uk (Postfix) with ESMTPSA id 6F24418530 for ; Mon, 28 Jan 2019 11:27:33 +0000 (UTC) Authentication-Results: smtp.infracaninophile.co.uk/6F24418530; dkim=none; dkim-atps=neutral Subject: Re: Wireless interface To: freebsd-questions@freebsd.org References: <20190126213957.adfeb61c.freebsd@edvax.de> <5C4CE8B8.4030608@gmail.com> <20190127013705.3e8cd5f3.freebsd@edvax.de> From: Matthew Seaman Message-ID: Date: Mon, 28 Jan 2019 11:27:18 +0000 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:60.0) Gecko/20100101 Thunderbird/60.4.0 MIME-Version: 1.0 In-Reply-To: <20190127013705.3e8cd5f3.freebsd@edvax.de> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-GB Content-Transfer-Encoding: 7bit X-Rspamd-Queue-Id: 61AEB8698E X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org X-Spamd-Result: default: False [-2.99 / 15.00]; local_wl_from(0.00)[FreeBSD.org]; NEURAL_HAM_MEDIUM(-1.00)[-0.999,0]; NEURAL_HAM_SHORT(-0.99)[-0.987,0]; ASN(0.00)[asn:11403, ipnet:96.47.64.0/20, country:US]; NEURAL_HAM_LONG(-1.00)[-1.000,0] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 28 Jan 2019 11:27:36 -0000 On 27/01/2019 00:37, Polytropon wrote: > This is not a sarcastic question. I'm really asking > myself (and you) why FreeBSD could_not_ be considered > to be available to the public_without_ containing > backdoors, spyware, or malware. Actually, the project is struggling with a lack of information about its userbase. If you're trying to make decisions about the lifecycle of support for a particular device it certainly helps to have an idea about how many people are using it. The recent exercise in deprecating support for a number of NICs that were limited to 100Mb/s being a case in point. As for whether stock FreeBSD contains backdoors or spyware -- I'm pretty sure it doesn't, but there are no absolute guarantees. You can boot it up on a network and do some forensics on the network traffic it generates and pretty well assure yourself it isn't "calling home". You can scan the drives for the signatures of known malware and you can do a line-by-line check of the source code to try and find backdoors. None of these measures will /prove/ that such things dont exist, but they will provide reasonable practical assurance of the security and integrity of the system which is probably good enough for most users. Cheers, Matthew