[old] An detection system for governments spyware

in #hash6 years ago (edited)

images.jfif

It is a system for alerting about governments national spyware. This system tries to avoid software publishers' cooperation with some governments e.g. Ubuntu and China for spying Chinese citizens,

Problem is east
Lack of independent security audit firms in these countries. Using vpn has some flaws.
a. using VPN like Tor makes you a more attractive target
b. still by buying VPN companies, governments (and therefore the participating software publisher) can know your real country

Problem in West
With cooperation of telecom companies with software publisher they can know if a IT company is downloading a software or an ordinary user which cannot detect an unknown spyware. Using VPN have 2 problem:
a. It makes you a more attractive target specially if you use Tor
b. still by buying VPN companies, governments (and therefore the participating software publisher) can identity you

Technique
An OS with a package manager that every time user connect to new VPN (A kind of Proxy service) or new isp (or travel to other country) ,
VPNs usually use own app for connecting so they worth trying even MIMA internet access.
the package manager downloads the repository index signed by distributor. The key is that all packages in older cache of index should exist in new index. if checksums in older index does not exist in the index that downloaded by new vpn, the package manager alarms the user
Note: This index is incremental. But clients don’t have to download from beginning of database.

What about OS itself?
The users can do some of above checkups manually for OS (and package manager) installation file. Although there are unconventional methods that can be used for accruing OS more safely. But Usually safest way is to acquire it through an e2ee chat with a friend in free world.

The OS updates will not allowed to manipulate the package manager. Only OS re-install can change it.

P2P systems will not help here, because bootstrapping in these systems are central.

===
Donation for surviving other idea including one that relates to medical malpractice (My grandfather was world man of year in math, and I'm the only one in family with his genius but with price of weak body in front of my bully low IQ brother):
needed for cancer treatment
Bitcoin
1GgdEXnHrANChn8w68wGLWPcvYkSAEbq6Q

#checksum #bank #database
6 years ago in #hash by
$0.00
    2 votes
    Reply 2
    Sort:  
  • Trending

    • Coin Marketplace

    STEEM 0.16
    TRX 0.17
    JST 0.029
    BTC 69212.15
    ETH 2511.68
    USDT 1.00
    SBD 2.57