Open source operating systems in general are less worrisome because their code is open to inspection by anyone with the skills to understand it. Does that mean Linux computing platforms from nongovernmental sources in politically tense countries are equally worry-free? At least one situation last year brought FOSS’ safe-to-use reputation into question. Given that several governments — including the U.S. — have concerns with Android-based mobile phone products made by Huawei, should related security concerns extend to Deepin Linux?
Thank-you for this excellent article. Deepin does, indeed, seem like an interesting distro. I'm concerned about security, for the reasons mentioned, and because the Chinese government has a history of forcing people to do things on penalty of treason/disappearing. They could, someday, order the devs to put in a backdoor.
Personally, I'm hoping that someone forks Deepin Desktop Environment, so that we can have a thoroughly security-reviewed version available with all app integrations, in a non-Chinese distro. I would really like to use this, but I just can't take the risk.
One thing that I feel bears correction:
Full disk encryption cannot protect data from the operating system, if the OS is doing the encryption. The operating system has access to the decryption key, and can access everything on that machine, encryption or not.
Thank you for your comments on this article. You raise a very good point about the reliability of full disk encryption controlled by the operating system.
I frequently discuss security issues with cybersecurity experts. Interestingly, one of their often-made suggestions is to apply full disk encryption. Perhaps that mantra needs clarification. Maybe an encryption tool provided by a distro developer is not a good option.
I am not a security expert. I do not have any insight into how reliable Deepin Linux's encryption application is compared to other third-party AES-compliant encryption products. But I will broach that topic in my next chat with cybersecurity experts.
what is racist about this article? having a general concern about a product produce by a company in a country that is well known for its lack of human/civil rights and it being an overwhelming police/surveillance state isn't racism, but ignoring a potential security issue makes a fool.
I can't believe what I'm reading here. China bashing again with wot?? Rogue software in OS?? !!
Forcing people to add backdoor ??!! Are you delusional???
So far there s literally no evidence to suggest Chinese government did those.
What's proven now is US has asked software companies to added back doors. Apple CEO Tim Cook openly said: Chinese didn't ask us to add backdoor. The US government did.
I'm not even going to start on NSA.
Another government is AUS. The infamous AA bill legalised backdoor for AUS made software.
And yet you are here China bashing ?!! Textbook example of brainwashing and Donny Kruger effect.
Huawei released ALL of their software for review by UK goverment. They found no backdoor.
DJI opene sourced their government version of drone firmware.
I suggest you keep your BS / racism / PC out of the open source communities.
You are a living insult to all who put effort to make software political free.
I thought linuxinsider was reliable so I really can't believe I'm reading this piece of racist propaganda. It looks you didn't mean it and were also fooled by that propaganda, but it's still only that, propaganda and not true.
It's surreal and unbelievable that anyone points out security concerns on free/opensource software, ignoring the fact that most proprietary ones are __known__ to __have__ backdoors for so long. If you're so concerned about being attacked by the chinese people maybe you should fear they can hack Windows, IOS, etc and not software that is organically more safe because anyone can inspect it. It's also not true that they're too large to be safe, since the bulk of the code used is shared between most GNU/Linux projects. Software security has never been and will never be a nationality issue.
Have you ever heard of NSA, Wikileaks and EEUU government hunt on Assange and Snowden? You missed all the Cambridge Analytica scandal stuff and you're still worried about the boogie man or even Stalin or Mao to come and spy on you? It's just stupid to take this anti-huawei movement seriously when it's obviously because no one can keep up with their breakthroughs on 5G, as it's happening on tech, economy and most fields now with china way ahead. So they come up with all this baloney. And what impresses me more is that they're accusing China of doing what americans have done for decades to the whole world, although that's ok. This is racism.
I'll end citing this news article entitled "Amazon Kindle users surprised by 'Big Brother' move":
Don't you reproduce behavior on your surroundings without any critical thinking people. Here on the net people will notice you're being fed bullshit!
For the world's sake, I wish you prove yourselves more capable and smart than Trump and all those bootlickers that surround him.
You might want to fix your article. In it, you said you last reviewed 15.18 but meant to put 15.8. I do appreciate the article though. I know many places even Russia have a distribution and even a virus protection software as well. It is something that we have to keep a close eye on. I am glad that the code can be seen by everyone so hopefully, if someone tries to slip something through hopefully it will be caught.
Loading ...
Deepin Linux: Security Threat or Safe to Use?
Posted by: Jack M. Germain May 31, 2019 09:40 AMOpen source operating systems in general are less worrisome because their code is open to inspection by anyone with the skills to understand it. Does that mean Linux computing platforms from nongovernmental sources in politically tense countries are equally worry-free? At least one situation last year brought FOSS’ safe-to-use reputation into question. Given that several governments — including the U.S. — have concerns with Android-based mobile phone products made by Huawei, should related security concerns extend to Deepin Linux?
Personally, I'm hoping that someone forks Deepin Desktop Environment, so that we can have a thoroughly security-reviewed version available with all app integrations, in a non-Chinese distro. I would really like to use this, but I just can't take the risk.
One thing that I feel bears correction:
Full disk encryption cannot protect data from the operating system, if the OS is doing the encryption. The operating system has access to the decryption key, and can access everything on that machine, encryption or not.
Great article, overall. Thanks!
I frequently discuss security issues with cybersecurity experts. Interestingly, one of their often-made suggestions is to apply full disk encryption. Perhaps that mantra needs clarification. Maybe an encryption tool provided by a distro developer is not a good option.
I am not a security expert. I do not have any insight into how reliable Deepin Linux's encryption application is compared to other third-party AES-compliant encryption products. But I will broach that topic in my next chat with cybersecurity experts.
Thanks for sharing that potential flaw!
Forcing people to add backdoor ??!! Are you delusional???
So far there s literally no evidence to suggest Chinese government did those.
What's proven now is US has asked software companies to added back doors. Apple CEO Tim Cook openly said: Chinese didn't ask us to add backdoor. The US government did.
I'm not even going to start on NSA.
Another government is AUS. The infamous AA bill legalised backdoor for AUS made software.
And yet you are here China bashing ?!! Textbook example of brainwashing and Donny Kruger effect.
Huawei released ALL of their software for review by UK goverment. They found no backdoor.
DJI opene sourced their government version of drone firmware.
I suggest you keep your BS / racism / PC out of the open source communities.
You are a living insult to all who put effort to make software political free.
Wot a shame.
It's surreal and unbelievable that anyone points out security concerns on free/opensource software, ignoring the fact that most proprietary ones are __known__ to __have__ backdoors for so long. If you're so concerned about being attacked by the chinese people maybe you should fear they can hack Windows, IOS, etc and not software that is organically more safe because anyone can inspect it. It's also not true that they're too large to be safe, since the bulk of the code used is shared between most GNU/Linux projects. Software security has never been and will never be a nationality issue.
Have you ever heard of NSA, Wikileaks and EEUU government hunt on Assange and Snowden? You missed all the Cambridge Analytica scandal stuff and you're still worried about the boogie man or even Stalin or Mao to come and spy on you? It's just stupid to take this anti-huawei movement seriously when it's obviously because no one can keep up with their breakthroughs on 5G, as it's happening on tech, economy and most fields now with china way ahead. So they come up with all this baloney. And what impresses me more is that they're accusing China of doing what americans have done for decades to the whole world, although that's ok. This is racism.
I'll end citing this news article entitled "Amazon Kindle users surprised by 'Big Brother' move":
https://www.theguardian.com/technology/2009/jul/17/amazon-kindle-1984
Don't you reproduce behavior on your surroundings without any critical thinking people. Here on the net people will notice you're being fed bullshit!
For the world's sake, I wish you prove yourselves more capable and smart than Trump and all those bootlickers that surround him.