LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Non-*NIX Forums > General
User Name
Password
General This forum is for non-technical general discussion which can include both Linux and non-Linux topics. Have fun!

Notices

Reply
 
Search this Thread
Old 02-25-2004, 08:41 PM   #1
vincebs
Member
 
Registered: Oct 2003
Location: Mississauga, ON
Distribution: Ubuntu 9.04
Posts: 494

Rep: Reputation: 30
NSA involved with Linux?


From linux.org

Feb 25th, 2004

Most stories about government deployments of Linux involve a distributor helping various federal and municipal agencies install the open source operating system. But in this case, a federal agency is helping Linux.

The U.S. National Security Agency (NSA), also known as the codemakers and codebreakers cryptologic division within the Department of Defense, has helped to harden Linux with newly-released Security Enhanced Linux (SELinux) kernel modifications.

The latest release, which updates the base kernel to 2.6.3 and 2.4.24, contains numerous significant improvements to security in the open source operating system. The SELinux improvements mark a major breakthrough for Linux. Because of the NSA's contributions to the kernel, the new security features will now show up in mainstream distributions of Linux.

---


The kernel additions will be open-source, right? I don't understand why NSA would contribute their security technology to Linux, which is free software and can therefore be exported anywhere, even North Korea, Iran, and Cuba. Now Khomeini, Jong-il, and Castro's computers are protected, courtesy of the NSA?
 
Old 02-25-2004, 08:49 PM   #2
randon
Member
 
Registered: Sep 2003
Location: Phx, AZ
Distribution: Suse 9.3 Pro
Posts: 146

Rep: Reputation: 15
NSA?

I wouldn't trust ANYTHING the NSA does, even if it's linux friendly. With friends like that, who needs enemies? If the NSA does anything with or to linux it will NOT be a good thing, they should keep thier nose out of the linux community and it's work.

RANDON
 
Old 02-25-2004, 08:54 PM   #3
witeshark
Member
 
Registered: Jan 2004
Location: Miami FL
Distribution: Mac OS X 10.4.11 Ubuntu 12.04 LTS
Posts: 429

Rep: Reputation: 30
Re: NSA involved with Linux?

Quote:
Originally posted by vincebs



The kernel additions will be open-source, right? I don't understand why NSA would contribute their security technology to Linux, which is free software and can therefore be exported anywhere, even North Korea, Iran, and Cuba. Now Khomeini, Jong-il, and Castro's computers are protected, courtesy of the NSA?
Well firstly, there's no reason not to. Like you said, it's open source anyway. It's a basic update that is inevitable, and castro couldn't program a toaster.
 
Old 02-25-2004, 08:56 PM   #4
snacky
Member
 
Registered: Feb 2004
Distribution: Debian
Posts: 286

Rep: Reputation: 30
Nonsense. Their distro is by necessity open source, so anyone can look through it for "bad" things, not that any of that conspiracy theory stuff is the least bit creditable in the first place.

I'm not a huge fan of the NSA, in fact I'd prefer to see the agency abolished, but by all accounts they did a good job with SELinux, and there's no debating the fact that they've provoked some interesting and useful security discussions. Clearly, there is a niche for it."Your tax dollars at work."

One of the good things about the open source world is that different organizations play with the software and try to tune it to new uses; the GPL requires them to share these enhancements with the rest of the community if they intend to distribute the results at all. Everybody wins.
 
Old 02-25-2004, 09:07 PM   #5
SciYro
Senior Member
 
Registered: Oct 2003
Location: hopefully not here
Distribution: Gentoo
Posts: 2,038

Rep: Reputation: 51
im defidently against the NSA, but as long as the code is examined big time forfore being added it might be good (note: defidently must examine it and see if theres any valnerablities or back doors as im sure the NSA would love to put a back door in linux and amke it eayer to spy on european companies and everyone in the world), on the other hand the code might be legitimate just to try and give them some credability, either way, it wouldent be smart to not look thru it and use what you can as long as your sure theres nothing wrong with it
 
Old 02-25-2004, 09:40 PM   #6
jludwig
Member
 
Registered: Feb 2004
Distribution: FC6
Posts: 32

Rep: Reputation: 15
Yo dudes just cause the name NSA is on the label doesn`t mean there are no hackers inside.
What a great excuse to have fun at the us govs expense. OR -----
None of you gets paid to program????????
 
Old 02-25-2004, 10:34 PM   #7
Crito
Senior Member
 
Registered: Nov 2003
Location: Knoxville, TN
Distribution: Kubuntu 9.04
Posts: 1,168

Rep: Reputation: 53
Quote:
Originally posted by snacky
not that any of that conspiracy theory stuff is the least bit creditable in the first place.
What theories? It's a FACT the NSA has been behind the push to incorporate intrusive spy technology into mainstream electronics. The Clipper and Capstone chips are just a few well known examples. Since their efforts to legislate mandatory use of EES (Escrowed Encryption Standard), a replacement for DES, was met by public outrage, they're now trying to do the same by working with the computer industry under the "trusted computing" guise. When they make the skipjack encryption algorithm EES is based on open source, please let me know. Until then the evidence suggests mistrust is warranted and any benevolent motives are merely theoretical. I mean, if they're not doing anything wrong they'd have no reason to be so secretive, right? Oh wait, I forgot that logic only applies to the general public, not their government. My mistake.

Last edited by Crito; 02-25-2004 at 10:48 PM.
 
Old 02-25-2004, 10:43 PM   #8
fatman
Member
 
Registered: Mar 2003
Location: PA
Distribution: Ubuntu (x2)
Posts: 158

Rep: Reputation: 30
The NSA loves linux for the same reason you do. They can comb through every line of code and make sure there are no vulnerabilities or backdoors. You think they like MS and the constant security problems?

Also: Just becuase something is open source, does not mean it is not subject to export regulations regarding strong crypto.
 
Old 02-25-2004, 10:48 PM   #9
Cruxus
Member
 
Registered: Aug 2003
Location: St. Louis, Missouri
Distribution: Debian 3.0r1 (2.4.18-5 i686)
Posts: 104

Rep: Reputation: 21
It sounds like a branch of the U.S. Department of Defense has actually done something right for a change. Last time that happened, I guess, was when they provided funding for research that led to the Internet.
 
Old 02-25-2004, 11:09 PM   #10
SciYro
Senior Member
 
Registered: Oct 2003
Location: hopefully not here
Distribution: Gentoo
Posts: 2,038

Rep: Reputation: 51
Quote:
I mean, if they're not doing anything wrong they'd have no reason to be so secretive, right? Oh wait, I forgot that logic only applies to the general public, not their government. My mistake.
,
crito, thats why im moving outa the US when i get the chance (still gota wait 2 year till im 18 ), well that and the lagal system is also curupt (cuse like the government )
 
Old 02-25-2004, 11:10 PM   #11
Crito
Senior Member
 
Registered: Nov 2003
Location: Knoxville, TN
Distribution: Kubuntu 9.04
Posts: 1,168

Rep: Reputation: 53
I think they're more interested in creating backdoors for their own use than plugging security vulnerabilities. I doubt seriously whether they use Linux internally for ANY mission critical operations. Of course, feel free to post their budget info and prove me wrong. Oh wait, I forgot, that's a secret too. So I guess your assumptions on why they love Linux will have to remain theoretical.

As to crypto export restrictions, you're absolutely correct. I'm confident others in the world can create their own "strong" cryptographic algorithms without the help of US companies, however. I'm more concerned about future import restrictions prohibiting Americans from buying products abroad that don't contain NSA spy chips. It's the next logical step in their Orwellian "security" agenda (security being doublespeak for eliminating privacy.)
 
Old 02-25-2004, 11:16 PM   #12
witeshark
Member
 
Registered: Jan 2004
Location: Miami FL
Distribution: Mac OS X 10.4.11 Ubuntu 12.04 LTS
Posts: 429

Rep: Reputation: 30
Lightbulb

Quote:
Originally posted by SciYro
,
crito, thats why im moving outa the US when i get the chance (still gota wait 2 year till im 18 ), well that and the lagal system is also curupt (cuse like the government )
SciYro: Let's see... If you don't ever do anything wrong, then you don't have to leave the US, and if you do, it's bound to be wrong there too!
 
Old 02-25-2004, 11:34 PM   #13
Crito
Senior Member
 
Registered: Nov 2003
Location: Knoxville, TN
Distribution: Kubuntu 9.04
Posts: 1,168

Rep: Reputation: 53
Quote:
Originally posted by SciYro
,
crito, thats why im moving outa the US when i get the chance (still gota wait 2 year till im 18 ), well that and the lagal system is also curupt (cuse like the government )
The sellouts who maintain the corrupt status quo don't love America, SciYro. They only love watching their bank accounts grow. Real Americans stand up for what's right regardless of the consequences. Anyone who tells you criticizing the government means you hate the U.S. is full of crappola. They're just self-centered ball-less cowards.
 
Old 02-25-2004, 11:41 PM   #14
witeshark
Member
 
Registered: Jan 2004
Location: Miami FL
Distribution: Mac OS X 10.4.11 Ubuntu 12.04 LTS
Posts: 429

Rep: Reputation: 30
Very good Crito! That's one of our major *let's solve it!* situations...

Last edited by witeshark; 02-25-2004 at 11:43 PM.
 
Old 02-26-2004, 04:22 AM   #15
snacky
Member
 
Registered: Feb 2004
Distribution: Debian
Posts: 286

Rep: Reputation: 30
Quote:
Originally posted by Crito
[B]What theories? It's a FACT the NSA has been behind the push to incorporate intrusive spy technology into mainstream electronics. The Clipper and Capstone chips are just a few well known examples. Since their efforts to legislate mandatory use of EES (Escrowed Encryption Standard), a replacement for DES, was met by public outrage,
Just to be clear, these are all either facts, or fairly reasonable conclusions based on very good evidence, which I don't dispute, but...
Quote:
they're now trying to do the same by working with the computer industry under the "trusted computing" guise.
This is not a fact, it's a conspiracy theory. And a rather silly one.
Quote:
When they make the skipjack encryption algorithm EES is based on open source, please let me know.
?! What the heck difference would it have made if skipjack had been open source, really? Since it's guaranteed the feds have a mechanism to decrypt all transmissions made with it, the security is broken by design, correct? Open source has got nothing to do with it. Skipjack, as it was proposed to be used, was inherently useless regardless of how good or bad the algorithm turned out to be.

As for the conspiracy theory stuff about SELinux, it is a verifiable FACT whether or not it has backdoors in it. (Of course, it's also true that nobody has to use it so I don't see why anybody should be so bothered by it if they don't like it...).
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
triple boot linux/linux/linux No Windows involved toastermaker Linux - Newbie 12 03-02-2006 10:40 PM
The NSA linux version x86 Intel suse91pro Linux - Security 2 04-30-2005 02:00 PM
NSA Releases High Security Version Of Linux jeremy Linux - Security 3 03-28-2005 07:24 AM
Linux: NSA style... r_jensen11 Linux - Security 29 03-03-2004 05:12 PM
Anyone ever use Security Enhanced Linux from the NSA? Whitehat Linux - General 6 01-06-2004 11:35 PM


All times are GMT -5. The time now is 03:16 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration