|
Linux: NSA style...
Anyone concerned about us getting "help" from the NSA with the security of the kernel? I know that it's all open-sourced, so we can see what they add in to the kernel, but how many people check it? I'm just a little anxious of anyone from NSA spying on my computer before I upgrade to SE, or whatever the newer kernels are called.
|
Linus and his tight band of cohorts audit every piece of code that passes their way. Without their say-so, there will be no contribution. Don't worry about it. Nothing gets in the kernel unless it passes Linus
|
From my understanding, the NSA is only releasing the SELinux source, so the code is fully reviewable. But so was the do_brk and mremap code that was found to be exploitable. I doubt intentionally exploitable code would slip past an audit. Call me paranoid, but I'd still rather not download my next distro from the same people who brought us echelon.
|
yea, same feeling, i think i might have to take a look at the codes myself before i use them, a nice long look
|
Well I have to agree. It might stick with kernel 2.4. in 5 years or so the new discovered exploits will not affect the 2.4 kernel. And I trust this computer to run for minimum 10 years. Before not being able to run anymore (I know it will be slow, but i can always buy me another computer also).
|
Quote:
What's to be so paranoid? We're talking about the most paranoid people in this country, and I think they would have much more important things to do than incorporate some malicious code into the kernel to their benefit. Personally I don't think I'll be installing it on my favorite box until I feel that it is satisfactory enough to do so. In the meantime, I'll play with it on my "play" box because the access controls are very interesting. I wouldn't suggest installing this thing to your best PC yet... Just my opinion though..:confused: |
they say it is secure kernel,but I don't trust,I think it is a food for the fishs
|
try it out on a box you don't care for or not connected to your LAN.
Until then, lets not make assumptions based on opinion.:rolleyes: |
SELinux is not a distro.
Maybe you should call the NSA and tell them that, because they have on their website: Quote:
What's to be so paranoid? We're talking about the most paranoid people in this country, and I think they would have much more important things to do than incorporate some malicious code into the kernel to their benefit. I'm sure they probably could find some spare time from their normal job of spying on the entire planet (including the monitoring of cell and telephone conversations around the globe) to fit it into their schedule. Nobody said you can't install it; in fact feel free to. Just not my cup of tea. Personally I would recommend something more along the lines of Tinfoil Hat Linux. But that's just my opinion.:rolleyes: |
try it out on a box you don't care for or not connected to your LAN.
Until then, lets not make assumptions based on opinion. I agree. Spread FUD and prepare to be slashed. |
Quote:
It's simply a kernel hardening system. Quote:
|
Sorry to burst your bubble but it's not.
It's simply a kernel hardening system. Dig around at the SELinux site. They offer a pre-patched kernel as well as a set of administration utilites and daemons for download, so calling it a kernel hardening system isn't entirely correct either. Actually most of this whole conversation is moot because a significant portion of the SELinux modules/patches/concepts are already incorporated into the 2.6 kernel. Will I use that, yes. Will I download a pre-patched kernel directly from the NSA, no. Is that based on any kind of fact, absolutely not. If I actually had something to be paranoid about, you could be sure I wouldn't talk about it on a cell phone or email. |
Quote:
|
i dont sue cell phone (they are proven to microwave your brane, long term DOES lead to hight risk for brain cancer), i dont use phones unelss i ahve to (government does monitor all the phone lines and records conversation with key words, NSA does admit to that, (i think it was them?)),
as far as im concerned the only remotly secure conversation is in person, and when need be to sue comunications, ONLY USE CABLES!, once your online its smooth sailing as they cant monitor every internet activitiy, just too much for any computer to handle should i also say i dont like going outside? and i dont think im paraniod, im very cusious, so cusious i used to sleep with a knife close to my bed (until my mom got rid of it! ERR) Quote:
will they take the time to try and sabatoge a system were anyone can get and use what they call "illegal" encryption ? (i dont see why they are concerned, they ahve techonology thats always at elast 1 step ahead, they block any and all new technologies wich they arnt ready to deal with and teh government can and does kill people off it doesent like i think the NSA is onea the most likly organizations to try and sabatoge all puplic versons of linux in one way or another, they are like the church of the new age (no offence to ya christian folks) |
You obviously don't know what you are talking about, so just stop now.
:tisk: It's better to keep your mouth shut, than to open it and remove all doubt. The pre-patched kernel they are releasing is OPEN SOURCE. I don't think I should have to repeat that, and I will fight the urge to do so. If you know anything about programming, then you can skim over SELinux's code for anything suspicious. OTHERWISE, let's not turn this into an organization bashing thread based on personal paranoid logic, and absurd assumptions based on facts that none of you will go into detail about. An organization that while spying on it's own country, for obvious reasons, does one hell of a job of attempting to preserve our rights and freedoms along with the rest of our government. Let's just keep in my mind that we are all on the same team here.:rolleyes: |
| All times are GMT -5. The time now is 11:32 PM. |