charlieturner
Veteran Member
Above ground, and still breathing.
Posts: 37
|
Authored by charlieturner on Aug 11, 2014 22:45:16 GMT
NSA: Linux Journal is an "extremist forum" and its readers get flagged for extra surveillance Guess the subject line has a character limit. LinuxJournal exremistRather scary especially when you consider that the NSA contributed SELinux to the kernel. Guess they may not be happy with the effort to replace their SE with a community grown equivalent the spooks don't have backdoors in. Guess I will be visiting and reading at LinuxJournal as often as I can!
|
|
|
Authored by macrorodent on Aug 13, 2014 5:33:33 GMT
Agreed for most part, but I think you are quite wrong about SELinux. Nothing from NSA or anyone else gets into the kernel without close scrutiny of the source by the top kernel developers, and SELinux in particular was investigated and discused more than usual: It is security-related, touches many parts of the kernel, and because it came from NSA. If there were a backdoor, it would have been noticed. Besides anyone else can also read the source, and SELinux has been in the kernel for years. Any backdoors missed by the kernel developers would have been discovered by curios or suspicious users. It is not like Windows or iOS where the source code is hidden.
I suspect that if anything, NSA rues contributing SELinux. If used properly, it makes infiltrating a Linux box much harder.
|
|
|
Authored by wayneborean on Aug 13, 2014 15:25:51 GMT
I suspect that if anything, NSA rues contributing SELinux. If used properly, it makes infiltrating a Linux box much harder. Ah, but you have to understand the viewpoint of Law Enforcement in general, which is that: If you want privacy you must be a criminal, because the only reason you could want privacy is because you have something to hide.That's why PJ went offline. I'm pretty sure with her background she grokked this immediately. Me, well, I knew about what the NSA was doing in general terms twenty years ago. So did a lot of other people. There was enough evidence that far back in various places, if you got lucky, and read the right books. The problem was that nothing could be proven without a whistleblower. The NSA wasn't the only GA or NGA doing this, though they are probably the biggest. Wayne madhatter.ca
|
|
charlieturner
Veteran Member
Above ground, and still breathing.
Posts: 37
|
Authored by charlieturner on Aug 13, 2014 21:46:45 GMT
I had read somewhere in the recent past that the SE part was being rewritten without any NSA input just because there was suspicion of undiscovered back doors that have escaped notice. I can't find anything in my notes, bookmarks, etc. to support this, but it sure seems like I read that. Of course, I sometimes remember things that didn't necessarily happen. Darn this old age stuff!
|
|
|
Authored by wayneborean on Aug 14, 2014 8:32:16 GMT
I had read somewhere in the recent past that the SE part was being rewritten without any NSA input just because there was suspicion of undiscovered back doors that have escaped notice. I can't find anything in my notes, bookmarks, etc. to support this, but it sure seems like I read that. Of course, I sometimes remember things that didn't necessarily happen. Darn this old age stuff! Never mind the drugs. For most of the last year I've been on 60mg of Morphine. It helped with the pain, but the year is a blur. Wayne madhatter.ca
|
|
celtichackr
Veteran Member
Hacker, geek, all around technoaddict. Amateur Scientist (well except for those pesky degrees).
Posts: 51
|
Authored by celtichackr on Sept 5, 2014 3:58:49 GMT
Just to add my 2 cents from what I know of SELinux, and encryption and backdoors.It's not so much a backdoor that is worried about with SE Linux. The problem is with the algorithms. These are highly suspected to be using algorithms which the NSA has discovered as having weaknesses which reduce the order of complexity (solution space), but also that NSA knows that weakness and has penetration algorithms. It is very difficult to examine code or an algorithm and determine if it has a weakness in it's solution space. This can only be determined by a thorough testing of the algorithm. But this can only be done completely for simple solution spaces (which we don't want with security protocols). But with enough computing power and enough time testing one might find a class of algorithms with a weakness that reduce the time required to break a code. This is the reason for rewriting SELinux. NSA provided the algorithms, seeds, etc. with no explanation of proof of hardiness. Others have written a better explanation, than what I have here.
|
|