NSA Inside? 157
Newsforge has an article covering a talk given by two of the developers working on NSA's security-enhanced Linux. It seems the NSA has plans to offer kernel code to implement mandatory access controls, a level of system control which goes beyond the normal user-based permissions. Sure, the code would be vetted thoroughly before it could ever make it into the kernel, but....
Re:NSA is Helping Itself (Score:1)
Poor choice of words there.
Re:NSA Inside? So what? (Score:1)
You have no way of knowing...
Ahem... some of us can read C and actually understand it.
They can't release any binaries without releasing the source code since Linux is licensed under the GPL. I'm sure Linus and/or some of his moby hacker pals will read this code before merging it. Others will read this code after the initial merge. Most of us will understand at least most of it, some of us could probably reimplement it from scratch.
I wouldn't worry too much, but do be suspicious of authority :)
Re:further decreasing flexibility? (Score:1)
You guys, I swear.....
Congratulations. You've invoked Godwin's Law. (Score:1)
--
* CmdrTaco is an idiot.
Nope, it's a good thing (Score:1)
So? If they give us something which only they can crack, we're still a lot better of than without it. They can get in anyway. As can many others who would not be able to bypass the NSA stuff.
As long as you get to see and change the source, so there really is no need to fear the things they give you. At most it's the ones they do not give you that should worry the paranoiacs out here.
--
all your lame are... (Score:1)
-reemul
everything I know, I learned by killing smart people and eating their brains
Re:They're helping Linux because... (Score:2)
So don't count on it always being possible to brute-force crack things.
On the other hand, with any of the public key systems, there is always the chance that someone may discover a was to compute the inverse function that is less computationally intensive than brute force. For instance, a breakthrough in factoring could render the RSA cryptosystem useless. There is no proof that such methods are impossible, though most mathematicians think it unlikely that any will be found.
fool (Score:2)
Re:Changing of the role? (Score:2)
I very much doubt it. Listening in on phone conversations, military radios, and the like is still the NSA's responsibility, and I'd suspect that they're even *more* important now than they were before - for one thing, the massive increase in mobile phone usage must provide the NSA with all sorts of interesting information. . .
Re:A good plan (Score:1)
mean that MAC labels should also be removed from
files? They are two different beasts - I'm not
sure why you mentioned them in the same context.
Regardless of whether the ACLs and MAC labels
are stored with the file or seperately, the
file system will still require some modification.
The NSA are proposing are different MAC
scheme to the traditional orange book,
based on various research projects and
experience. I haven't yet installed it
but I am very interested in just what
the differences are.
I think that any concern about NSA adding
MAC to the linux kernel is almost certainly
misfounded, as long as they can make it an
optional module.
Re:We don't need NSA's assistance (Score:2)
(b) When I went looking for security, it took
two searches to find RSBAC
(c) It's been discussed on Linux Kernel a few
times.
(d) It's been announced on comp.os.linux.announce.
Collaboration at this stage wouldn't gain much- the security framework piece of RSBAC is in place, compartments, role-based computing, the privacy model, malcode detection, etc. is already in there. An entire new project to do the same thing is very counterproductive. We'll just fire up a project without seeing what's already out there doesn't sound that feasible to me, especially from people who would supposedly be hooked on Bell-LaPadula, and follow research in that area. Finally, the RSBAC guys presented at NISSC one year (1998) when the first module (Privacy) was done, and that's NSA's own security conference.
I'm not surprised that people who probably don't look for compartmented OSen by default haven't heard of RSBAC, I am surprised when an organization which spends significant money on such commercial systems ignores three or four years worth of significant work in that direction.
Paul
We don't need NSA's assistance (Score:3)
http://www.rsbac.org/
RSBAC is already there, an NSA sponsored project doesn't seem to have much additional value to me- seems like they should spend my tax money on something that's not a "me too" project. Maybe they could help Verisign hand out certificates?
Paul
They're helping Linux because... (Score:3)
They'd rather make it uniformally hard to crack so that ONLY somebody with the resources of the NSA could attempt real-time decription.
Remember, security consists at least as much of keeping your cards close to your chest as of getting a peek at what the other guy is holding.
The 'Net is evolving into something that will use biometric information to grant (and track) access and to encrypt and decrypt. 64 bits on every desk top and a finger pad for authentication and a microphone for further authentication and as part of the UI.
All mathematical algorithms have a fundamental security hole. Anything that depends on computational difficulty to maintain security will be cracked with sufficient resources. PGP isn't if your foe has tens of thousands of processors.
Biometrics are fundametally existential. They are enormously wide keys that are reproducable and verifiable. Using them for encryption insures that you KNOW who the intended recipient is. Using them for decryption insures that you know who the sender was. They are based on what you ARE not just on what you, and anyone else, can know.
But wasn't Linux communist? (Score:2)
------------------
This is a good thing. (Score:1)
Due to the nature of open source, having the NSA slip a "Back Door" in is VERY VERY VERY unlikely. About the only ways I can consider this is similar to the techniques in Cracking DES [oreilly.com] and including an encryption/transmission scheme that seems secure just like DES did. (For more information, read the book.)
However, the NSA wants to keep citizens in the U.S. secure because its their job to spy on other countries. The NSA probably wants American businesses to be secure!!! Especially if foreign countrys are developing more secure solutions faster than the U.S. you better believe that the NSA is concerned!!
Anyhow, the NSA does not so much care about breaking in to a system as they do intercepting transmissions between systems. They are after information in foreign countrys, they are not out for scoring points like:
"31337 Jo3 r00t3d j00! H4R!!! 3Y3 w3rk 4 th3 NSA h4r h4r h4r!!!!"
As long as they can obtain the data that they need, and can crack/analyze it, they just don't *CARE* about owning anyone, it's not their job.
Um, anyone read the Rainbow series lately?? (Score:2)
The end result of this may just be a B-level certified Linux kernel, which would rock the house, and WinNT's C2 certification level (which, mind you, is useless--it's a certification for computers disconnected from a network)
Re:This is a Good Thing (Score:2)
The NSA has two jobs, SIGINT is one, the other is the exact opposite -- keeping things secret on behalf of the US government (and industry).
Will the Russian government trust their secrets to a system designed by the NSA? Doubtful, even if it is hack-proof. But by building a turnkey system that immediately makes it easier for OUR armed forces and government agencies to keep secrets (with the added bonus of being able to make it available to any American corporations) is a great opportunity for them.
Also, keep in mind that the NSA has a job so long as secrets exist. The US military learned the long way that the same people who build our missile systems build missile defense systems that make them impotent. You're guaranteed a job so long as one side of the equation doesn't advance too far ahead of the other.
Its an interesting conundrum -- having two diametrically opposed requirements for doing your job, keeping secrets or cracking them? You just learn to do both better all the time...
---------------------------------------------
Re:Why the paranoia? (Score:1)
Moral: It's happened before, so it could happen again. Don't let your guard down. (OTOH, it could be really great, so don't just turn it down, either!)
Caution: Now approaching the (technological) singularity.
Re:Welcome to the free world! (Score:1)
I think you nailed it. This is the NSA wanting to give back to the community. I'm not seeing the problem here.
In this case we have every capability to look the gift horse square in the mouth and make sure the teeth are all straight and pearly white (or whatever color a horse's teeth are supposed to be).
If this was any other government agency (of any other government, for that matter) we'd be embracing this.
rocketscientist.
I don't see the conspiricy (Score:1)
But to just say no becouse it is the NSA, well that just does not make sense at all. If you know of another, better solution for this type of code, I would love to hear it. Or if there is a better reason than "it's the NSA" please let me know that also.
why would NSA need a back door? (Score:2)
besides, if NSA wanted to backdoor systems, doing it to apache or something would work better: network traffic is normal. its easier to remotely connect, probably less eyes looking at apache than at the linux kernel.
i don't believe NSA would do this, but if they did, i think they wouldn't put some elaborate backdoor into the kernel.
Re:Binaries are already in the Linux source (Score:2)
Re:But *WHAT*?! (Score:1)
Re:But *WHAT*?! (Score:1)
Re:This is a Good Thing (Score:2)
But it'd raise the bar for hackers, organizations without the NSA's govermental power would have to hack in to get what they wanted and MAC would mean that they would find few easy targets.
Re:This is a Good Thing (Score:2)
So they'd use TEMPEST and other non-invasive methods to decide if you looked like a criminal. Then they'd take the computer and prove it. (and maybe take you too...)
Re:This is a Good Thing (Score:2)
But the point is that large government agencies don't bother hacking into a PC to collect evidence. They simply show that you're acting suspiciously (using encryption, etc) and they come and take it. They may have to wear a different TLA while they do it, but it gets taken.
The more-secure OS thus isn't a barrier to them. But it is a barrier to smaller countries' intelligence departments as well as groups like the mafia, terrorists, etc.
So it doesn't hurt them, and gets in the way of the groups/agencies that they oppose. Win/win from their point of view.
Re:This is a Good Thing (Score:3)
This is seperate from encryption. The NSA could come and take your HD with a MAC-enabled filesystem/OS on it and read all the files, by simply sticking the disk in another computer and reading the raw data.
But it'll make the computer more resistant to penetration. This wouldn't stop the NSA, they'd come through the front door with guns (and FBI agents) and simply take the computer, access controls be damned.
It helps 'us' by making 'our' (I'm not in the USA) country's computers more resistant to foreign spying, and lets them establish a secure OS (unlike Windows where it's hard to say what the source of a particular version is) that they can use for medium to low security jobs. (Beyond which you simply use the airwall method.)
Does it matter where it comes from? (Score:3)
I think that this has great potential, though it will probably slow down the system some (the article mentions anywhere from 1% to 10% slowdown). Sure, that wouldn't be great for my 133 running Linux, but a faster computer probably won't notice too much. I assume that it can be turned on and off as desired by the admin.
If it helps to make Linux better, I really don't care if the NSA came up with the code (if fact, I'd probably trust their code to be more secure, especially if they start using the result).
Re:Why the paranoia? (Score:1)
It wasn't gcc, it was the Unix C compiler (pcc I believe). It hit not only the C compiler but the login program. For more info on this, see Ken Thompson (one of the original authors of Unix)'s paper "Reflections on Trusting Trust" [acm.org]
He later fessed up to actually implementing this, though I can't turn up that reference off the top of my head.
Sumner
Snowballing certification? (Score:2)
I could see a time when a Slashdot headline reads "Kernel 2.6.4 Certified B2" (yes... I know only specific Systems (as a whole) are certified, and not OS. Wouldn't stop Slashdot from publishing though
Re:We don't need NSA's assistance (Score:2)
I agree. I've been working with, and administering Linux systems for over 3 years, and this is the first I've heard of the project. Perhaps pooling of resources would be most beneficial. Of course, if there is anything that I've learned watching OSS for 3 years, pooling of resources ain't likely to happen (Linux vs BSD, KDE vs Gnome, Perl vs Python). People like to scratch their own itch, not work with someone else scratching a combined (but slightly different) itch. That is probably the main shortcoming of OSS (not a flame, or troll, just an observation). Of course the fact that you CAN do that is also one of OSS's major strengths. I just love paradoxes
Re:Openness and the NSA (Score:1)
integer factoring problem soon. I like this
new, open NSA.
CNN (Score:2)
I think that show was hosted by Jonathan Mann (sp?), so maybe it was Insight. Don't have time to look it up on the CNN homepage, but if there's a rerun, watch it!
A good reason for this... (Score:2)
When I worked on secret projects, the government requirements for different levels of secrecy really prevented people from using current software and hardware. You just didn't have the luxury. I remember doing lots of typing into 500 pound tempest-approved terminals where the thought of a workstation... well, you just had to get over it.
Think of all the techies lost in the bowels of some government projects sitting at some albatross of system just salivating for an NSA-approved version of linux that they can use... at work!
(let alone the techies that will never work on goverment projects for the same reasons.)
This doesn't apply to just the NSA, it's other government agencies/military and LOTS of outside companies that work on military projects or within their requirements.
I wonder if their perl runs with taint checking always...
Re:Trust the Source, Luke (Score:1)
Turnabout is fair play -- the Linux community have been doing this for quite some time regarding Windows.
Simon
hey, maybe the nsa is actually trying to _help_ us (Score:1)
Re:This is a Good Thing (Score:2)
Well, except... (Score:1)
However, I agree that submitted source should be considered for inclusion. I've worked on systems that had MAC. I've always felt a need for more granular security than all(root) or nothing.
However, I have never felt that the NSA serves the constitution. More likely "National Security is more important than the Bill of Rights." Who do we allow to make this decision without checks and balances. No such agency? Where does their budget show up? If you don't consider them a threat to privacy then maybe I should contact a friend there and post what p0rn sites you've been surfing.
Oh, and BTW: Kennedy Clinton spy Ft. Meade FBI terrorist South Africa World Trade Center plutonium kibo Delta Force Qaddafi genetic counter-intelligence NORAD, CIA Waco, Texas ammunition AK-47 PLO North Korea counter-intelligence class struggle [Hello to all my fans in domestic surveillance] Nazi assassination Ft. Bragg smuggle Treasury kill bubba cigar monica John Gilmore Lennon Lenin terrorist javascript popup
Re:The Real Reason (Score:1)
Re:Why the paranoia? (Score:1)
-----------------------------------------
Re:This is a Good Thing (Score:1)
Makes you wonder if they have something like the compiler-login trick up their collective sleeve.
Good thing (Score:2)
But *WHAT*?! (Score:2)
What's yer beef? Are you worried that Linus and Alan and company are going to miss if (!strcmp(pass_entered, "N$A_ru1ez")) uid = 0; somewhere? Is the idea of NSA contributing to the kernel somehow distasteful?
Are you too proud to accept help from The Man?
Re:The NSA is very concerned about computer securi (Score:2)
That would be nice, considering they are largely responsible for the current lack of security. Without their opposition, encryption would be near-universal by now. Instead, you have to do quite a bit of work to set up PGP or an equivalent, have difficulty communicating with others who don't use it, and be looked on with suspicion because "obviously" anyone who goes to that trouble has something to hide.
A current example: Mac OS X doesn't ship with ssh. Even though the encryption regulations have been weakened, you still have to send in forms to the NSA to be able to distribute encryption software, and some flunky at Apple didn't get them in on time. Of course you can easily build ssh (http://www.stepwise.com/Articles/Workbench/2001-0 3-21.01.html), but many people will not. Because of the NSA's support of immoral and unconstitutional encryption laws, thousands of OS X machines will not be as secure as they should be.
Re:This is a Bad thing (Score:2)
Not really. The NSA has an interest in helping American networks more intrusion-resistant. It has an interest in preventing DDOS attacks on various nodes of the internet which will become more and more important to our way of life. It has an interest in keeping files locked up on American computers only on those computers. This is national security. If it's harder to hack their job is already easier - catching the crook is a subordinate goal to preventing the crime.
Re:Remember the DirectTV GAME OVER? (Score:1)
I'm sure that whatever the NSA has to offer would be checked pretty thoroughly before even being added to the kernel tree.
Re:NSA is Helping Itself (Score:2)
Re:Sounds familiar (Score:2)
Never think that *any* statement can't have a sinister conspiracy attached to it.
DB
Re:Welcome to the free world! (Score:2)
DB
Re:This is a Good Thing (Score:2)
Nope, MAC also makes deliberate spying more difficult. Nobody can downgrade the security clearance of a document, not even its owner/creator. Thus, even if a spy somehow got access to a MAC protected file on the computer, he would have a very hard time smuggling it out of the system. MAC would make sure that he can't just e-mail it to his hotmail account, or ftp it to some non-secure site. In a properly set up MAC facility, even printers have MAC ratings associated with them: you can't print top secret documents to non-top secret rated printers. And only printers in physically secured rooms would get the appropriate rating.
A craftful spy could still get data out (copying it by hand on a sheet of paper, photographing the screen), but it would be a much bigger hassle, and it greatly augments the probability of getting caught.
Re:Highly dubious idea. (Score:1)
You mean the people who wrote the rest of the Linux kernel?
Re:NSA is Helping Itself (Score:1)
Well, first off, I'm not sure that it's even legal for a government agency to conduct so much as a bake-sale, as this would place them in competition with the private sector, while still retaining the advantages of being a public sector (government) organization. I don't know this for sure, however, so I might of just pulled that out of my ass. Anyway, I think the point is rendered moot when you consider the fact that a) the NSA employs more mathematicians than any other organization on earth, and b) the NSA also purchases more computer hardware than any other organization on earth. In other words, they manage to attract and retain a large body of presumably well-salaried people despite all of the hassles involved in working in that sort of paranoiac security environment, and they blow something equivalent to the GNP of a small dictatorship on toys each year. I don't think their hurting for cash, or ever will. . .
Re:NSA is Helping Itself (Score:1)
Yah, albeit a scary experiment for the rest of us, if the government in question was willing to part with any of its more gruesome munitions (I'm thinkin' Russia, here . . . or, for that matter, the States, who 'deal' in military aid on a pretty hefty scale, which I guess you could argue would be a form of barter. Not like they're doing it out of the goodness of their hearts, or anything.)
Mod up! n/t re:jerry springer does slashdot (Score:1)
Lameness filters can be a pain in the ass.
willis/
Openness and the NSA (Score:1)
-Moondog
NSA backdoor? (Score:1)
[NSA] coordinates, directs, and performs highly specialized activities to protect U.S. information systems and produce foreign intelligence information.
A security enhanced kernel is a good fit with their overall mission. A kernel with a backdoor does not fit well with this mission at all.
I'm not suggesting that these changes not be scrutizined, they should be looked at very carefully. Let's look and see what they have to offer before we make up our minds either way.
The NSA is very concerned about computer security (Score:2)
Sticking all sorts of neat security gizmos in Linux had better drive the commercial companies to keep up, or they'll end up getting left in the dust. It'll also raise the bar for the assorted free programmer camps AND provide example code that can not be embraced and destroyed by any single given company.
You're probably right to suspect that they're up to something, but perhaps this time their goals are in line with ours.
Re:A sign of changing times (Score:2)
None. Zip. Zero. That's not the point. MAC is primarily used by military and intelligence places. MAC is not about preventing people from rooting your system (OpenBSD is probably equivalent to a B1 or B2 system as far as penetration resistance is concerned). MAC is about preventing user A, who knows secret S, from giving it to B, who is not authorized to know S. Computer security != crypto. Having a license-free, open-sourced, B2 rated OS would be a real win for the federal government as far as costs go.
Targets using 128-bit or higher encryption- how long would that take to crack on 10k clustered machines each with 64 Alpha chips?
A very, very long time. Here's an example: say you constructed a Dyson sphere around the sun, and used _all_ of the energy you collected to power a computer whose only purpose was to increment a 128-bit counter from 0 until 0xFFFF....FFFF. That would not finish before you die (this derives from thermodynamic arguments, not current or forecasted computing power). Actually running a cipher key schedule, decrypting the blocks, and figuring out if they're the plaintext will take much more time.
128 bit crypto is "good enough", because it will be much simpler to break your security in other ways. If I want your data bad enough, I'm not going to try to brute force even a 64 bit key; I'm going to come to your house and start breaking your fingers until your tell me what I want to know. Or I'll root your systems through conventional means and trojan your binaries. Or break into your office building and replace your custom hardware with stuff that is really weak. Or (if I'm the government), arrest you and give the options: a) tell us everything, or b) go to jail for a long time. All of these options are much more economical.
The analogy commonly used for this situation is putting a giant spike in the middle of your yard in the hopes that someone will run into it (this spike is called "crypto"). It doesn't matter if the spike is a mile long or 2 miles long, if someone can walk right around it and climb through your unlocked window.
Re:Do you want (Score:1)
=\=\=\=\=\=\=\=\=\=\=\=\=\=\=\=\=\=\=\=\
Re:This is a Bad thing (Score:1)
The point made in the article about helping out national firms is bullshit. If they release this open source, then they are helping both US firms and firms abroad, as well as anyone who would want to try to circumvent these protections.
The most likely story is that this tool is something the NSA would like to use, but is not brought to the level of functionality to make it truly secure from the NSA itself.
I do agree that there is likely no backdoor. Clearly, they would not be so stupid to put in something like mail(root_password, "password_harvester@nsa.gov"); in the code.
And imagine that they managed to put a backdoor into the code that was so subtle that it could not be seen in any localized portion of the system. Chances are, if it ever gets implemented in Linux, these subtle features will get changed enough in the process of code integration, that they will no longer be functional.
Slashdot not reading Slashdot, again. (Score:2)
Re:damn javascript popups!!! (Score:1)
Yeah, ultra-fundamentalist Muslims frequenting places where pornography is distributed... Next thing you know they'll be holding monthly terrorist meetings at Al's Big House of Liquor. ;-)
--
News for geeks in Austin: www.geekaustin.org [geekaustin.org]
NSA (Score:1)
Jerry Springer does Slashdot (Score:2)
A sign of changing times (Score:1)
Today, any decent group (consisting of a sys-admin, a mathematician, and an engineer) could design and implement a hard, impenetrable system. E.g. Someone offers you $1MM to spec a drug cartel's computer/communication system: it isn't that difficult anymore... figure one-time pads, redundant hardened sites, physical data-distruction systems.
The offensive role is reduced to looking for errors: misconfigured systems, compromisable humans, etc.
The defensive role is similar: make it hard for aggressors to get our data due to known vulnerabilities. Put the security on a sound mathematical foundation, and educate sites to reduce the chance of physical intrusion.
It makes sense for the NSA to work on good defense: in theory, the USA is the superpower of the world. We have more to lose than anyone else if our various government and commercial groups implement their own insecure, ad hoc security systems. Release a good system, our enemeies already have them.
Re:A sign of changing times (Score:1)
Well, If I were designing the system: trusted aides transmitting the pad on DVD, or whatever. Independant observers to check for interference. Pad is invalidated if any "risk condition" arises.
Maybe the list was hand written and a partial copy is on the piece of paper underneath the top. Maybe they use PGP to exchange one-time pads. Maybe the code for generating the one-time pads isnt that random. Maybe they mess up and use the wrong pad. The underlying system theory may be mostly secure, but can a perfect implementation *ever* exist? I don't know.
No perfect system exists: that's why we have an expert group design it. We avoid pad resuse, non-random pads, and pad-interception though state of the art defenseses.
Whats more, lets say a machine on the scale of ASIC. Targets using 128-bit or higher encryption- how long would that take to crack on 10k clustered machines each with 64 Alpha chips? I have no idea, but I am not convinced that certain encryption will forever be unbreakable.
Damn straight: anything less than one-time pads are an invitation to getting yourself compromised.
Security is an ongoing art. Dont you agree?
Yes. Physical security is. Theoretical security is solved. High level security penetration is little more than bribing cleaning ladies.
If you can't trust the NSA, reverse engineer it. (Score:3)
1) They posted under their own name, not anon.
2) They posted tech info on how it works, helping anyone who wants to find a backdoor.
3) They're really not that stupid. Honest.
It's far more likely that this is a cheap trick to help them sneak a back door in later; partly by wasting good paranoid community coders on an obvious red rag, but also by building trust through honest code. You can't stab someone properly unless they trust you first.
If you really don't trust them, do a 2 part project:
1) Read everything about SE, then write a full spec of it's API and operating principles.
2) Write a clean version to the spec and GPL it. Preferably the coders for part 2 should not have seen the NSA version.
You don't have to trust them if you don't want to.
Where did that originate? (Score:1)
Highly dubious idea. (Score:1)
Re:Challenge to GPL? (Score:2)
Re:NSA is Helping Itself (Score:2)
For the most part, government agencies are prohibited from selling ANYTHING. Surplus Government owned or produced [physical] property must be sold of at public auction. Under the FOIA, any Government intellectual property must be given to anyone who asks for it, and they are prohibited by statute to charge anything other than a nominal duplication fee. The copyright of anything produced by the US Government belongs to the citizens of the United States.
Re:Off-tipic but might be relivent (Score:2)
Re:This is a Good Thing (Score:2)
Secondly, NSA is not a law-enforcement agency. Their purview is electronic intelligence, period. They gather information and pass it on to other agencies. They don't arrest people. If any doors need to be kicked in by gun-toting, jackbooted thugs, the work is farmed out to the FBI or CIA.
This is a Good Thing (Score:5)
Then there is the other option - that they are sincere, they want a really secure operating system, they like the design and abilities (as well as as the lack of licensing issues) associated with Linux, and they are scratching their own itch for a really secure system by contributing this design and code. Once in a while the public interest happens to work well with some professional agendas. They may see Linux as a good group of people to harden the code with.
Consider, also, that if they are sincere with Linux users hammering on it they could probably create a STRONG solution, stronger than most other free software programmers. These guys know how it works. This could be a golden opportunity.
Geek dreams are made of things like super secure systems. I'm excited by this. Also, I think the threat, if any, is minimal If worse come to worse, Linus could include a compile option to not build it in - although I doubt it would be necessary. Let's give them the benefit of the doubt, examine the code carefully for both our benefit and theirs, and do some cool stuff with it!
Re:This is a Good Thing (Score:2)
Umm, no.
The FBI and ATF are like that, NSA will use TEMPEST to read the EMF of your computers and tap your phone lines and decode all those SSH and SSL encrypted connections. They might also do a stealth break-and-enter job, but with the above abilities, that very likely isn't necessary.
NSA can bget your data and YOU WON'T EVEN KNOW IT. Funny thing, intellegence gathering works better when the subject doesn't know about it.
Mandatory Access Control vs fine-grained security (Score:4)
Mandatory Access Control means one user is PREVENTED even from consensual sharing of info with an untrusted user (Discretionary Access Control only stops nonconsensual information sharing).
Fine-grained security means you can be more explicit about what rights a given process can have - i.e. something better than the current UNIX system.
Allowing certain processes selected by the admin to, for example, bind a reserved port while not having full root privs is fine-grained security, but NOT Mandatory Access Control. They can both be good, and they can work together, but they are different.
Mandatory Access Control is NOT a panacea - there are always covert channels to worry about. Safest thing is to allow only one security level on a given machine (e.g. no machine can have both Secret and Top Secret data on it).
Welcome to the free world! (Score:3)
Think long and hard about what's more important - the Freedom of Open Source Software, or is it the software itself? If the former, we must disregard any possible negative impact on the latter...
Challenge to GPL? (Score:2)
-Nev
Re: (Score:2)
Comment removed (Score:3)
This could set a new record (Score:2)
If Linus accepted an NSA key into the kernel...
You would see the fastest code fork in *nix history.
Re:This could set a new record (Score:2)
Ok now that I have read the article. This looks like it could be usefull.
Just check the code very carefully
If the govt really wanted access to every system then they would legislate the use of Win9x.
You have to admit though that the name Mandatory Access Control [MAC] is somewhat suspicious.
damn javascript popups!!! (Score:4)
Re:damn javascript popups!!! (Score:2)
Well of course they are going to collect as many pr0n sites as possible
They need to find those encrypted messages [usatoday.com] from terrorists
Re:hidden doors (Score:4)
I believe the primary provision is to not use their code.
Blatant Troll ... (Score:2)
I mean, come on. It's not new. We've already had at least one story on this and the interview doesn't add any real info. Trying to generate some more click throughs? Maybe the Mac stories haven't generated enough flames?
Changing of the role? (Score:2)
The NSA has been, since its birth, concerned with national security. Now that the "Cold War" is over, there is less of an outside threat to be concerned about. Almost any useful intel now is likely to come from the CIA.
It comes to reason that with private corporations working on some of the most secret government projects (Hell, ASCI White wasn't exactly made by the DoD), that defense has to be re-focused. And with computer crimes beginning to tax the US economy heavily, what better way to make national security investments more productive?
I'm obviously leaning onto a thin limb when I say this, but I believe that the NSA is going to become more concerned with protecting computer systems than cracking them over the next few years. After all, the aim of the govenment is to do what is most effective, and it looks like securing data may help things out more than stealing it...
Of course, the NSA may just be trying to boast a better public image with all of this Echelon stuff going on, eh?
I can't be karma whoring - I've already hit 50!
Re:NSA (Score:2)
Oh, and don't forget boys and girls, this is from the company that releases security patches which cause holes. Sure this is M$ bashing, but the fact is that M$ has created a product that, when used as a server, is unacceptable. Even as a client, M$ products have caused problems - note today's story about the SatireWire article. The simple reason for this is that only a limited number of people are able to see if there actually are any bugs and fix them. And if they won't let you join them, you might as well beat them, eh?
Basically, don't trust somebody from Texas to give you directions when you're in Maine...
I can't be karma whoring - I've already hit 50!
Re:Changing of the role? (Score:2)
And how do you protect something you can't crack? You don't make stupid mistakes. If you can see everything, then you know everything, right? Hard to hide flaws in source code...
I can't be karma whoring - I've already hit 50!
Government adoption (Score:2)
Bring it on.
I really doubt there's a back door in this version (Score:2)
Right now most people would be apprehensive to say the least to run any code from the NSA without looking through it first and this general mentality will probably remain for the first few software releases from them, but at some point they will achieve some level of trust so that the amount of eyeballs looking through the code will begin to drop off. That is the point that the NSA could start sneaking in some sort of backdoor. They probably wouldn't suddenly include the entire code at first either. Maybe just a couple new lines in version 5, another 3 in version 6.5, and so on, allowing time for the people still looking through the code to see, test, and pronounce individual lines by themselves benign until they have the whole package in there.
Of course they'd eventually get caught if they tried it but probably not before some famous Linux users like China or some terrorist group had been lulled into trusting the security of the NSA's additions to the code and deploying it on their systems. I mean the NSA doesn't like in a vacume, they know about China and Germany rejecting many kinds of commercial software because of possible security problems and if the NSA has been spying though a backdoor in closed source OS's they wouldn't let a window like that dissapear without at least trying to keep it open.
This could all be a bit of needless paranoia on my part and i hope it is, but like i said earlier they got some really smart people at the NSA and if anyone could and wanted to sneek in a backdoor they could.
btw- please forgive any spelling errors
Binaries are already in the Linux source (Score:2)
Another question is that Linus will never accept binary-only code when it comes to security.
Why the paranoia? (Score:2)
NSA is Helping Itself (Score:4)
NSA Inside? So what? (Score:5)
But what? In this instance their motivation is almost certainly to allow a widely available OS to be certified to a sufficient security level that it can actually be used in the same situations where certain US agencies might normally buy in NT, AIX or such.
If they *really* wanted to plant a back door, in no way would they want their name so obviously traceable to the actual patches they submitted - they'd do it 'anonymously' and you'd never know. How do you know they haven't already done this? Or that GCHQ, or Mossad, or the Russians haven't? You have no way of knowing, but we just have to trust that any attempts at sabotage would be obvious in the source.
NSA (Score:2)
What does that tell you about Linux security, why would the NSA be working on Linux kernel? Most likely they're using Linux on their systems, (or most likely, a OS they made for their own purposes, who knows).
Suggestion (Score:2)
The NSA provide their design for an access control system, in detail. Other , non government-affiliated coders (the more paranoid the better) write the actual code. The NSA then audits their code and confirms that it meets the specification. The government and corporations get their NSA approved secure linux, the paranoid know that no actual NSA code is in the kernel. Or wouldn't this be workable?
binary (Score:2)
Re:Slashdot not reading Slashdot, again. (Score:2)