Re: NSA's Secure Linux Distribution
On Fri, 22 Dec 2000, Jacob Kuntz wrote:
> from the secret journal of Britton (fsblk@aurora.uaf.edu):
> >
> > Pardon my paranoia, but even if it was worth making all the changes they
> > are talking about (which are pretty extensive), I'd want to see anything
> > coming from the NSA audited carefully before being included.
> >
> > Britton Kerin
>
> you're pardoned. i'm sure we're all a little wary of No Such Agency right
> now, with carnivore and all.
>
> but what fact are these fears based in? would the nsa really plop a backdoor
It wouldn't be paranoia if it had a basis in fact :)
> in an opensource project, hoping it missed and accepted with the rest of the
> code? i doubt it. their whole (advertised) motive was to protect against the
> possibility of Trusted (AIX|Solaris|PalmOS|whatever closed os) going belly
> up.
Agreed. But past things like the weird unexplained DES s-boxes show that
NSA is at least not afraid of doing things that are blatantly suspicious.
And a lot of insiders there have the attitude that no one outside a
project ever really looks closely enough at things to detect problems
unless something is noticably broken. With Linux and open source that
assumption is probably more wrong than ever before, but still with a grain
of truth in it.
> of course i plan on running this monster on a throwaway machine before i
> make form any real opinions.
Good thought. I guess if it seems to work we could offer an alternate
kernel package, and perhaps one huge package with all their patched
utilities or something? Trouble is a lot of them are kind of buried in
other debian packages and would not be easy to substitute for.
> jacob kuntz
> jpk@cape.com
> underworld.net/~jake
Britton
Reply to: