On Thu, Jun 14, 2007 at 03:22:11PM -0600, Telly Williams wrote:
I've heard all of this "talk" about how secure SE Linux is.
However, how secure can this thing be if it has been developed by the
NSA? I mean, wouldn't THEY know how to get into your computer? And,
it's the NSA! If this question sounds elementary, it's because I'm
still learning how to secure my computer(s). I'm not a nihilist, just a
little skeptical of how secure SEL is in reality (and the NSA). Thanks.
~Telly
Hmm. I am not sure if you are seriously asking or if you are trolling.
I guess the answer to your question depends on what you consider
"secure" and also whether you think that they have a reasonable chance
to be able to "sneak" something in.
To the first point, only you can answer that. To the second point, I
think that no such chance exists. The Linux kernel is one of the most
popular open source projects in the world. Arguably, more people work
on development on the Linux kernel than on any other open source
project. If someone tried to "sneak" something in, it *would* be
noticed. Now, if you were talking about a project with only a few core
developer, then maybe they could "sneak" something in. If that small
number of developers worked for the same company, even moreso.
Hmm, come to think of it, that sort of describes Microsoft (small number
of core developers all working for the same company). They even don't
release their source code, except under the most restrictive
circumstances (e.g., some select academic research labs). Also, don't
forget that the NSA gave a great deal of "assistance" with "security
matters" on the windows codebase prior to the release of Vista. I think
that you have much more to worry about from the NSA on Windows than you
do on Linux.
Regards,
-Roberto