The NSA, the original primary developer of SELinux, released the first version to the open source development community under the GNU GPL on December 22, 2000.[6] The software was merged into the mainline Linux kernel 2.6.0-test3, released on 8 August 2003. Other significant contributors include Red Hat, Network Associates, Secure Computing Corporation, Tresys Technology, and Trusted Computer Solutions.
I’m not sure why that’s a problem. The NSA needed strong security so they created a project to serve the need. They are no longer in charge of SELinux but I wouldn’t be surprised if they still worked on it occasionally.
There are a lot of reasons to not like the NSA but SELinux is not one of them.
So, how many backdoors do you think they implemented into the kernel?
None
There are always exploits to be used. Also there isn’t a lot of use in kernel specific exploits
While they created a set of patches that would implement the security features that selinux provides, what was actually merged was the result of several years of open collaboration and development towards implementing those features.
There’s general agreement that the idea that the NSA proposed is good and an improvement, but there was, and still is, disagreement about the specific implementation approaches.
To avoid issues, an approach was taken to create a more generic system that selinux would then take advantage of. That’s why selinux, app armor and others can live side by without it being a constant maintenance and security nightmare. Each one lives in their little self contained auditable boxes, and the kernel just makes the “check authorization” function call and it flows into the right module by configuration.The Linux community was pretty paranoid about the NSA in 2000, so the code definitely got a lot more scrutiny than the typical proposal.
A much easier way to introduce a backdoor would be to start a tiny company that produces some arbitrary piece of hardware which you then add kernel support for.
https://github.com/torvalds/linux/tree/master/drivers/input/keyboard - that’s just the keyboard drivers.
Now you’re adding code to the kernel and with the right driver and development ability you can plausibly make changes that have non-obvious impacts, and as a bonus if someone notices, you can just say “oops!” And not be “the god-damned NSA” who everyone expects to be up to something, and instead be 4 humble keyboard enthusiasts with an esoteric set of lighting and input opinions like are a dime a dozen on Kickstarter.
We saw a very sophisticated attack on Linux earlier this year with the XZ exploit. That stuff is terrifying and the sort of thing people should be worried about. SELinux is tame, by comparison.
The Linux community was pretty paranoid about the NSA in 2000, so the code definitely got a lot more scrutiny than the typical proposal.
It’s not paranoia if it’s true. Snowden showed us that they really are spying on all of us all the time
Paranoia in the sense of being concerned with the ill intent of others, not the sense of an irrational worry about about persecution. Much like how the intelligence community itself is said to have institutional paranoia.
It is much harder now that https is the standard. They still can work wig individual companies but that’s a much smaller scope.
If they’re in your OS they see the data before it’s encrypted
Exactly
They first need access. That’s not hard with proprietary focused operating systems but with a properly secured Linux or AOSP system it is much more tricky.
It is also important to note that it is pretty easy to do surveillance these days. People care around cell phones and there are massive camera systems that can track someone with high detail.
I mean, it’s still Open Source, right? So it would be pretty hard for them to hide a backdoor or something??
I guess I don’t know what’s so sus when it’s easily auditable by the community and has been for two decades now.
If it’s just because it’s memes and you’re not being that serious, then disregard please.
I mean, it’s still Open Source, right? So it would be pretty hard for them to hide a backdoor or something??
Right but maybe it combined with other tools they have is what helps them with some exploit.
Like they figured out an exploit but needed SELinux as a piece of the puzzle. It’s open source
and we can all read the code but we can’t see the other pieces of the puzzle.Come on, put your conspiracy hat on! ;)
Ok, conspiracy hat on…Maybe Snowden was the only NSA contributor with the sole purpose of making tracking citizens harder!
I mean, they almost certainly have built in backdoors like IME. When you can force hardware manufacturers to add shit, you don’t have to think up convoluted solutions like that.
I maintain open source software on a much smaller codebase that is less security critical. We have dozens of maintainers on a project with about 3k stars on GitHub. Stuff gets by that are potentially security vulnerabilities and we don’t know until upstream sources tell us there is a vulnerability
I’d imagine in this case there has been extra community scrutiny since it’s security software and it comes from less than trustworthy source.
So it would be pretty hard for them to hide a backdoor or something??
This is also probably the reason why you lost your DARPA funding, they more than likely caught wind of the fact that those backdoors were present and didn’t want to create any derivative products based upon the same.
Though this implies that the Department of Defense doesn’t want to use compromised tools, since DARPA is DoD. NSA is also DoD.
People don’t understand that the way a backdoor is usually implemented is not going to be obviously saying “backdoor_here”, neither it will look like a some magic code loading a large string and unzipping it on the fly – that’s sus af. What you will see is some “play video” functionality that has a very subtle buffer overflow bug that’s also not trivially triggerable.
This already happened with WhatsApp.
Honestly I think a lot of backdoors are just unintentionally exploits that are not disclosed
I mean, leaving aside their surveillance tasks, it’s still their job to ensure national security. It’s in their best interest to keep at least themselves and their nation safe, and considering how prevalent Linux is on servers, they likely saw a net benefit this way. They even open sourced their reverse engineering toolkit Ghidra in a similar vein
Ghidra was about hiring and cost savings. Its easier to hire when people already know your tools. Also people are more willing to use your tools rather than expensive ones if they can still use them when they leave (go into contracting). Also interoperability with contractors may improve.
And we’re all the better for it! Needs polish and development of course, but it’s a decent alternative already
Only because they use Linux too and had to make it public as Linux is a public, open-source kernel
Wasn’t Signal messenger also funded by the NSA+DARPA? And TOR too?
Signal is weird about actually allowing others to reproduce the APK builds.
Specifically, they are the kind of weird about it that one would expect if the Signal client app had an NSA back-door injected at build time.
This doesn’t prove anything. It just stands next to anything and waggles it’s eyebrows meaningfully.
Do you have more recent information by Signal on the topic? The GitHub issue you linked is actually concerned with publicly hosting APKs. They also seem to have been offering reproducible builds for a good while, though it’s currently broken according to a recent issue.
I had a hard time choosing a link. Searching GitHub for “F-Droid” reveals a long convoluted back-and-forth about meeting F-Droid’s requirements for reproducible builds. Signal is not, as of earlier today, listed on F-Droid.
F-Droid’s reproducibility rules are meant to cut out the kind of shenanigans that would be necessary to hide a back door in the binaries.
Again, this isn’t proof. But it’s beyond fishy for an open source security tool.
Edit: And Signal’s official statements on the topic are always reasonable - but kind of bullshit.
Reasonable in that I alwould absolutely accept that answer, if it were the first time that Signal rejected a contribution to add it to F-Droid.
Bullshit in that it’s been a long time, lots of folks have volunteered to help, and Signal still isn’t available on F-Droid.
There was a “ultra private” messaging app that was actually created by a US state agency to catch the shady people who would desire to use an app promising absolute privacy. Operation “Trojan Shield”.
The FBI created a company called ANOM and sold a “de-Googled ultra private smartphone” and a messaging app that “encrypts everything” when actually the device and the app logged the absolute shit out of the users, catching all sorts of criminal activity.
I have no proof, but I do have a small list of companies I actually suspect of pulling a similar stunt… perhaps not necessarily attached to the FBI or any other agency, but something about their marketing and business model screams “fishing for people who have something to hide”
The fact that it is a paid product should have been their first clue it was a honeypot.
For people interested in the subject. Read This Is How They Tell Me the World Ends: The Cyberweapons Arms Race
TLDR current day software is based upon codebases that have houndreds of thousands lines of code. Early NSA hacker put forward an idea 100k LoC program will not be free of a hole to exploit.
To be a target of a 0-day you would have to piss off state level actors.
If “privacy friendly” or “secure” were regulated terms most linux distros would have been sued/fined into bankruptcy for deceptive marketing.
Kinda think this would be entirely dependent on the imaginary regulations, so comments like this are essentially nonsense.
Just look at the bastardisation of current regulated terms
There are regulations, they are either inadequate or aren’t being applied to products or services used by regular consumers. https://support.google.com/pixelphone/answer/11062200
Also which terms? You can’t call yourself an MD, RN or an Attorney etc in US and many other countries if you aren’t one. You can’t market drugs that haven’t been approved by the FDA. Also bastardisation isn’t a justification for no regulation.
deleted by creator
But Linus said he was never approached by the US for a backdoor. He was so sure of it, lol.
He is not the type of developer who would allow it
But he is the type to ban Russian contributors less than a month after DoD signed a new contract with RH. Can you guess what stocks he owns?
He’s from Finland so somehow I don’t think he is going to shed a tear over some Russians.
The current actions of Russia are concerning. I think the move to remove Russians is not all that controversial.
I can also understand it as a temporatory solution. I understand that Linus wouldn’t want to see his product used by russians commiting war crimes. They can still contribute to linux apps, only the kernel is prohibited. But i think if the situation gets better, russians should be allowed to contribute again. But i got much more upset on that people call Mozilla woke for its moderation efforts to combat hate speech aimed on marginalized groups. War criminals and the far-right has no place in any open-source community, as the concept itself is closer to the left wing by nature. I might be a bit unpopular with this, these are controversial stuff
