Re: NSA enhancing Linux security?

From: Bill Unruh (unruh_at_string.physics.ubc.ca)
Date: 02/28/04 

Date: Sat, 28 Feb 2004 18:02:29 +0000 (UTC)

NeoSadist <neosad1st@charter.net> writes:

]Carlos Moreno wrote:

]>
]> What's that about?
]>
]> I mean, I read the article, and it truly terrifies me that
]> basically all Linux distributions are going to include it.
]>
]> I mean, who are we kidding... The NSA?? Out of the goodness
]> of their soul are interested in improving the security of
]> other people's Linux machines?

Uh, it is open source. YOu can look at what they have added. You can
decide for yourself whether they are being nasty. Or if not you, pleanty
of people would love to be able to show that theyare playing games.

You still have not learned the advantage of open source. "Many eyes make
all bugs shallow" can also be used when the bugs are deliberate.

]>
]> I don't think I can find words to describe at what level is
]> "smells fishy" an understatement in this case.
]>
]> I guess that being that the code is available and all, it
]> can be scrutinized by the public... That's in principle
]> good news, but I can't get over the impossibility of the
]> NSA contributing to enhance other people's security...

NSAs whole mission is the security of the USA. While it may be that
your, and their definition of security may diverge at times,
nevertheless that is what they see as their mission.

]> It's practically an oxymoron... It's like Microsoft
]> donating one billion dollars to the OSDL without any
]> conditions at all.
]>
]> Plus, I'm sure that code could be full of obscure and
]> obfuscated trickery to set up back doors; so, even being
]> open source, there may be "evil" things that go unnoticed.
]> (there is always the "conspiracy theory" that the DES was
]> designed with "mysterious" values for the S-Boxes that
]> have a "magical" key that breaks it -- or whatever, not
]> necessarily a particular key)

And no evidence for this has ever emerged. In fact it is NSA influence
which seems to have strengthened DES against attacks not known in the
open literature at the time.

I could imagine that you are actually a plant from North Korean security
services, with equally non-existant evidence. While paranoia may be
useful as a motivator sometimes, its theories must still be backed by
evidence.
 
]>
]> Yes, I know I may sound overparanoid... But, let's face
]> it: the NSA? There is no such thing as being too paranoid
]> when we're talking about the NSA.
]>

There is always such a thing as being overparanoid about anything,
whether NSA, Al Qaida, or aliens.

Relevant Pages

  • Re: Cheraa javaab nemidi, sag-bahaim?? cat got your tongue!?
    ... They have no evidence, it is all heresay. ... Chairman of the NSA in that country. ... Shirin resisted this pressure, ... they blame her for the publicity that occurred while she ...
    (soc.culture.iranian)
  • Watch What You Say
    ... these companies have allowed the NSA to intercept ... Intelligence Surveillance Act. ... technology officer of Counterpane Internet Security, ... supporting our national-security agencies' infrastructure, ...
    (alt.gathering.rainbow)
  • Re: Watch What You Say
    ... these companies have allowed the NSA to ... foreign communications, sifts through this data for key words and phrases ... technology officer of Counterpane Internet Security, ... supporting our national-security agencies' infrastructure, ...
    (alt.gathering.rainbow)
  • Is the NSA spying on U.S. Internet traffic?
    ... Is the NSA spying on U.S. Internet traffic? ... Intelligence experts say it bears the earmarks of a National Security ... Agency operation. ... The details provided by the two former workers about the Bridgeton room ...
    (sci.military.naval)
  • Re: [Full-disclosure] Not even the NSA can get it right
    ... I assume the NSA does the same ... bugs in Sun's C-2 Security and that's low level. ... that the website is only its sort of public face. ... >common script kiddies. ...
    (Full-Disclosure)