Slashdot Mirror

Gnupg is open source, so you can verify there are no backdoors

Yes, absolutely. If you're going to use encryption semi-seriously or even professionally, you have no choice but to use open source crypto libraries and apps!

But source code alone is no panacea here: you (or anyone skilled enough -- a.k.a. the community) could discover obvious backdoors, but what about backdoors in some crypto algorithms themselves? Having the source code for this won't help you much. Nothing could really prevent the NSA from working with a crypto implementer to slightly weaken an algorithm, so they could decrypt stuff with less effort than usual. Unless you were a very talented cryptographer, you won't notice the difference.

This time, though, I don't think they want anyone knowing exactly how their mining code works, lest someone figure out a way to wreak havoc on the system. For example, the idea of someone making records invisible to the data miner probably has them spooked (I know, code it well and this'll never happen, but you can "never be too careful"). Just my two cents.

Who says breaking Enigma doesn't take much time???? 4 out of 8 possible naval rotors, 26 positions, each have also 26 internal ringsetting, two different reflectors, you also need the startposition and the plugs, up to 10 pairs of 26 (only the plugboards gives us already 7,905,853,580,625 combinations). Even today, going through all possible keys is a mission impossible. That's why Stefan used the Hill Climbing Algorithm to break those messages. Pure Brute force would take far to much time. More on the Enigma key settings on NSA's http://www.nsa.gov/publications/publi00004.cfm. For more technical details on Enigma, read this one: http://users.telenet.be/d.rijmenants/en/enigmatech .htm

Not mutch work??? There are 107,458,687,327,250,619,360,000 possible combinations! Better read first the technical details about the machine: http://users.telenet.be/d.rijmenants/en/enigmatech .htm check out the mathematical description of Enigma here: http://www.nsa.gov/publications/publi00004.cfm

Microsoft has been attempting to get the scheme you're proposing working since 1997, and they're only trying to do it for a *subset* of the domain you're talking about. When they implemented it in the first place they did such a bad job that they created the worst storm of viruses and email worms the net had ever seen. Over a couple of years the number of active exploits of Microsoft's trust model turned viruses from a minor problem that you could easily avoid by a few simple habits to the biggest problem on the net... I'm seeing gigabytes of just rejected viruses and worms a month.

Nope, they try something different: They try to implement a zone model. On the first glance, this looks quite similar, but there is a big difference. Their zone model is insecure by default. When Internet Explorer looses track on a file downloaded from the net, this file becomes member of the local zone and is suddenly considered trustworthy. With a "secure by default" approach, a zone model could possibly work.

But it is quite interesting, that Active X is somewhat similar to the safe application model. In Active X components can be marked as safe for scripting. Such components can be embedded in IE and controlled by script code. Numerous exploits based on the fact, that unsafe components were marked as safe for scripting. Without some kind of online "trustworthy revocation list" the secure application idea will only work in a perfect world.

The IE zone model also shows, that there is indeed no border between applications and documents. One can easily create a HTML with active code. Although this page should be a document, it is indeed a program. When you save such a page, you have a ticking time bomb on your system. When you open the page from your local disc, the page is "executed" with your user privileges. It's not the application that is not trustworthy, it's indeed the document.

I don't want to have a full blown rigorous mandatory access control (MAC)security model on my Mac. I have some work to do and don't want to struggle with the system. GRSecurity and SELinux show how difficult these monsters are to configure, especially on a desktop system. But I want a lightweight, extensible mixture of a MAC and a zone model that warns me when I try to do something stupid. The system should interact with most of the existing tools, should be easy to understand and should let the user the last word. I think that extensible attributes with some simple rules built into the system might indeed fulfill the job. It's not a perfect tool, but it might help.

mccarthy, while his methods were excessive, was after communists in the state dept and army. and you know what, there were plenty. we have the venona project as proof that we were infiltrated at the highest levels. and before you defend political freedom, these were people working for the enemy. you konw, the one with 10,000 nukes pointed at us, the same Stalin that had millions of Ukrainians starved to death, that killed many millions more in his purges, sent millions to the gulags, oh wait, duranty was right. those trials were legit.

what makes it even more funny is that bobby kennedy served as mccarthy's right hand man. jack kennedy was a good friend of joe mccarthy, and the real "terror" came from HUAC. but see, that was a bipartisan affair, and well, history is easier just demonizing the republican mccarthy.

as for the NSA thing, monitoring incoming calls is hardly widespread domestic spying. since i'm not a lawyer, i honestly don't know all the FISA details. but amateurish speculation is nothing more than sophistry. oh, as for the history, well, I'm a history teacher.

one last question, would there be as much anti-mccarthyism if he went after fascists? 'cause when you get right down to it, both the communists and nazis were equally evil, equally bent on world control, domination, and destruction. but since uncle joe or chairman mao didn't target those according to their race, i guess it's not really genocide then, eh? the millions dead? just "collateral damage" to be sure.

And I suppose that if I use the phone to call my friend, using the PSTN, that's also a public act? After all, anyone could listen in and eavesdrop on our conversation. It's just more efficient when there's a government agency that has already indexed all the conversations.

You seem like an idealist... and there is nothing wrong with that. It's an admirable trait. Unfortunately even idealism needs to acknowledge the facts.

FISA clearly says a President can only go 15 days without warrant.

http://www4.law.cornell.edu/uscode/html/uscode50/u sc_sec_50_00001811----000-.html

FISA is currently dead in the water.

http://www.foxnews.com/story/0,2933,178893,00.html

A multibillion dollar NSA exists.

http://nsa.gov/
http://www.mtv.com/news/articles/1520551/20060111/ index.jhtml?headlines=true

The Patriot Act exists which allows government to get information at will.

http://www.epic.org/privacy/terrorism/hr3162.html

The government CAN and DOES use this power.

The sooner Americans can wake up to this fact, the sooner they can make informed decisions if they wish to eliminate the forth

http://www.law.cornell.edu/constitution/constituti on.billofrights.html

in the effort to gain a little security.

http://www.wisdomquotes.com/000974.html

    ~ Please convince me I'm wrong. I truly wish I was just another foolish crackpot conspiracy theorist as opposed to the alternative

Or feed you some information about something nefarious and see if you use encryption to relay it to someone.

This is actually also a cryptoanalysis technique.The Venona project ( http://www.nsa.gov/publications/publi00039.cfm ) worked because the Soviet organization for producing one time pads duplicated some of them. Oops!
So much for high tech.

Not a tech problem so much as a problem with humans misusing the tech.

Ever hear about something called "Signals Intelligence"? SigInt? http://www.nsa.gov/about/about00020.cfm Slashdot might know it better as "WarDriving" or WiFi hacking. Although I would suspect it might not be on WiFi RF frequencies. Quoting the cited article: "The objective is to keep it as low-key as possible," Hinga said. "This system allows us to be discreet." If you are trying to be "discreet" WHY WAS IT PUBLISHED IN THE NEWSPAPER? The thought occurs to me, if "something" is detected, is it not then a bit too late? Biological, you are already exposed. Chemical, you are already dead, (might explain why all the spectators are unconscious). Radiation at a high enough level, you are going to be really sick, real soon now.

It's a whole lot easier to just steal your encryption devices, put in something that will give away the keys, and return it.

Or just put someone hear you when you are talking.

Or look at other information about you to see if you are worth listening to.

Or ask a bunch of folks about you.

Or feed you some information about something nefarious and see if you use encryption to relay it to someone.

It is way too easy to put your faith in high tech cryptography and high tech cryptanalysis, when old fashioned methods work much better.

The Venona project ( http://www.nsa.gov/publications/publi00039.cfm ) worked because the Soviet organization for producing one time pads duplicated some of them. Oops!

So much for high tech.

Since iRobot has strong MIT roots and congratulated the first hackers who modified their Roomba. Later, iRobot released full specifications for the original Roomba and more hacking efforts bloomed.

Oh, and as for the government? This is the same government which released BRL-CAD and NASA World Wind, and sponsored the development of the Reiser filesystem and OK WebServer (kicks Apache in the ass for dynamic sites) among countless other open source projects. Oh, and heard of SELinux? From the big bad NSA? This is all irrelevant though; the DoD did not design this vehicle, iRobot did. iRobot owns the code, not the government

The advantage of the open source model is that modifications are made that fill niches. It is the "scratch-an-itch" mode of development. Thus, you need to look to niches where security matters, such as the NSA. Also be aware that open source means that if you care, you can do a software audit. You can't audit Excel. "No credible security expert says that Open Source is inherently more secure." At the same time, Linux can be much more secure than MS Windows, and linux can be modified to be used in secure areas that wouldn't pass Windows.

In the meantime, until this matter is ruled on, it seems to me that another concern with this program that nobody has mentioned is the cost. It cannot be cheap for the NSA to caputure all that e-mail and all those phone calls. To this end, it seems appropriate that we should all 'help' the NSA by automatically sending them copies of all the e-mail we send. We should probably let Bush know too. So, may I politely suggest that all /.ers automatically CC all their e-mail to

nsapao@nsa.gov, and
presaident@whitehouse.gov

Surely this would be the most patriotic slashdot effect ever! ;)

You should actually look before asking questions. Microsoft has produced hardening guides at least since NT came into existence. In fact, for Windows Server 2003, NSA points you to Microsoft's guide for hardening.

We are in the times in which the people have to protect each other. And we all are the people, and the ones that are against the people are the powerful that will not take into consideration peoples rights.

What NSA is doing is an abuse, but the people that communicate through the internet are very vulnerable to abuse, not only by the governments, but also by mafias and groups of a diversity of allied criminals, some of them acting with white gloves.

Internet is today the field for criminal activities. In the last few days I have been receiving an enormous amount of emails which were fake from ebay, pay pal, the Netherlands Lotto etc... trying to get from me my password to this accounts. And some of them looked so good that could be mistaken by the real thing, but users of the internet that engage in criminal activities disguise themselves in anonymity that internet provides.

Our communications throuh the internet are surveiled since time immemorial by NSA, and a wealth of information about us can be collected and may be collected. And this is a great danger to the people, and no law protects us these days.

What about an internet between authenticated and identified users... so that the majority of internet users that don't mind to be identified because they live in a free country and at the same time, not being engaged in fraudulent activity or criminal activity don't mind to inter-communicate with other identified and authenticated members of the net. Why should anyone want to be anonymous if not engaged in criminal activity?

This is my point. We should suport the institutions, companies and private people that support the target to bring privacy and security within identified users when using the internet to communicate This is the case of a company called Amteus.

Now, once in communication with an identified user, which is properly authenticated, then you provide privacy, so... unless you want to make it public, nobody can access your communication because it is properly secured and encrypted. i.e. it travels in a closed envelope and it is unlawful to open it, and it is being between identified and authenticated users that trust each other. Otherwise, not only the governments with their NSAs involved in their own practices will snoop on us, but gangs of gangsters will easily intercept our communications, phishing like the email I have received will only be the beginning. I am starting a website to support this kind of approach.

This requires legislation, but also requires technology. Like the one developed by Amteus. But there are many other.

I hope that the people with vision that have given to the internet a view that will promote freedom and cleanliness, like John Perry Barlow will help this company to succeed in a very honorable project.

It is very distressing these days what is going on with the Internet. Hopefully companies like Amteus Plc that are bringing a technology to overcome this problem of snooping, spam, phishing etc.. will survive attacks from those that hide behind anonimity.

Ramon Leonato

NSA Mathematicians spend their days focusing on some of today's most distinctive challenges and problems. They apply Number Theory, Group Theory, Finite Field Theory, Linear Algebra, Probability Theory, Mathematical Statistics, Combinatorics, and more. We encourage our Mathematicians to participate in interdisciplinary assignments and train with professionals in such fields as Computer Science and Signals Analysis.

Your education is far from complete when you join NSA. Both formal and informal seminars are routinely organized among our scholars to study specific, timely, Mathematics-related topics, while professional organizations sponsor regular discussions on issues of broader interest.

Career Paths in Mathematics
NSA Mathematicians apply their skills to such tasks as:

        * Designing and analyzing complex algorithms
        * Expressing difficult cryptographic problems in Mathematic terms
        * Applying your work to find a solution or demonstrating that a solution cannot be found, given certain computational limitations and reasonable time limits

http://www.nsa.gov/careers/careers_3.cfm

Try

http://www.nsa.gov/careers/index.cfm

http://www.google.com/search?q=nsa+jobs

https://www.topcoder.com/tc?module=Static&d1=tourn aments&d2=tco06&d3=nsa

If you're in the DC area, you can check out NSA's cryptol ogy museum</a>. I haven't been since I worked up there, but I remember it being far more in depth than you'd expect.

I went to a Magnet high school (http://mbhs.edu/departments/magnet/) (a public school that takes in the top 100 students from the county to teach them an advanced curriculum) and part of the requirements for earning a Magnet diploma was to do a Senior Research Project (SRP) that sounds very much like ASR. To find a mentor (I wanted to do theoretical computer science, I had done some independent research on graph theory in my own time) I emailed a professor at the University of Maryland and worked over my 11th grade summer with him. I came up with a result, not important enough to get published, but it won me this award: http://www.sciserv.org/sts/64sts/Forbes.asp and got me into MIT.

For advanced topics such as cryptography the best bet is the local university. There are also a bunch of government facilities out there that do research. Some of the best places (mostly in the DC area, however) are the NSA (http://www.nsa.gov/careers/students_1.cfm) and NIST (http://csrc.nist.gov/) (NIST can offer housing, btw). There is also a great program for high school juniors at MIT or Caltech (no cost): http://www.cee.org/rsi/index.shtml .

Just to show that high-school cryptography research is possible: http://www.sciserv.org/sts/60sts/Dunn.asp . This guy is the older brother of one of my friends (both who went to the same high school program as I) and I believe he did his research at NIST.

-Michael Forbes

but the NSA has a website just for kids that has some puzzles, basic crypto problems, and simple ciphers. They call it the page for "Americas Future Codemakers & Codebreakers". They also have crypto-themed cartoon characters like Rosetta Stone and Decipher Dog.

Check it out: http://www.nsa.gov/careers/students.cfm

I did an internship with State last summer and it was an amazing experience. I'm not sure I'll end up working for the government (given the rising price of living in the DC area and the lower salaries, it's looking less and less likely), but it was a very valuable professional experience in any case.

Check out the State student programs at careers.state.gov, and go for OVERSEAS internships - when you're based overseas as an intern, they give you many more responsibilities and depend a great deal on what you can do. It's a great way to get noticed and, whatever I end up doing, looks great on a resumé.

use one time pads. the only REAL secure solution.

I've toyed with this one myself to send chitchat back and forth to my Mum.

Use a geiger counter to fill a CD with random numbers, send a copy to Mum, and drive CSIS/NSA/GCHQ/etc. nuts with email that they can't decode.

Given a CD full of random numbers, a couple of lines of perl would do the rest...

Yeah, I know, I need to get out more. I even recorded the leap second on WWV earlier today. Sad or what?

...tick...tick...tick...(blank)...(blank)...BEEP ...tick...tick...

...laura

The last time there were flaws in zlib and libpng, security was an apt-get upgrade away. Compare that to Windows where most software seems to have its own private copy of those DLLs.

Microsoft released patches for the libpng that came with Windows, along with a tool that scanned your hard drive, looking for copies of libpng embedded in third party executables and libraries. Unfortunatly, it would basically only say: "you {have,have not} installed Microsoft's patch for this issue; furthermore you have third party programs on your system, please install any updates available from your vendors". I can't remember a single program that released an update merely to fix the libpng flaw; in all probability every Windows machine with some kind of third party software on it probably still has dozens of copies of libpng and zlib lurking around on it.

Your latter points are interesting. What you are describing is a mandatory access control security scheme, like the one implemented by SELinux. This has yet to catch on because it's bloody complicated--and I believe SELinux only restricts what an application can do based on the 'tag' that its executable recieves; I don't know if SELinux policies can grant permissions to a process based on the shared library that is executing at any one time, or even how SELinux policies interact with interpreters like sh, perl, python, and so on.

However, you don't know what the NSA does, and neither do I, and we don't have any way of discovering.

1. If you want to know what the NSA does, get a job there. They're hiring. http://www.nsa.gov/careers/

The Slashdot story is about the NSA ignoring the law. That should give anyone the idea that the NSA may at other times ignore the law.

Do you speed? Ever do a rolling stop? If so you should be watched as you may at other times ignore the law.

The NSA is a large organization, with a population of a small city performing many disparate activities. You speak as if it's an individual. It's not.

Sorry, not a law. An executive order is being ignored. If you visit the NSA web site, and don't know how or forget to delete cookies, you are being tracked.

The U.S. government's present problems with corruption are aided enormously by people who pretend to discuss politics but in fact are acting out their anger. They haven't read any books. They haven't educated themselves, although they parrot things said by other angry people, which may make them seem educated. They make very strong statements, and they try to intimidate people with an informed view.

The real, frightening question is why the NSA apparently:

1). Put software into production without checking all the settings
2). Put software into production without fully testing it
3). (probably) used software which they don't have the source to, and thus don't know if there are any backdoors.

I am worried about it from a National Security perspective - NSA using cookies worries me far less than Microsoft doing it - but the above issues could expose the NSA, and hence the USA to attack.

With software companies outsourcing to countries with less stringent security and more people hostile to our interests, there is a greater risk - although even without outsourcing, compromising a software company is still a severe risk.

Perhaps the government should require people to get security clearances if they work at Microsoft, etc in any capacity where they can compromise the code. Perhaps they should use Open Source. I know of a Linux distribution they might want to use.

P.S. NSA is a lot of crypto geeks who do a very important job protecting all of you - and is made of people a lot like most of you. They aren't cold blooded killers who whack you for speaking out. Sorry to disappoint you.

This isn't about partisan politics, the critics of this spying have a very firm basis in law and fact. For God's sake, the NSA's own site says that spying on Americans without a warrant in unconstitutional:

http://www.nsa.gov/coremsgs/corem00003.cfm

It doesn't get more clear cut than that.

From the NSA's website FAQ:

Does NSA/CSS unconstitutionally spy on Americans?

No. NSA/CSS performs SIGINT operations against foreign powers or agents of foreign powers. It strictly follows laws and regulations designed to preserve every American's privacy rights under the Fourth Amendment to the United States Constitution. The Fourth Amendment protects U.S. persons from unreasonable searches and seizures by the U.S. government or any person or agency acting on behalf of the U.S. government.

http://www.nsa.gov/about/about00020.cfm

Didn't you know? There's an early beta available from http://www.nsa.gov/software/eavesdrop/gaim-2.0beta /

They don't handle foreign affairs, but focus on at home threats (Which made me question the need for Homeland Security, but anyway). The point is, their entire job is to monitor the US and US Citizens.

I'm honestly not sure how you could be more wrong. Instead of just guessing at what you think they do based on your own bizarre interpretation of the name of the agency, you could try actually looking up real information on what the role of the NSA is. From their website we see that their stated mission is a dual one, involving "Information Assurance" to protect US information, and "Foreign Signals Intelligence" to collect and process foreign communications. Feel free to actually read the executive order that defines what the NSA does. Spying on US citizens is precisely what the NSA is prohibited from doing, and handling of foreign intelligence is part of their mission statement.

Jedidiah.

Here we see the ugly underbelly of liberal media again. The NSA still conforms to the 4th Amendment. Just because some liberal, Bush bashing, hack shilling a book thinks otherwise don't make it true.

My old employer

Of course you also have these guys!

not that i'm a nsa-fanboy but:
selinux is both free and open (see http://www.nsa.gov/selinux/info/license.cfm)...

GR Security includes PaX for protection against stack smashing and other similar attacks. But it also has an ACL system of it's own and limited chroot's (IE process in chroot can't touch the outside environment or other chroot's).

SE Linux is an implementation of the domain-type security model. The domain a process is in determines that access it is given. Domains can change automatically on execution of certain processes (eg getty, login, and ping) or when executing a process a SE Linux aware program can specify the security context of the child process (within a certain range), login, sshd, and cron do this.

The grsec ACL system and RSBAC don't support modifying applications to specify the security context, so they don't support giving different access to different non-root users.

I think that Grsec has better support for some aspects of IP networking control, such as controlling which IP address a process can bind to (currently SE Linux only supports controlling bind access by port).

RSBAC has lots of options for a huge number of things as they take the kitchen sink approach. You have to answer about 40 questions at kernel configuration time, and it's not clear which combinations of options are viable.

GR Security includes PaX for protection against stack smashing and other similar attacks. But it also has an ACL system of it's own and limited chroot's (IE process in chroot can't touch the outside environment or other chroot's).

SE Linux is an implementation of the domain-type security model. The domain a process is in determines that access it is given. Domains can change automatically on execution of certain processes (eg getty, login, and ping) or when executing a process a SE Linux aware program can specify the security context of the child process (within a certain range), login, sshd, and cron do this.

The grsec ACL system and RSBAC don't support modifying applications to specify the security context, so they don't support giving different access to different non-root users.

I think that Grsec has better support for some aspects of IP networking control, such as controlling which IP address a process can bind to (currently SE Linux only supports controlling bind access by port).

RSBAC has lots of options for a huge number of things as they take the kitchen sink approach. You have to answer about 40 questions at kernel configuration time, and it's not clear which combinations of options are viable.

"They probably mean many people use Linux. You know, no antivirus, no antispyware..." - by Crayon Kid (700279) on Thursday December 08, @08:58AM

Or, they probably mean they just follow what is written here @ this URL below, taking the 1/2 hour to implement its techniques (fully explained):

http://www.avatar.demon.nl/APK.html

THEN, you get what you stated & it works, on Windows 2000/XP/Server 2003, no questions asked.

Using it, you simply are "closing the doors" to it being possible, or AS POSSIBLE as the default setup of various Win32 OS (specifically NT/2000/XP, since Windows Server 2003 follows much of what is stated in that article) is not as 'strong' as it can be proofing your system vs. various threats online!

(I've been using that setup for years now, & not a single infection because of it - that, & being saavy about opening attachments in emails from folks you know & trust ONLY, & the same with programs you may download also.)

Between good practices, patching your OS + apps (time consuming but worth it) keeping them up-to-date, as well as running antivirus/antispyware that covers email & filesystems AND, not accepting attachments from strangers on networks like IRC) & doing what's in that article step-by-step, you're pretty solid security-wise.

* Keep that all in mind, & you don't get nailed by malware/spyware/virus, etc.- et all, period. Especially patching/updating your apps & libs your apps &/or OS call - they too, in their API's & code, can be vulnerable as well as the core OS files & functions.

By the way - Here @ slashdot not TOO long ago, there was an article stating Windows & Linux security was "neck & neck", see here:

http://linux.slashdot.org/article.pl?sid=05/07/14/ 1639242&tid=172&tid=109&tid=106&tid=218

APK

P.S.=> By the way, there are more secured versions of Linux available as well, such as SELinux:

http://www.nsa.gov/selinux/

The point it even exists, means that Linux' default installs from other vendors DO present possible avenues of infections/infectors also in their default setup... and, Linux DOES have infectors specific to it as well, see here:

http://linux.slashdot.org/article.pl?sid=05/11/08/ 140203&tid=220&tid=106

"Linux Lupper.Worm In the WIld"

Nuff said! Worms, virus', &/or malware's out there for Linux as well as Win32 OS, period... hence, doubtless part of the "WHY" SELinux exists @ all!

apk

6. Joe must still be able to connect to the Internet afterwards.

Some problems are easy to get when someone else uses a backhoe. Some are easy to solve when you use one.

I have yet to see a _good_ website where I can just say to them "go here http:"

More seriously, check out Our Tax Dollars At Work. Unfortunately, it's targeted to users in a Domain environment, not standalone home machines. Still, it's probably a better starting point than many.

6. Joe must still be able to connect to the Internet afterwards.

Some problems are easy to get when someone else uses a backhoe. Some are easy to solve when you use one.

I have yet to see a _good_ website where I can just say to them "go here http:"

More seriously, check out Our Tax Dollars At Work. Unfortunately, it's targeted to users in a Domain environment, not standalone home machines. Still, it's probably a better starting point than many.

6. Joe must still be able to connect to the Internet afterwards.

Some problems are easy to get when someone else uses a backhoe. Some are easy to solve when you use one.

I have yet to see a _good_ website where I can just say to them "go here http:"

More seriously, check out Our Tax Dollars At Work. Unfortunately, it's targeted to users in a Domain environment, not standalone home machines. Still, it's probably a better starting point than many.

6. Joe must still be able to connect to the Internet afterwards.

Some problems are easy to get when someone else uses a backhoe. Some are easy to solve when you use one.

I have yet to see a _good_ website where I can just say to them "go here http:"

More seriously, check out Our Tax Dollars At Work. Unfortunately, it's targeted to users in a Domain environment, not standalone home machines. Still, it's probably a better starting point than many.

6. Joe must still be able to connect to the Internet afterwards.

Some problems are easy to get when someone else uses a backhoe. Some are easy to solve when you use one.

I have yet to see a _good_ website where I can just say to them "go here http:"

More seriously, check out Our Tax Dollars At Work. Unfortunately, it's targeted to users in a Domain environment, not standalone home machines. Still, it's probably a better starting point than many.

I think we can be sure that if somebody had unlocked the secret of quantum computing there's a chance they'd say so at some point.

Well, both operators had cue points on the records. Also, analog delay can be added or subtracted during the conversation. It's not really impossible at all, in fact, it's how they used to make extremely important calls in WW2.

  Now, the *real* fun stuff was the SIGSALY. This site http://www.nsa.gov/publications/publi00020.cfm details it nicely, and the wiki here http://en.wikipedia.org/wiki/SIGSALY is also an interesting read.

That is pretty much on target. SELinux only provides really only provides MAC (Mandatory Access Control). This is a big first piece but isn't enough to completely secure a system, there are still other considerations, such as system auditing, needed to have a fully trusted system.

For the most part SELinux provides binary compatibility for user space applications and ever since it was integrated into the 2.6 kernel provides binary compatibility with most modules... there are some modules that don't behave well with SELinux, some can be fixed with fine grained SELinux policies the rest need patches to their source to interact with the kernel correctly.

Applications don't really have anything to do with SELinux really, what SELinux (or really, what any MAC system does) is compartmentalize the system so that if any given application is compromised the break is limited to that one application and can not be capitalized on to compromise the system at large. SELinux and all other MAC systems rely on correctness of the policy configuration to provide system level security. Extra steps are still needed to protect each independent app though to make sure it is hardened against break-in. While it is important that a cracker is not able to take control of your box you still want to keep him from crashing your application server or web pages and such.

In addition to SELinux (NSA SELinux there are other MAC systems such as:
GrSecurity and RSBAC (RSBAC seems to be down though).

Other very interesting thing to look at are hardened tool chains (gcc with PIE, position independent execution and SSP, stack smashing protection) as well as PaX which is a kernel patch that provides extended security options such as ALSR (Address space layout randomization), non-executable memory. PaX provides some very strong kernel level features that harden all applications from attack. It does come at a slight cost though; some of the features have a minor performance hit, notably nx memory on x86 machines because they do not provide a true NX bit for pages, it has a fairly steep learning curve and some applications plain don't work with it... XOrg and Java VMs for example, because the way they are written they need executable pages for dynamic code generation. PaX security options can be set at a per file or per role (in a MAC system) level so it is still possible to run these apps, they just will not make use of the protection provided by PaX and will need to be tightened down in other ways. The really big gotcha with PaX is that elfloader doesn't support global offset tables or procedure linkage tables. These are required for ALSR in particular so to use PaX libraries need to be statically linked or loaded with dlopen... none of the current binary graphics card drivers for NVidia or ATI work with PaX so if you can't get 3D acceleration from DRI et al. you don't get 3D acceleration.

SELinux is mentioned in a single paragraph on page 75. A link to the web site (http://www.nsa.gov/selinux/) is given, with a brief description likening it to grsecurity.

chroot jails are discussed for the FTP server vsftpd, and for BIND. vsftpd has a couple of parameters (chroot_local_user=YES|NO, chroot_list_enable=YES|NO, chroot_list_file=<filename>) to make it easy to set up the jail. Chrooting BIND follows the more traditional format of creating the duplicate tree for the new root, and is explained in detail in Chapter 11: Hardening DNS and BIND.

What percentage of people who need to harden Linux (but haven't done so, perhaps those who remain logged in as root; see also: Windows XP users who are signed in with Administrator privilege; unsecured wireless routers at home) have even heard of SELinux? (let alone know where to get it?)

Actually, even AES-192 is considered sufficient for TOP SECRET by the NSA:

"CNSSP-15 correctly states that 192-bit AES keys are sufficient for protecting even TOPSECRET information. However, Suite B uses only 256-bit keys to enhance interoperability." -- http://www.nsa.gov/ia/industry/crypto_suite_b.cfm? MenuID=10.2.7

Only on Security-Enhanced Linux :-)

You have no clue what the NSA is about. The NSA has been doing these guides for years and it's just NOW making slashdot news? They even supply a security enhanced linux kernel via http://www.nsa.gov/selinux/.