NSA Backing Secure Linux OS Development

ColPanic writes "Looks like the NSA is gonna have a Linux OS of their very own soon. They have selected Secure Computing to develop a high security version of Linux."

Riiight.

[kaniff]

Not to start a war, but why not OpenBSD?

Wouldn't it be better to audit OpenBSD for their purposes, since it's already designed for that purpose. Or even FreeBSD?

I asked the question because I am honestly interested in the answer, not some zealot telling me, "LINUX IS SECURE!" or something inane like that.

Re:Riiight.

[SgtPepper]

It's actually quite simple, Linux has a bigger movement, is free, and also is gaining a high level of intrest and support, therefore, NSA wants to know about, and don't forget once they know how to make it secure they will know how to get into it, to read our mail or whatever ( i know, not charted for domestic use, however, i'm sure they'll /love/ reading China's mail :) ). Basically for all the same reasons they audited Windows NT, they are auditing Linux...what i want to know is why the "commercial secure distro", just tell us what you did!

Re:Riiight.

Especially since it seems that using Linux you would have to release your modifications to the public, while as with BSD they would be able to keep them secret. It may have something to do with the fact that this Type Enforcement is an entirely different type of security, which is a departure from the whole Unix security model which OpenBSD uses.

Re:Riiight.

[Cy+Guy]

Also, the licensing would be cleaner if they don't want to fully release the source. If they use Linux and then release the source, wouldn't they in effect be providing a a very useful tool for U.S. enemies?

Another thing that kind of blows me away is just the fact that there even was a press release. The NSA used to be so secretive, that few even knew it existed. I wouldn't be surprised if this isn't a subtle ploy by them to recruit geeks. They've always been one of the biggest high-tech employers in the DC area, but with the high-tech boom now going on around DC, it is very dificult to hire competent tech staff at government wages (its not like you can count on the feds having an IPO in the near future.)

Re:Riiight.

[eel]

Sez who? Or just name an OS that is more secure out of the box. And if you say any of the linuxes pleas back your statements up with facts, not fealings and intuition

Re:Riiight.

[Cuthalion]

Also, the licensing would be cleaner if they don't want to fully release the source

I don't think this matters. If you use your modifications only internally, I you aren't required to release the source to them. That clause only applies if you distribute the code.

However, if you don't contribute your changes to the broader proejct, you'll have to re-merge your changes in every new release. That holds true for any open source license.

Re:Riiight.

[Cuthalion]

( i know, not charted for domestic use, however, i'm sure they'll /love/ reading China's mail :)

I know that the CIA is not supposed to operate in this country.. I'm doubtful that the same restrictions apply to the NSA.. Are you sure you're not misassociating?

Re:Riiight.

the NSA sez. there was an article way back in some magazine. check it out when you get a chance. it was rather shocking and forced me to stop using OpenBSD and FreeBSD.

Re:Riiight.

[KillRaven]

Sez who? Or just name an OS that is more secure out of the box.

Compaq Unix is at least as secure, if not more so.

Re:Riiight.

[Doctor_D]

Okay, DOS. It was secure out of the box on a network...mainly cause it couldn't understand networks. Granted if you didn't have console access it wasn't going to do anything for you. It's kinda like how NT got C2 certification...stand alone and not on a network. It just seems to me that as long as there are systems out there, there are always some sort of flaws...besides it's us flawed humans that are coding it. Nevertheless this takes on a HAL sort of tone then.

Re:Riiight.

[n0b0dy]

If OpenBSD has been "found to be riddled with security holes", then please total/describe the local/remote OpenBSD exploits. Do the same with what you think is the most secure version/distro of linux. I think the numbers should change your mind.

According to http://www.openbsd.org/security.html#26

there are 3 (patchable) bugs known at this time for 2.6.

I believe the real reasons deal with nifty things like SMP support, support for every hardware device in the known world, and it's user base.

I think linux's sparc support is a bit more advanced as well.

-n0b0dy

btw: this user runs OpenBSD 2.6 on his desktop at home.

Re:Riiight.

[eel]

eel is verry interested (don't you just love people who refer to them selves) if any body has any information on this artical I would love to read it.

Re:Riiight.

i will try to find the link.

Re:Riiight.

[eel]

Oh B.T.W I am not too shure of the NSA telling me not to use the OS that CDC says it the most secure.... but then again why do I belive a bunch of hackers (if you don't like the word give me a better one) when they say "use this OS we have problems getting into it, realy."

Re:Riiight.

[um...+Lucas]

I thought we went over this when we bugged Rob for his code :-)

If they're not selling their code, they don't need to release it. They can use it in production environments all they want, and it doesn't really matter. Just so long as they don't sell it. I don't quite get that... I thought the GPL stopped that, but according to /., that's the case.

You could try asking them for it. But then they'll just put off release by another week.

Re:Riiight.

[nerpdawg]

I'd say it probably depends on this Type Security thing they talk about. They talk about partitioning the kernel into discrete parts, each one getting specific permissions. That's not what openbsd has. Openbsd has done a very thorough security audit. If openbsd doesn't already use their security technique, it'd probably be just as much work to use this on openbsd. Linux has the advantage of having more functionality and devices working with it, so if it's going to take just as much work for either kernel, why not go with the one with more toys?

Re:Riiight.

[SgtPepper]

Naw, has far as i can remember the NSA is strictly to gather intellegence on forgien communications, the FBI is the only intellegence agency charted for dometic use.....any feel free to correct me if i'm wrong though :)

Re:Riiight.

the hackers at NSA make CDC look like Visual Basic programmers. Oh, wait...they are Visual Basica programmers.

Re:Riiight.

[zifnab]

I'm sorry to tell you this, but Windows NT 4.0 SP6 is certified as C2 with a network connection, and it was even on /. not so long ago (a month, maybe ?). In fact, it may not be exactly the same classification used with ol' 3.51, but anyway it is.

seb.
--

Re:Riiight.

[zifnab]

Just a detail:

If they're not selling their code, they don't need to release it.

Even if they sell it, they don't have to release the sources to the entire world, but just to their customers.

(see other threads for examples).

seb.
--

Re:Riiight.

[GMontag]

Colossis, by Dr. Carl Forbin and Control Data, is much nore secure than HAL, since it has nuclear missiles and is not afraid to use them.

Also proof that the good old HDD will be with us even when the machines take over, instead of that fictional "holographic" memory HAL has.

Colossis kicks HALs butt every time!

Re:Riiight.

The Secret Service is charted for domestic operations.

Re:Riiight.

[civilizedINTENSITY]

Also the ATF, and the DOT (read, US Coast Guard)

Re:Riiight.

I may be wrong, but isn't OpenBSD developed in canada?

If I am correct then there is the reason to have "home grown" version. Also they would want to do there own audit, much like the did for Firewall-1. Its not the same as the C2 or other "rainbow" book audits

Re:Riiight.

OK, Linux is the current media darling and maybe they hope to gain some positive PR. OpenBSD does have a head start on Linux regarding security. You would think the compelling reasons to pick OpenBSD would be the license and the stability of their development process, slower but "correct". This must be a PR statement, maybe to draw attention away from OpenBSD. Use Linux for what its good at, use *BSD for what it's good at. Everything else is peeing in the sand.

Re:Riiight.

[wildernapt]

You'll get back to us when you do, right, A. C. ??

Re:Riiight.

[wildernapt]

Rumor has it that the NSA has more than a few people capable of merging any changes they want back into their private source tree.

And highly secure operating systems tend to not suffer from feature creep. So I doubt if USB support and other goodies are high on the priority list for a highly secured Linux version that the NSA is interested in maintaining.

Re:Riiight.

bzzt. wrong. no its not. NT3.51 is the only m$ OS to be C2 certified. the story on /. was about how NT 4.0 would be configured to be C2 certified were they to go in for the process which they havent. read/check the facts again bub.

Re:Riiight.

[swilly]

I work for a government contractor, so I think I can answer this. Everyone wants Linux. The Army wants us to look into a Linux version of our product (currently Solaris). Linux is a buzzword, and the government is just as fooled by it as anyone else. Also, Linux has good hardware support. We have a lot of Solaris x86 systems in the field, and hardware support is a pain. It is believed that Linux would solve all our hardware woes. And finally, Linux is relatively easy to find a developer/sysadmin for. Linux also has a lot of off the shelf software for it.

Sure, OpenBSD is secure, but what about hardware support? How easy is it to find someone who really understands it? Does it have the same level of buzzword sexiness? How much off the shelf software does it have (and yes, I know the BSD's can run Linux software, but that kind of emulation isn't usually allowed on a secure product)?

Also, I was informed once that the government doesn't want to mess with BSD Unix's. They want System V or one of its variant. This makes it easy to train administrators without worrying about how transferable those skills are. (I was told this when I commented to someone that FreeBSD might be a better choice than Linux for our product).

Re:Riiight.

[stripes]

If you use your modifications only internally, I you aren't required to release the source to them. That clause only applies if you distribute the code.

I have heard that about GPL a lot. I'm not sure it is really true. I want to try a thought exparament.

Let's say FOOcorp takes a GPLed product and uses it "in house". Let's say I work for FOOcorp. One day I leave FOOcorp. Doesn't the GPL says I am entitled to a copy of the source if I want to pay reasonable copying costs?

I mean there is nothing in the GPL that excepts emploies, nor does it say you currently need a binary copy to have the rights granted to you by the licence.

Re:Riiight.

[Cuthalion]

That's fine then. They branch off their own version of linux for their use. Does this hurt us? Well, not unless they misuse the technology they developed, but whether that springs out of linux or something else is largely immaterial.

Re:Riiight.

But neither of them are intelligence agencies :)

Re:Riiight.

[ringrang]

I wonder if this announcement by the NSA is related to Clinton's promise to spend money to make the Internet secure?

Re:Riiight.

[zilym]

This may be true, but also look at the NSA job restrictions -- if you work for them, you are not allowed to talk about your work to anyone outside of the NSA, including after you leave the NSA and work elsewhere.

Re:Riiight.

[Tranquillus]

Actually, I think this may not be so clear cut. Since this is contracted development, one would assume the NSA would retain rights and hence would not stand as the organization within which internal use would be acceptable. However, there was mention of a commercial version and of the company's plans to targer business as well as govt. In the case that Secure retains somehow the rights to distribute this technology (Anyone familiar with NSA's contracting procedure here?) then presumably they would be DISTRIBUTING and thus have to merge into the GPL pool- which would be good for the rest of us, IMHO. Tranq

Re:Riiight.

[xyz123]

So company A (Secure) produces a derived work on Linux and sells it do organisation B (NSA). According the the GPL, organisation B has now the rights to get the source at a nominal cost, and may redistribute the software as its sees fit. Probably, the NSA will choose NOT to redistribute the software, but they do have that right... The GPL does NOT force anyone to redistribute their software to third parties.

Re:Riiight.

Heh, if they make any changes to Linux, they won't make them public unless they want to. NSA is a fascist organization, they don't care for rules unless they set them up.

Re:Riiight.

Linux was developed in Finland, that's not homegrown you butthead!

The big question is...

[Gorgonzola]

Will they ever be allowed to make their changes to Linux available to the general public?

Re:The big question is...

[RichMan]

I expect the intention is to make the resulting system open to the public.

1) Linux is becoming a big player in commercial network sites.
2) The government wants a secure national network. Including secure private sites. Part of the NSA mandate is to protect private citizens and companies.
3) The government is going Linux. Try estimating what the government would have to spend to "update" to Windows2000.
4) Linux is the ideal platform, with GPL released code, everybody (except those sending money to Redmond) are on an equal footing with the released code. There is no perceived government backing of private enterprise which would be the case if the NSA $ were going to Redmond.

Re:The big question is...

[Foogle]

Well you need to remember that the NSA is actually not doing any of the development here. The Secure Computing people (from the discussion I had with them today) are interested in taking Linux and making it "more secure". What I took that to mean is that they're trying to make it accountable. The fella I spoke with said that Linux was a problem because of it's "Open Nature".

I'm not sure he quite understood what was going on, but the company also works with their own variant of OpenBSD, which is supposedly even more secure than the original due to how they've separated certain sections of the OS from interacting with each-other. I don't claim to be an insider though, this is just what I've been told.

-----------

"You can't shake the Devil's hand and say you're only kidding."

but will it be opensource?

[grokblah]

what are the licensing issues involved here? It talks about creating a secure 'commercial operating system'. I wonder...

Will this be available, or restricted?

[delevant]

I'd like to be able to take a look at this system once they get finished . . . does anyone know if it'll be publically available?

I mean, it ought to be publically available, but this *is* the NSA we're talking about here, so I'm not exactly holding my breath.

Ideas? Anyone? Bueller?

Re:Will this be available, or restricted?

[stevew]

I was thinking about this too. Maybe it'll work this way. If you sell your code (based on linux) you must offer the customer the source code. Does that mean you must offer EVERYONE the source code - or JUST the customer? Hmmm.... If it's just the customer, then there isn't a problem, but we wont see the changes either.

Re:Will this be available, or restricted?

[stevew]

I was thinking about this too.

Maybe it'll work this way. If you sell your code (based on linux) you must offer the customer the source code. Does that mean you must offer EVERYONE the source code - or JUST the customer?

Hmmm....

If it's just the customer, then there isn't a problem, but we wont see the changes either.

Re:Will this be available, or restricted?

[mochaone]

why should it be publicly available if they intend to use it inhouse? If Joe Blow makes changes to his kernel do we expect him to release them under the GPL? No. If Joe Blow makes changes and sells the modified kernel, then yes, the expectation is that he will GPL his changes.

Re:Will this be available, or restricted?

[Foogle]

This is *not* the NSA we're talking about here. This is a network security company that the NSA happens to buy all their firewall software from. And they don't just service the NSA, either; just today they were trying to sell me on their firewall systems.

My point is this: don't treat this like it's anything other than a regular company. They'll be releasing the source if they make any changes to existing software. They have to. If they don't, they're in violation of the GPL -- and that's a different story altogether.

-----------

"You can't shake the Devil's hand and say you're only kidding."

Re:Will this be available, or restricted?

[Foogle]

What did I just say? The NSA is *not* developing this software. They're not. They have no part in it. It's being done independently by Secure Computing, a company that *sells* software to the NSA and others. W

-----------

"You can't shake the Devil's hand and say you're only kidding."

Re:Will this be available, or restricted?

My point is this: don't treat this like it's anything other than a regular company. They'll be releasing the source if they make any changes to existing software. They have to. If they don't, they're in violation of the GPL -- and that's a different story altogether.

They would only be in violation of the GPL if they distributed the secure version without the sourcode, BUT if they only sell this to the NSA, they only have to give the sourcecode to the NSA. That doesn't mean that they also have to give it to you.

Re:Will this be available, or restricted?

If you must offer everyone the source code to GPLed works on request, call up Linus and tell him to sue me. I have a fully GPL'ed Linux source tree on my system, but I won't let you ftp in to get it.

Riiight, NSA Secure.

Mabye i'm a cynic, but why is it i'm not thrilled about the /NSA/ making a secure linux. I'm sure they will have all sorts of inventive ways to be dicks with our linux.

Re:Riiight, NSA Secure.

you're a cynic.

A Marriage Made in Hell?

[rmckeethen]

Is it just me or is there something wrong with this picture? The NSA, arguably one of the most secretive agencies in the US government using LINUX, one of the most open and freely available software platforms in the world today? I guess we can assume that the NSA version will not remain Open Source.

Re:A Marriage Made in Hell?

[Abigail-II]

I guess we can assume that the NSA version will not remain Open Source.

That entirely depends on what the reasons are for the NSA to bother with Linux. If they want (or are ordered to) to develop an OS that is secure, so that people/companies/governments can protect themselves better, then they'll have to release their modifications. Preventing "secrets" is one of the tasks of the NSA as well - and believe me, there are lots of smart people at the NSA. They recognize a good idea, nor does everyone think all the time that security by obscurity is the only way to go.

-- Abigail

Re:A Marriage Made in Hell?

[debrain]

Not secretive. Just quiet.

Re:suck

[Daoine+Sidh]

Well, first post, or not, I find the idea of a high security linux somewhat fascinating. I'm also glad that I turned down my filters to allow viewing the -1 posts, which I find most are very funny!

Cool!

[jaffo]

Wow, this'll be neat to see! We don't here a lot about Linux being used by the Gov't., except for the few obvious ones in the last year or so...I forget, but wasn't it an army web server or something? Anyway, NSA has the bucks to spend on a project like this...if they stay behind it. So, will they release this Secure Distribution under the GPL? ;-)

Re:Cool!

[geethree]

We don't here a lot about Linux being used by the Gov't., except for the few obvious ones in the last year or so...I forget, but wasn't it an army web server or something?

Nope. The army server that was hacked was a Micro$oft IIS server.
It was replaced by an Apple G4 running Mac OS and WebSTAR.

-- geethree

Strange Bedfellows...

[Mahy]

I can't decide whether this is good or bad. With the NSA behind you, you win. That's all there is to it. :)

OTOH, they have kindof a history of being..uh..a bit abusive of their "friends."

For all of you that aren't as fascinated by the NSA as I am, you need to read The Puzzle Palace by James Bamford.

Patented technology in the kernel?

[kyhwana]

"Secure Computing's patented Type Enforcement technology provides network security protection that is unique to the industry. "
Hmm.. see the word patent there? Im sure you did.
Ok, from what I gathered skimming over that article is that this would be done to the linux kernel? which is GPLed..
What happens if they use patented "stuff"(for lack of a better word right now) in the kernel itself, which is under GPL, meaning they have to make the source avaliable for everyone, who can then change it and so on?

Will this even be an issue?

Re:Patented technology in the kernel?

[Abigail-II]

What happens if they use patented "stuff"(for lack of a better word right now) in the kernel itself, which is under GPL, meaning they have to make the source avaliable for everyone, who can then change it and so on?

Making it available for inspection isn't a problem - after all, a requirement for getting a patent is to open up the source/technique or whatever you are patenting.

Patenting and the GPL is an interesting issue. The GPL is mainly concerned about copying, distribution, and modification, while patents focus more on production (and in the case of software, running it). I wonder if this means that you can modify and distribute it, but you can't run it. ;-)
Note also that the GPL *does* make an exception for patented software:
If the distribution and/or use of the Program is restricted in certain countries either by patents or by copyrighted interfaces, the original copyright holder who places the Program under this License may add an explicit geographical distribution limitation excluding those countries, so that distribution is permitted only in or among countries not thus excluded. In such case, this License incorporates the limitation as if written in the body of this License.
But it's too much lawyer speak for me to figure out what the rights are if you merge in patented software.

-- Abigail

Re:Patented technology in the kernel?

[Sangui5]

I think that the way it works is that if you use a patented technique in a mod to the kernel, either it must be royalty-free for derivitive copies (when you distribute the mod and other people redistribute it), or you must not distribute it at all. So by licencing a copy of licence to the NSA with their patented modifications, they revoke to right to charge the NSA a royalty, and they cannot charge anybody that the NSA redistributes it to a royalty. But, since the NSA isn't very likely to redistribute it, they don't have to worry.

On the other hand, if the NSA does decide to redistribute it, they cannot restrict the NSA's redistribution without violating the GPL. The claus quoted above is for things like PGP, which are royalty free in every country besides the US. Technically, if a person in, say, Germany, uses the RSA cryptosystem in a GPL-ed project, they cannot distributed it to the US, and they may place a limit in the licence forbidding redistribution to the US. But if RSA licenced something under the GPL in the US, then they can't charge a royalty for copies/mods of it.

I'd highly recommend that everybody just sit down and read the text of the GPL slooowly several times. It's really interesting the provisions that are built into it to prevent a contractual paradox.

Pre-emptive strike against cluelessness

[FascDot+Killed+My+Pr]

Remember, the GPL only requires you to give source to people you give binaries to. If Secure Computing only gives binaries to the NSA, there is no reason they need to give source to Linus.
---

Re:Pre-emptive strike against cluelessness

[eel]

As far as them relecing the source I can't help but remember a case about a compiler and telnet. Wondering if they have some sort of nasty way like that of putting a back door in the encryiption without letting on.

Re:Pre-emptive strike against cluelessness

[ajakk]

That is not how I read the GPL. Section 2:

2. You may modify your copy or copies of the Program or any portion of it, thus forming a work based on the Program, and copy and distribute such modifications or work under the terms of Section 1 above, provided that you also meet all of these conditions:


a) You must cause the modified files to carry prominent notices stating that you changed the files and the date of any change.

b) You must cause any work that you distribute or publish, that in whole or in part contains or is derived from the Program or any part thereof, to be licensed as a whole at no charge to all third parties under the terms of this License.

c) If the modified program normally reads commands interactively when run, you must cause it, when started running for such interactive use in the most ordinary way, to print or display an announcement including an appropriate copyright notice and a notice that there is no warranty (or else, saying that you provide a warranty) and that users may redistribute the program under these conditions, and telling the user how to view a copy of this License. (Exception: if the Program itself is interactive but does not normally print such an announcement, your work based on the Program is not required to print an announcement.)

These requirements apply to the modified work as a whole. If identifiable sections of that work are not derived from the Program, and can be reasonably considered independent and separate works in themselves, then this License, and its terms, do not apply to those sections when you distribute them as separate works. But when you distribute the same sections as part of a whole which is a work based on the Program, the distribution of the whole must be on the terms of this License, whose permissions for other licensees extend to the entire whole, and thus to each and every part regardless of who wrote it.

Section 2B specifically says if you modify a GPL program, than you must make your modifications available to all third parties. That means if they modify the kernel, then they have to give all of their modifications back.

Unfortunately, no one here knows how their product works, so we cannot say what parts of Linux it might modify.

Re:Pre-emptive strike against cluelessness

[RocketJeff]

Section 2B specifically says if you modify a GPL program, than you must make your modifications available to all third parties. That means if they modify the kernel, then they have to give all of their modifications back.

They have to give the source to the third party. The GPL refers to the 'third party' as those people you give the binary to, not the entire world. Even though most people release their GPL'd program/source to anyone who wants it, this isn't a requirement. You (or the NSA)could decide to not distribute your (their) binaries to a GPL'd program - therefore you don't have to give anyone the source.

If you give the binary to someone, you have to give/make available the source too. They (the people you gave it to) can distribute it however they see fit (you can't restrict them).

Re:Pre-emptive strike against cluelessness

[mochaone]

You may modify your copy or copies of the Program or any portion of it, thus forming a work based on the Program, and copy and distribute such modifications or work...

Without trying to sound like Bill Clinton, I guess it all boils down to what the definition of distribution is. Is a modified kernel that is only used by one entity considered a distribution?

Re:Pre-emptive strike against cluelessness

[mochaone]

let's try that again.



You may modify your copy or copies of the Program or any portion of it, thus forming a work based on
the Program, and copy and distribute such modifications or work...

Without trying to sound like Bill Clinton, I guess it all boils down to what the definition of distribution is. Is
a modified kernel that is only used by one entity considered a distribution?

Re:Pre-emptive strike against cluelessness

[QuMa]

Actually, it was login, not telnet...

Re:Pre-emptive strike against cluelessness

[eel]

corect, but how does that effect the point? Or would you like to take a stab at my spelling while you are at it?

Re:Pre-emptive strike against cluelessness

[Wah]

Is a modified kernel that is only used by one entity considered a distribution?

no. If you don't put it "in the wild" then there's no one to ask for source. If you keep it in-house, everyone who uses it will have access. My guess is that the NSA will keep their verison VERY MUCH in-house. The way I read the GPL (for this topic) is that if there is no one to complain about not having the source for their binaries (as the case would be here) then there is no violation.

Anybody else see similarities between this story and the other "hoax" stories about a certain country that now controls the Panama Canal doing the same thing?

Re:Pre-emptive strike against cluelessness

[Tower]

or I could stab at your grammar: affect, not effect is proper here... :-P
(you *did* ask for it, you know)

Re:Pre-emptive strike against cluelessness

[nevets]

Back in March, I talked to RMS himself on this very topic. And the original poster is correct. RMS stated that he is concerned that those that receive software have the same rights to that software (because they bought it or what not) as the one that gave it to them. If I wrote software for you, then you must have the same rights to sell that or give it away as I did. So, my take from this, is that you must give (not restrict) the rights to those that you distribute it to. If you only distribute it to one person, or company, than that person/company doesn't want to give it away, then noone has to.

I mentioned the way I do business with my company, to RMS. We sell software to our customer (usually the government) and we give them the source and the rights to modify that source (just like GPL) but they don't in turn give it to anyone else, although we don't restrict them from doing so. He told me that, that is custom programming and he has nothing against it. The GPL would not affect that at all, except if the government wanted to imposed their own license.

So, in theory, you can have a little club of people that have some modification of the Linux kernel that no one else can see. But all it takes is one person to give it away to anyone to destroy that. The club cannot (under GPL) restrict anyone from doing so.

Steven Rostedt

Re:Pre-emptive strike against cluelessness

[Weezul]

So, in theory, you can have a little club of people that have some modification of the Linux kernel that no one else can see. But all it takes is one person to give it away to anyone to destroy that. The club cannot (under GPL) restrict anyone from doing so.

Correct..

Legally the way it would work is: If someone starts selling NSA/Linux then they will be required to give away the source, but the NSA could try and stop them from selling NSA/Linux.. and it would be a big fight. Unfortunatly, OSS would probable loose to the NSA in a legal battle over the GPL.. national security and all that crap. On the other hand the NSA knows what kind of contract they are getting into now.

The real question is further restricted distribution, i.e. the NSA giving the NSA/Linux source to a contractor grants the contractor distribution rights. National security can will probable trump this in hind sight, but we might be able to force the NSA not to give it to contractors without distribution rights in the first place.. via the GPL.

Interpretation: Do not try and use the GPL to trck the NSA into giving away stuff, but do use it to push them into giving it away in the first place.

Jeff

Re:Pre-emptive strike against cluelessness

[nevets]

If someone starts selling NSA/Linux then they will be required to give away the source,

Now the question is: how did this someone get the source in the first place. Do you mean someone employeed? What does the GPL think of "companies" comparied to people. (this is something I have to discuss with RMS the next time I see him). Is an employee one that gets the distribution or is it the company. I was purposely vague in my previous post, because I really don't know. It seems that an employee is not "given" software, but is told to just use it. That's because the software is "owned" by the company, thus the license is for the company and not the employees.

So if an employee gives out the software, is that employee violating laws? Could they be considered "stealing"? Thus unless one of the companies gives it away, I guess the NSA would have a case against the distribution, since no one of legal authority started the distributing of the software.

the NSA giving the NSA/Linux source to a contractor grants the contractor distribution rights

Another question: If I have GPL code, and need to hire someone to maintain it. Do I have to "give" them the code. Or can they just use it (like the employee above) and not be given it. The contractor (and employee) don't have to pay/buy the software. Is it "distributing" if you just hand the code over for service. Although, the license talks about ditribution even without fee, it is unclear if you need to distribute software if you need to have it serviced.

I really don't see this against the philosophy of GNU, since the one that has the code is still the customer, and not the vendor. This is another point I need to bring up.

Steven Rostedt

Re:Pre-emptive strike against cluelessness

[eel]

Not that it maters, and yes I did ask for it, but that was a spelling mistake not a gramer one. Corect word, incorect spelling. Oh well I guess it is back to grade school for me.^x

Re:Pre-emptive strike against cluelessness

[Far�]

Be careful about what you say about contractors. The license is personal; it doesn't apply to "companies". If any employee or contractor is given a binary, then the same employee or contractor is also given the sources (or rights thereof), with license to modify, copy, distribute. And the company has no right whatsoever to prevent the employee or contractor to republish the modified sources, or else, it is itself in breach of the license. So that yes, if everyone in that company is happy and friendly and agrees, then the sources won't go out of the company; but if anyone in the company who was handed the software decides to republish it, then there it goes.

Conclusion: the "company" (i.e. its managers) doesn't decide. The people in the company individually decide, possibly but not necessarily in mutual consent. That is freedom.

-- Faré @ TUNES.org

Re:Pre-emptive strike against cluelessness

[ariux]

"you" is the licensee (sec. 0); "all third parties" is everyone else in the world, not just those who receive the software.

This means:
If you change a GPL'd thing, you must "license" it to the rest of the world (giving them your same rights to it if they can get at it), but you don't have to actually give it to them.

Of the people you choose to give it to, you can't give them binaries without source.

-----------------

I figure the NSA thinks it'd be good for national security if the nation's comptuer infrastructure wasn't full of simple-minded security holes. They're going to develop this and release it free to the public.

Re:Pre-emptive strike against cluelessness

[IntlHarvester]

Hmmm, I see nothing in the GPL which implies that the "You" is a person and not a company or organisation. If the NSA is the licencee of GPL software, it would seem that they as an organization are responsible for following the terms. Letting employees use the software doesn't seem like "distribution" (at least not in the normal sense used in software licences.)

But even if you are correct, most employees have employment agreements dictating what they can do with intellectual property owned by the company. So while they may have the right to redistribute under the GPL, they probaby don't have that right as an employee. With the NSA, such employment agreements have the force of law behind them -- making any internal NSA practice or product public probably carries a very long prison term (even when doing so might be legal in the private sector).
--

Re:Pre-emptive strike against cluelessness

[QuMa]

I just like to be right. I'll have a look at your spelling later. :-)

Re:Pre-emptive strike against cluelessness

[xruinerx]

Even ignoring the legalities of the GPL, there is also the Freedom of Information Act. I know that this has been used to gather information from the government on HREF/Tempest monitoring. A quick search lead me to the ACLU's site on the FOIA.
One of the qualifications for releasing information listed was:

"Internal manuals written for the agency's staff that affect members of the public"
Sounds like we could at least get the instructions.

This document ( http://www.aclu.org/library/foia.html ) did just parse the actual act, and I did not look at the origional to see what all the conditions were that could qualify the source for release. The first exemption in the FOIA is national security, and trade secrets is another. Both of these could to defend against release.

Re:Pre-emptive strike against cluelessness

[xyz123]

You are probably referring to the classic story of Ken Thompson's backdoor involving the C compiler and the login program (not telnet). In this case, the backdoor was in the binaries, not in the source. So if you fear the NSA's binaries, just recompile from their source with your "pristine" GCC from your RedHat CD, or use the C compiler you wrote in ML for Compilers 101 for bootstrapping GCC. Depends just on how paranoid you are.

Re:Pre-emptive strike against cluelessness

[dillon_rinker]

National security can will probable trump this...

Yup. That's a real bugaboo. If NSA says don't distribute the source under penaalty of treason, that would be a Bad Thing...

Re:Pre-emptive strike against cluelessness

[Maserati]

You're thinking of a compiler and login

They should use OpenBSD

[Mr.+Grinch]

first off why not OpenDSD. Could it be come licencing thing. Some one needs to make sure that they release there code changes back into the public. Any one email the company or the NSA and get any response?

Re:First!

[JustShootMe]

I think this is particularly good news, even though there are probably going to be some licensing issues to work out.

This is another feather in the cap of linux as a commercially viable Operating System. I think it will give additional credibility to Linux in the business world, as well as provide further incentive for the government to replace their commercial machines with open-source equivalents. Think about it.. I think this is at least B2-grade (correct me if I'm wrong), and windows has a hard enough time reaching C2...

It would, of course, be the best if the code modifications were released as open source... we all know by now that "security by obscurity" is a really bad way to go... and if they make patches directly to the kernel they have to release them under the GPL. Unless, of course, the government decides it's a matter of "national security", in which the normal rules don't apply.

If you can't figure out how to mail me, don't.

GPL Considerations

[Hrunting]

If the NSA were to develop this in-house, which they have every right to do, then I wouldn't think they are contractually obligated to release any of the updated source code to the general public. However, if they're commissioning another company to do this, then that company is essentially selling the new version of Linux to the NSA and then, by the GPL, aren't they required to make that source code somehow available for free? My understanding of the GPL may be fuzzy, but if I remember correctly, they have to make kernel changes (which I would assume that this would probably require) available. Does anyone have details on exactly how 'Type Enforcement' works, and whether it takes any kernel changes to implement?

Of course, if they can do it without kernel changes, the point's moot.

Re:GPL Considerations

[seth_hartbecke]

I believe that you can have closed source kernel modules (As they can be viewed as seperate "programs", just like how you can have closed source run with open libs).

However, if they were to changes to the kernel itself, then it would have to be opened.

Re:GPL Considerations

[butocabra]

The press release notes that their changes modify the kernel for maximum security.

Re:GPL Considerations

[Demona]

It'd be scary to see this end up as the test case that decides whether the GPL can be enforced. Bad enough going up against a corporation in court; worse yet when your adversary can simply rattle the voodoo doll of sovereign immunity or national security. (A nation is secure when its people are secure; any group only exists to the extent that it is made up of individuals, and can have no more rights than the individual constituents.)

Re:GPL Considerations

[redelm]

IANAL but yes, contractors working on GPL have to release source code, but only to those to whom they've sent binaries. And they can't encumber the NSA from further copying/publishing it. But NSA might not want to.

But nothing in the GPL says the contractor has to release it to anyone else. The GPL is privacy-friendly: no-one is obligated to publish modifications. But once they are published, source must accompany it, and copying cannot be restricted.

-- Robert

Re:GPL Considerations

Does anyone have details on exactly how 'Type Enforcement' works, and whether it takes any kernel changes to implement?

Type Enforcement is some really good stuff. I was a former employee of Secure Computing and got a little bit of exposure to it.

Basically it adds a "type" permission, in addition to the normal user.group permissions.

How this would work would be as follows:

For example for mail, you might create a smtp type, and associate a directory structure containing sendmail and all mail files, all with type smtp.

If someone finds a hole in sendmail and gets root access, they can only do things associated with type smtp even though they are root. Ideally you would also chroot that directory eliminating access to the other directory structures even though it isn't really required.

There are required kernel changes, and it was originally done with BSDi.

Two of SCC's firewalls have TE in it, Sidewinder and SecureZone. It's no surprise the NSA like SCC as they use Sidewinder firewalls and helped with the design of it.

Gratuitous comment re. security levels

[timothy]

Someone please illuminate me, but isn't it true that Windows NT is only certified "secure" when *not* connected to a network. NOw, I think that's DOD, not NSA, but still ...

Will the Secure Linux be OK'd for little unimportant things like ... being connected to a network? :)

timothy

Re:Gratuitous comment re. security levels

[MTO]

The specifics as I remember it are: NT 3.1 (not 4) is C2 secure rated when not connected to a network, on approved hardware.

The important point about the hardware is that it must be physically secure, so that you can't rip out the harddrive and mount it somewhere else, and it must be configured so that you cannot boot from floppy (which also means that there is a secure bios password).

Presumably, the NSA contract would include certification of the distribution, or else the NSA plans to do a certification of every machine deployed (which makes more sense, IMO. A secure distribution could be opened up through bad system administration.)

Re:Gratuitous comment re. security levels

That is not true anymore (only *not* connected to a network).

yet the paranoid will say "It's for backdoors"

[redelm]

Good for the NSA. I'd much rather see them try to hide any backdoors in open, human readable source than inside unfathomable MS-Windows. Or do they plan on having some "binary only" bits?

Perhaps the NSA realizes that making US computers more secure is better than trying to weaken everybody to help their spying.

-- Robert

Re:yet the paranoid will say "It's for backdoors"

[eel]

telnet, cc, need I say more?

Re:yet the paranoid will say "It's for backdoors"

[Big+Jojo]

Duh. Of course the NSA wants to analyse Linux and know about any backdoors there; how else will it take advantage of them?

... no wait, you were talking about adding backdoors? Never mind. ;-)

By the way ... You may not know that the NSA has a research arm that's distinct from its SIGINT operations (and export control operations, and secure network operations, and ...). One of their ongoing problems has been to get "Commercial, off-the-shelf" (COTS) software to be good enough for use in sensitive systems. Commercial vendors have been unable to meet those requirements, since the market they'd hit is too miniscule. "Trusted Solaris" and so on; always multiple revs behind. And almost always pains in the behind to administer.

Another possible scenario is that the face value here is the right one: they want to see some standard Linux distributions get hardened, so that some real administrators will identify the problems so they can get fixed. And so the government can use more current technology in those sensitive systems ! They've been getting too far behind, and needing training that's too specialized. Linux would seem to have the potential of hosting a great fix!

Re:yet the paranoid will say "It's for backdoors"

[Jonathan+the+Nerd]

telnet, cc, need I say more?

If you're really that paranoid about backdoors, you can use gdb to see what the binaries are actually doing. Or better yet, just don't use the NSA's Linux. There's no way they can put a backdoor in all versions of Linux, as there is no one single distributor, unlike some other operating systems I could name.

Re:yet the paranoid will say "It's for backdoors"

[redelm]

Yes, it's quite likely the NSA is _behind_ the curve here, and wants to use Linux to catch up.

There is a cost for protection and worry. So it is very possible to be over secure. I doubt the NSA understands this. They didn't 10-15 years ago with the Soviet Union.

-- Robert

Open Source or Commercial Add-On ?

[LabWeasel]

From the article, it sounds like NSA is "simply" contracting to have a commercial product using already patented technology ported to Linux, rather than contributing Open Source security tools. Even if that's the case, improved non-open-source tools may stimulate the development of open-source equivalents, as illustrated by the excellent OpenSSH project.

A good thing, all in all...

[JustShootMe]

I think this is particularly good news, even though there are probably going to be some licensing issues to work out.

This is another feather in the cap of linux as a commercially viable Operating System. I think it will give additional credibility to Linux in the business world, as well as provide further incentive for the government to replace their commercial machines with open-source equivalents. Think about it.. I think this is at least B2-grade (correct me if I'm wrong), and windows has a hard enough time reaching C2...

It would, of course, be the best if the code modifications were released as open source... we all know by now that "security by obscurity" is a really bad way to go... and if they make patches directly to the kernel they have to release them under the GPL. Unless, of course, the government decides it's a matter of "national security", in which the normal rules don't apply.

If you can't figure out how to mail me, don't.

Someone's on Crack...

[Greyfox]

Why would the NSA do this? Any changes that they make to the kernel and surrounding source will have to be released as open source unless they think they can successfully challenge the GPL in court. This would be high profile enough that I'd expect to see one of the new linux startups go after them if they try any funny stuff.

Besides, if they want a secure UNIX, why wouldn't they go with DG/UX, which has already been rated at B2 and E2 in the USA and the UK. It runs on Intel platforms too, and would take a lot less work to get to whatever level of security they want with a lot less potential legal hassles than if they tried to build on Linux.

And somehow I don't see them willingly releasing anything as Open Source. That's just not like them.

Re:Someone's on Crack...

[mochaone]

Any changes that they make to the kernel and surrounding source will have to be released as open source unless they think they can successfully challenge the GPL in court.

Not if they only plan to release it inhouse. If they're not releasing a commercial distribution they're free to do with it as they see fit.

Re:Someone's on Crack...

[eel]

It is very easy to defeat the GPL if they are the only ones that are going to use it. All they have to do is say "Changes, what changes? We did not make any changes." Or do you think that thees guys are not capable of lying? Now that whe know about the NSA, who is in charge?

IPO

[horsie]

Will this pave the way for an NSA-Linux IPO? ;-)

Re:IPO

[Signal+11]

Sure, but you must deny all knowledge of ownership of the shares. Further, the shares themselves do not exist. That's right, even though you have those shares, you don't. Also, a large truck will not be positioned outside your house and won't be listening in on all your phone calls to not ensure that you do not leak information about the not-to-be-happening NSA IPO.

This message will now self-destruct and be -1'd by our NSA-employed moderators as slashnull - the site that doesn't exist talking about an IPO that doesn't exist. God I love plausible deniability.

Re:IPO

[sjames]

I imagine they'll have no trouble with the quiet period.

Wow

[Foogle]

I actually just talked to these guys on the phone today, regarding performing a security audit of our company. They're really with-it, especially about Open Source stuff. The NSA has been running their software for years now, and now they're moving towards Linux and OpenBSD.

-----------

"You can't shake the Devil's hand and say you're only kidding."

Re:Wow

[Foogle]

Hehe, sometimes it feels that way -- Seriously, I'm a software developer/system administrator at a small company in Carver, MA. I'm also a student at UMass Boston (in theory anyway).

-----------

"You can't shake the Devil's hand and say you're only kidding."

Re:Wow

Having worked with secure computing and their products for several years, I can only say that if they are with it boy are we in trouble. Secure Computing is the most dishonest company I have ever seen. They've produced more vaporware over the years than Microsoft themselves and stabbed their customers, partners in the back beyond belief.

Re:Wow

[Foogle]

Hmm, think you could give me some more info there? Otherwise, my boss is about to give them the "go ahead" to perform a $15,000 security audit. We're a small company, and that's a lot to spend if we're just getting fleeced.

-----------

"You can't shake the Devil's hand and say you're only kidding."

Re:Wow

[MindStalker]

Well according to this guy tbey reciently changed management and are on the up and up now. But personally I'd hire L0ft

Re:Wow

[Foogle]

Funny you should mention l0pht. I actually tried to contact their new company @Stake, but they haven't returned my calls. I imagine that's either because 1) they're incompetent (unlikely) or 2) they're swamped because of all the hoopla around their new business -- either way, it's not getting me an audit anytime soon.

-----------

"You can't shake the Devil's hand and say you're only kidding."

Re:wow

[ricksmith]

I am in the process of implementing this for linux right now... I was working from the 1996 TIS papers on "DTE" (domain and type enforcement), and saw (well, noticed) no mentions of patents.

Previous management at Secure went through this phase of trademarking technical terms. TIS came up with "DTE" as so their research folks could work on similar concepts without getting into lawyer wars. The government has some sort of license for using Type Enforcement, and TIS was doing lots of government work.

Re:Riiight. (my thoughts exactly, OpenBSD)

[GMontag]

I *thought* anything Linux now runs under all of the *BSDs, unless I am wrong, there is no reason not to just use OpenBSD for any application you would use "secure" Linux.

Besides, *BSD even supports USB now for even more gadget connectivity.

Because theo is a loose cannon.

Because theo is a loose cannon. Ask the NetBSD folx.
-russ

Sounds an awful lot like capabilities to me

[Eric+Seppanen]

Their "Patented Type Enforcement Security" described here sounds an awful lot like the capabilities support already under development for the linux kernel.

The scope of the "type enforcement" implies it would have to be done in the linux kernel. If so, there's going to be a serious licensing question here because there's no way that kind of change can be put in a module.
--

Its a ploy

[SlashDread]

Their just out to smoke screen obfuscurate the OS community to hide the fact they have quantum code breaking machenis which will break ány exsisting crypto. Better yet, by submitting inferior crypto, you hold back development of better stuff.

Greats SlashDread
Proof to me, their NOT out to get me

if you can't beat 'em, join 'em

[sethg]

The latest draft of the US cryptography-export regulations let you post open-source crypto software without any government review or license; all you need to do is send the government the URL where it can be downloaded. These regulations are scheduled to go into effect tomorrow.

As Michael H. Warfield points out in this linux-kernel message, it's a golden opportunity to get IPSEC into the 2.4 kernel, and US-based Linux distributors can now bundle PGP, SSH, etc., with their next versions.

Maybe the spooks (or at least, the spook-meisters) are doing a 180 turn on how to deal with cryptography distribution, from "don't let anyone else have it" to "if everyone else has it, we want it, too".
--
"But, Mulder, the new millennium doesn't begin until January 2001."

Re:if you can't beat 'em, join 'em

[xant]

Wow, now I know who the US considers its enemies: Iran, Iraq, Libya, Cuba, Sudan, North Korea.

They really ought not to hard-code these countries though. What happens when they change down the road? This legislation ought to read something along the lines of

You may not knowingly export or re-export source code or products developed with this source code to $US_ENEMIES.

what a crock

[bsDaemon]

whata great idea! let's all go out and buy someting 'secure' from a government trying to take away our freedoms! then after that we can all have tea with Castro! grr...this is a load of BS. i bet the only reason the NSA is doing this is to take advantage of the popularity of linux and the fact most people are stupid and 'phear' NetBUS to get thousandas of computers with backdoors. not to mention the fact that large amounts of crackers are going to go 'hey! i can break into stuff and wage h4x0r war and no can get l3et0 on my a5$!' thus letting the feds right on into them. as for Linux as a choice if they actualy have good intentions, i suppose it fits as the GPL and the NSA are both devil spawn

not trying to pick a fight...

[kootch]

but if Linux is so secure and hack-proof in a correctly installed system, why should the NSA need an "ultra" secure version of Linux to be created/developed?

why wouldn't they just have some linux guru's monitor the system and close off the trapdoors?

you might call me an idiot, but this seems to be against what all the linux touters out there preech about linux

Re:not trying to pick a fight...

you are an idiot

Re:not trying to pick a fight...

[sethg]

In the standard Unix security model, once an attacker is logged in as root, or gets his/her program to run as root, or exploits a weakness in a program that runs as root ... "game over, man, game over".

According to this summary of Sidewinder's system, the only way you can get this level of access is by booting the "administrative kernel", and when the administrative kernel is running, all network connections are disabled. While running the normal "operational kernel", every process can be restricted to handling certain file types and system calls. This way, for example, your netnews server and FTP server can have administrators who can't access one another files or processes. If, say, a Belgian spy compromises your netnews administrator's account, the spy still couldn't send out anything over FTP.
--
"But, Mulder, the new millennium doesn't begin until January 2001."

government

[ArchieBunker]

Probably because openbsd is from canada. Don't forget this is the US government we're talking about. An elephant is just a mouse designed by a government committee.

Actually, they DON'T have to defeat the GPL

[Mahy]

At least for tools that will be used to preserve "national security" and won't be sold commercially, the government can get around copyright, patent and licensing issues.

I have a friend who's father consulted for the government. They developed a portable Gas Chromatograph setup, with lots of bells and whistles, to help them detect the production of biological and gas weapons. They used patented and copyrighted technology from about 3 or 4 commercial products, and did not have to pay any licenses, or even consult with the companies that held these patents/copyrights.

Better link to "Type Enforcement"

[Eric+Seppanen]

grr. frames.

The correct link is here
--

MODERATE THIS UP!!!

[autechre]

This is entirely correct. If you want to modify the kernal, and keep your modifications to yourself, no one can break into your house and force you to help out your neighbor :)

HOWEVER, if they do release the binaries, then they'd be obligated to release the source as well; though, this would be assuming that the NSA has to not break the law...

Also, as someone else pointed out, if they contract this work out to a 3rd party, that party must provide NSA (and whoever else they sell this to, or allow to obtain binaries) with the full source code.

Re:MODERATE THIS UP!!!

[roguebfl]

Umm given they don't need to iver out the soures if the doing give out the binaries either. But isther another law the say they can just invoke 'National Security'?

being a non lawyer i belive NSA would probably claim NS takes presdense of GSL

Government versus the People

[dattaway]

When does the government get off on patenting technology? We pay the taxes, now it wants to exclude us and maximize its profits? Damn, I always knew the US government is the world's biggest business.

Re:Government versus the People

[BeBoxer]

Re-read the article carefully. The patents are held by Secure Computing, who is doing the work. The NSA is merely buying a product that includes patented technology. No more, no less.

Looking for Answers

[SgtPepper]

I emailed the Goverment Contracts divison of Secure Computing to see how they would handle the different restrictions the GPL places on them, the address is govt@securecomputing.com, by the way, baring them being under some kind of "non-disclosure" agreement i hope to get an answer soon....short of that, any body know of a public-relations email for the NSA? Comeon people, don't just sit there, get involved!

Right. Jihad...

[dr_labrat]

Um, I can see it all happening:

Why not BSD?
GPL violations!

Waaagh.

I think people are missing the point.

Yes, we know BSD is more secure.
Unfortunately it is less popular. I know this doesn't justify it being "overlooked", but it meas it will be to an extent.

It makes sense to go for linux for a couple of reasons:

Popularity==more coders have developed it.
Poplularity==more people are likely to knwo how to use it.

However the most important point is that a SECURE version of linux is being created.

OK so it'll probably have more NSA backdoors in it than a M$ prosuct has bugs (and NSA backdoors), but as the GPL states:

You have to release the fucking source.

---or something..

This will only be of benefit. It can't hurt people, (except those with a chip on their shoulders)....

Re:Right. Jihad...

[eel]

Two words: spagetti code

Re:Right. Jihad...

[mochaone]

Yes, we know BSD is more secure.

Which one? Other than cute,anecdotal stories, what is your proof? I wonder if you've even used "BSD". Sorry for being cynical, but I grow weary of "experts" who do nothing but regurgitate what they hear in newsgroups or slashdot without supplying links to corroborate their statements.

Re:Right. Jihad...

[Jonathan+the+Nerd]

IIRC, I think the GPL prohibits deliberately obfusctating source code. I may be mistaken, though.

Re:Right. Jihad...

Well you could always check bugtrack, rootshell, etc. and see for yourself. Ultimately, security is the job of the sysadmin. As a sysadmin, I prefer OpenBSD because it makes my job easier.

Re:Right. Jihad...

[Ronin+X]

Two words: spell check

Turn the daughters of the NSA to stone

I'm sure some of the NSA agents have cute teenage daughters.

You know what to do...

Re:Turn the daughters of the NSA to stone

Pour hot grits down their pants?

A rewrite of protection domains??

[Rotten]

I don't get it...as described in their page...
The called "Patented Type Enforcement Security" is just a re-implementation of protection domains...
So, what's new about it? and how is it going to make "EVERYTHING" secure??
AFAIK, the whole idea of protection domains is to make "programs" run in it's enviroment without screwing the next door's process...(some toy OS forget this issue).
But this doesn't mean that nobody will find it's way into the server, in whatever protection domain he/she gained acces and screw things up anyway...so, where's the ultrasecure thing??? Maybe I'm missing a point...enlighthen me...

SAN JOSE, Calif., Jan. 13 /TrollNewswire/ --

SAN JOSE, Calif., Jan. 13 /TrollNewswire/ -- Flamebait Computing Corporation (Nasdaq: TRLL - news), today announced that it has been awarded a sole source contract by the National Troll Agency (NTA) to develop a naked Natalie Portman Operating System (OS). This contract calls for Flamebait Computing to apply its patented Troll Enforcement(TM) technology, to develop a petrified and naked Natalie platform. This award furthers the goal of Flamebait to pursue and acquire contracts that will provide enabling hot grits technologies to both the Federal government infrastructure as well as commercial electronic trolling applications.

The NTA is Slashdots Meeept-technology blowchunks organization that ensures unimportant and insensitive flamebait post activities in the Andover Slashdot community are protected from exploitation through interception, unauthorized moderation, or related non-technical unintelligent threads.

Flamebait Computing's patented Open Source Drew Barrymore technology provides off-topic security protection that is unique to the industry. This technology, first petrified under previous government contracts, is available today as part of the *NIX OS for Flamebait Computing's PostmastahMick(TM) firewall. Troll Enforcement un-secures underlying operating systems and does not protect closed source applications or Llamadot services, by segmenting them into -1 Redundant domains. Each -1 Redundant domain is moderated down to troll only on specific account types, including off-topic posts. As such, each -1 Redundant domain provides a self-contained, excrement layer of protection that cannot be altered. Implementing Troll Enforcement within the operating system itself provides assurance that the highest level of troll activity available in commercial threaded sites.

.

Trollmastah

Re:SAN JOSE, Calif., Jan. 13 /TrollNewswire/ --

don't you have homework to do?

Patents vs GPL

[Terao]

Is it alowed to take the implementation of their patented "Type enforcment" from the source and put it in my some other GPL:ed program or would thar be a violation of their patent? What about if someone sold the program and sold support for it?

A rewrite of protection domains??

[Rotten]

I don't get it...as described in their page...
The called "Patented Type Enforcement Security" is just a re-implementation of protection domains...
So, what's new about it? and how is it going to make "EVERYTHING" secure??
AFAIK, the whole idea of protection domains is to make "programs" run in it's enviroment without screwing the next door's process...(some toy OS forget this issue).
But this doesn't mean that nobody will find it's way into the server, in whatever protection domain he/she gained acces and screw things up anyway...so, where's the ultrasecure thing about this???

Only if they distribute

[RocketJeff]

Under the GPL, you only have to distribute source to the people/company/etc that you distribute the binary to. You can make a fantastic modification to the Linux kernel, but you can keep it totally to yourself (or your company).

If you give this kernel to another person, you have to give/make available the source to them (but not necessarly anyone else). Besause of the GPL, you can't keep them from giving it to the world.

If the NSA keeps this as an 'in house' system, they don't have to give the source to anyone.

Irresistable force meeting immovable object?

[TrentC]

Without trying to sound like one of the snickering "so is the NSA going to GPL their changes?" crowd, I'd like to point out that I think it's actually a really good question.

Now, obviously if the changes made for security purposes were going to be made for their own in-house use, there's not necessarily going to be a GPL conflict. (You aren't required to distribute source changes to people who aren't using the product, are you?)

If they're talking about marketing a "secure Linux" product while chanting the "security through obscurity" mantra and refusing to release the source for their changes (assuming they don't simply slap a pile of closed-source packages on top of the kernel), then one of two things is going to happen in a court battle:

* The verdict is that any changes to the Linux kernel and any included GPLed programs have to be made available. Best-case scenario for free software advocates (and everyone else, in my opinion).

* For some yet-to-be-known reason, the courts declare the relevant provisions of the GPL to be invalid. I personally can't think of a reason why they would do this, though I would suspect they'll try to invoke "reasons of national security" or intellectual-property rights.

So I guess my question is:

If, for some reason a court would declare the GPL invalid, in whole or in part, what would this mean to Linux and the rest of the free software community?

Jay (=

The end of Linux as we know it?

Will Linus Torvalds or Alan Cox suddenly die of a heart attack if they refuse to implement NSA's backdoors into the kernel?

Licencing thoughts and issues

[jd]

At first, I couldn't understand why the NSA would want to do this. Linux is GPLed, and they'd have to make any changes public.

Then I remembered a previous GPL argument, when a company had made -internal- changes and did NOT have to make the changes public, as the GPL does NOT cover these.

The NSA version would fall into the same category, I suspect, with contractors deemed a part of the same organisation, as far as the GPL is concerned. Always assuming the contractor developed any of the secret stuff. The NSA has more than enough top people to code that part themselves, just to make sure there isn't a GPL conflict.

Then, I wondered why they didn't branch off from OpenBSD. That's already mostly secure, there's a good base to work from, and it's stabilty is phenominal. Then I realised. They've probably already GOT ultra-secure versions of OpenBSD for PC-based, single-processor servers, but Linux isn't just for PC's or just for one processor.

If you want a lightweight system that'll run on embedded devices (such as wiretaps), massive-scale multi-processor devices (such as extreme number-crunchers eg: code-crackers, etc), or obsolete hardware (such as stacks of IBM S/390's) then Linux is the one to go for. It's ideal for such functions and such platforms. OpenBSD, etc, would require too much work to make them both multi-processor and multi-platform -enough- to be useful in a meaningful timeframe.

This isn't to start any kind of flame-war, but I'm sure OpenBSD is used in it's primary environment (because it's GOOD), and Linux is going to be used everywhere else (because it's GOOD -and- THERE.)

Re:Licencing thoughts and issues

[anth]

They've probably already GOT ultra-secure versions of OpenBSD for PC-based, single-processor servers, but Linux isn't just for PC's or just for one processor.

While Linux has support for a wider range of the devices that are attached to PCs, OpenBSD runs on a lot more platforms. It is closely related to NetBSD, the primary focus of which is portability.

See http://www.openbsd.org/plat.html for details.

Re:Licencing thoughts and issues

[Eck]

Hm. Linux may be getting ported to more (modern) platforms, but one of the attractions for OpenBSD for me has been that it will run on my MIPS R3000 based DEC workstations. There's no Linux port (likely ever -- it would be pointless).

So I'd never have asserted that Linux is available on more platforms than OpenBSD.

NSA and Linux -- back a long way....

Ever done a search of the Linux kernel tree? The ethernet drivers were written by Becker working for CEDIS (sub to NASA), but were copyrighted USG as represented by the Director of the NSA! Why the NSA if the work was for NASA?

Grep /usr/src/linux/drivers/net/znet.c...

Linux makes a whole lot of sense for NSA as it is stable, free, and runs beowulf quite well. Beowulf maybe to crack codes?

Anyone seen someone from NSA at a Linux meeting (DOD?)?

NT only made C2 when NOT on a network, and there may have been some funny stuff going on. B2 is needed for multi-level security stuff (secret, confidential, and unclassified on the same machine). Does this code provide B2.

As for GPL, they would only have to release their patches to ones using their code -- so long as it is inhouse, they don't have to release it. OGA could use it too, but the OGA would have to be able to get the code. They could even make the patches classified and no one outside their sphere would have access, GPL or no GPL.

Patriot

[Signal+11]

Man, talk about a version conflict...

=================================
ERROR 10948:
Red Flag Linux detected. You did
not see this error, and troops have
been dispatched to your location, you
filthy traitor. Remain seated and your
death shall be quick and painless.
=================================
-- RED, WHITE, AND BLUE FLAG LINUX

"Yes, we're developing a distribution.. but if we told you anything more we'd have to kill you (and the binaries)."

4:Interesting

Comments like this qualify for segfault's news & satire...
Only some idiot can moderate this down...c'mon fun comments have been part of ./ since it's beggining!

Re:4:Interesting

hi trollmasta, we know this is you trying to pump up your post. you're so gay you probably even have your friends moderate your posts up. what a faggot you are.

Actually they don't allow that

[tilly]

Read more closely. They allow you to post the source-code. The binaries appear to be another kettle of fish...

Take a look at a longer description that I got from Frank Hecker in email.

Cheers,
Ben

Distribute, Publish are the key

[autechre]

If I modify the Linux kernel so that it works with a PCI card that I built in my basement, am I required to give people the source?

NO.

However, if I modify the Linux kernel and give it or sell it to other people, THEN I have to give them the full source along with that. There's no rule that says I have to share--I can keep my modifications to myself, as long as I don't give anyone the binary, either.

Of course, it would be Really Nice of them...

all third parties... under the license

[MattMann]

I'm not 100% convinced by your interpretation. It says "all third parties under the license" IANAL, but it occurs to me that it might mean "all third parties to whom you have given the binaries". Thank you much for doing the legwork to look it up for us, though :)

And while I'm here let me mention something else that just occured to me. Thinking back to Stallman's original complaint about working with software he couldn't get the source too... who are the "parties" that the license is talking about? The GPL will do more of what it is supposed to if "parties" means "end-users" rather than "owners". For example, what if some company is so huge that their employees make up a sizeable market. Those employees ("users") ought to have access to the source, not the "owners" of the computers or the modified GPLed code.

NSA Website aparently Slashdotted

[Cy+Guy]

I haven't been able to get through to their website. Do you think its the slashdot effect? They may get the wrong idea and suspect there is a massive DoS attack going on.

Re:NSA Website aparently Slashdotted

[Ross+C.+Brackett]

"The Communazis and Terrorphiles have launched their distributed cyberwarfare attack against out systems! Give the order to deploy countermeasures!"

"Sir, there's no such thing as countermeasures, or for that matter cyberwarfare."

"Order them to to deploy countermeasures!"

"Sir, I will not give that order!"

Request info regarding licensing obligations

[Nailer]

For those of you with licensing concerns, perhaps you might request that Secure Computing posts, in a public manner, its understanding of how and if it is obligated to release any source code changes. Since they haven't specifically mentioned that they are `publishing' their work, or even any mention of the GPL, this might be a nice way to coax them *without* pre-emtivaly flaming...

http://www.securecomputing.com/C_Cont_FRS.html


http://www.securecomputing.com/C_Cont_FRS.html

Now, I am usually the paranoid one, but

[lifebouy]

It only makes sense if you think about it.
0. They have access to every line of code, so there are no surprises(unlike some OTHER OSes which has problably been burning them from time to time for years.)
1. They are still using an OS with strong features.
2. They can also see the source for every single app they decide to use(or not to use)
3. Now that there are multiple wordprocessing/Office packages out there which are able to handle MS Office's formats, the biggest complaint of all the nay-sayers from within has lost its footing.
From NSA's standpoint, this will finally give them control over the operating system on thier computers. They have probably had this in mind for years and only been waiting for Linux to mature to the point that it was highly useful and definitely beyond the point of losing its momentum. I can only see good in this right now(I have blinders on) because once NSA developes this, all the other branches of govornment will tend to jump on the bandwagon with them. Lets face it: that will only be good for Linux, having all those users in the govt being forced to use Linux at work. Then many will use it at home, too.

Re:Now, I am usually the paranoid one, but

[Matt+Lee]

0. They have access to every line of code, so there are no surprises(unlike some OTHER OSes which has problably been burning them from time to time for years.)

From what I know, the Agency does not understand the phrase "surprise". I'm rather confident (no, I'm pretty damn sure) that NSA has the source code to every OS they use.

Why not?

[spaceorb]

The NSA themselves aren't going to be the ones making changes to Linux, Secure Computing is. The responsibility for releasing modifies code lies with them. Both the NSA and Secure Computing knew the restrictiveness of GPL'd code before they entered into contract together. If they really had a problem with this, they would have went with one of the BSD's.

Probably because OpenBSD lead is NUTZ!

Sending profane emails to your peers just ain't cool. The guy is a loose cannon.

Secure Computing and Linux

[Ledge+Kindred]

From what I understand (I don't use their products directly myself but work with several people who do) "Secure Computing's patented Type Enforcement technology" is basically a variety of a "capabilities" system, which are already under development from a couple of angles on the Linux front. (And in some small part already part of the 2.2 kernels, although it's way beyond my knowledge what, if anything, you can use them for right now.) Not that it wouldn't be A Good Thing to have yet another player in the game, but this technology shouldn't be looked at as anything too ground-shattering.

Secure Computing, from all indications, is probably the best of the major firewall/security vendors to have gotten involved with this sort of project in terms of "with-it-ness" and overall technological knowhow.

This project is probably something Secure Computing themselves were interested in already. Most of their products are run on heavily-modified versions of BSDI 1.x, for which they purchased a source license many years ago, which means they carry along all the baggage of what sort of hardware compatibility that ancient version has, namely very little at this stage in the hardware game. (For example, the last time I was around to help set up a Secure Computing firewall, we had to dig up an old ISA Adaptec 1542 SCSI controller for the box.) I'm sure they were just waiting for one of the FreeOS's to reach a state of stability that they could grab the sources and mod them to work for their own uses. I would guess that they picked Linux over one of the BSD's at this point based on hardware compatibility or market share as opposed to strictly technical reasons since they obviously have people who are very familiar with the BSD kernel on-staff already.

It will be interesting to see what they do with any mods they make to the kernel, since I predict they'll be using their hardened Linux kernel as the base for new product lines in the same manner they're using their hardened BSDI kernel now. Since they'll be shipping binaries to customers, the GPL will require them to also ship source code, unless they manage to figure out how to harden the kernel strictly using modules, which I don't see as possible.

-=-=-=-=-

Old Proverb?

[Ektanoor]

It is interesting to see this news coming out when finally we are seeing US lawmakers trying to ease the use of encryption. So does this means that NSA decided to "if you cannot win them, join them"? Maybe. And that will be funny. Because then we are starting to face Open Source not as an outsider but its opponents. IBM is here (and some IBMers smiled at me a year ago when I said that IBM would join the bandwagon...). Intel, Sun, Apple, AT&T, Cisco are, with some caveats, here. Thousands of companies, corporations and individuals are here. Governments and state institutions are coming into it...

Novell seems on the outside somehow. It started with good intentions but nothing seems to move there. Strange when Noorda's second child, Caldera, is one of the big players. Microsoft seems to make one step further, two steps back all the time since 1998. A few seem to step back into old methods. But the fact is: Open Source is now the main software player.

Re:Old Proverb?

[Kenshiro]

Well, TE != encryption, not even close.

Maybe the NSA _wants_ to release the source

[Christopher+Craig]

Maybe that's the whole point. The NSA isn't just about keeping security out of the hands of Americans. They have for a long time assisted American buisness in keeping their information secure as they regard this as helping national security. If they release an open source secure OS then a lot of researchers are going to be intrested and their intrests in securing American buisness will be furthered.

Re:Maybe the NSA _wants_ to release the source

Moderate this up, please, it is a very good point and would explain why they aren't using OpenBSD.

Re:Maybe the NSA _wants_ to release the source

[vilvoy]

An excellent point. I've been wondering the same thing myself. It really makes sense for the NSA to have an interest in improving computer security in general, not just for themselves. Even if this is freely usable to unfriendly governments and terrorist organizations, it still might be desireable. Even limiting their effectiveness against each other is a good outcome. As an analogy, if you could bomb-proof the whole world, then the bomb makers would have to find something else to do with their time. That the bomb-makers would be protected right along with everyone else doesn't change that.

---
Peace,
vilvoy

Re:Maybe the NSA _wants_ to release the source

[Rovaani]

That would fit their job description:
(from http://www.nsa.gov:8080/isso/progra ms/index.htm).

"We Will:
Be the preferred provider of information systems security solutions. We will provide the leadership, trusted products, and services necessary to protect national security and sensitive information."
From Goal 1, National Cryptologic Strategy For The 21st Century

--
Rovaani

NSA at a Linux conference

I think a techie from NSA was attending the Ottawa Linux Symposium. If I remember well, he even get caught asking suspicious questions at the FreeS/WAN conference. But I may be wrong.

Re:Pre-emptive strike against cluelessness...

[Le+douanier]

The GPL apply to the case somebody modify a GPL'd software and sell it with/without the sources and try to forbid the user to redistribute it further, but I wonder what the GPL would say in this case.
If the NSA asks this company to make a secure Linux and buy it from them they can keep the sources for them but is their a loophole in the GPL allowing the NSA to make them sign a contract not to sell it to anybody else?

I don't say there is such one because I haven't read the GPL inn a long time but I wonder if their is a loophole in the case of the buyer trying to restrict the producer and not the other way around (goal for which the GPL was thought).

Anyone has got a clue???

Best way to fix the monopoly

[ch-chuck]

Not exactly offtopic, but obliquely connected - I've always thought things like this, the govt adopting, deploying, using an OPEN software referance model, would be the best way to solve the MS 'monopoly' problem without resorting to draconian 'break 'em up' or worse measures, kinda like all the technological 'spin off's' we got from the Space Program.

Boojum

Re:Best way to fix the monopoly

[ariux]

I don't think so. Microsoft could have gone on to coerce hardware manufacturers into keeping their specs secret, for example, which would have killed free OS's dead.

Re:Best way to fix the monopoly

Not exactly, hardware manufacturers are interested in selling lots of boards. With government buying free-OS compatible products only any hardware manufacturer would be shooting their foot by keeping specs secret. The only reason MS currently has power to push hardware vendors is because of their fat market share -- which includes plenty of government purchase decisions!

How to make a distribution completely secure

Get your favorite distribution on a CD-ROM. You can secure a Windows CD with this method as well.

Burn the entire CD rom with a blowtorch until it is black and crumbly. Run the entire thing through a coffee grinder until it is dust. Next, make a meatloaf, and add all the ground up dust to it. Eat the meatloaf. Wait a day, then shit the entire thing into the Pacific ocean.

Crackers will see that your distribution is a difficult target and move on to an easier site.

New management == GOOD

I was a former employee of SCC, and I may partially agree with your statement, however that was in the past.

The CEO was a corrupt bugger and inflated the stock price and sold tons of stock.

Now there's a new guy in charge (formerly from Intel who is very well respected) as of last April, and he has been doing an amazing job turning the company around.

Take a look at the stock price today.

Their unix firewalls and authentication products are very good, but have very poor marketing and sales. The NSA and Air Force must like them as that's what they use.

The people I knew that worked in the penetration testing were some of the smartest folks I have ever met.

Re:New management == GOOD

Is this the same Secure Computing where a few employees were trying to take pictures of 2600 meeting goers, but got REALLY got ticked off when someone was trying to take pictures of them?

heh, yeah right

we all know how much these guys follow their charters :)

Re:heh, yeah right

[um...+Lucas]

Can you prove they haven't? Nor can I. Or anyone else. You want them to treat you as "innocent until proven guilty" but won't afford the same protection to them? Yeah, Echelon can exist, just because the capability is there for them to snoop us, who's to say that they really do? Maybe they really do just snoop other countries, and don't want them getting strong crypto for that very reason...

But then, all the conspiracy theorists would have to imagine a new threat.

Re:heh, yeah right

[dev/eth0:]

You're forgetting this is the US government we're talking about -- masters of saying one thing and doing another. =] Who cares what they are "chartered" to do, they work for the gov't; they can do perty much anything while our backs are turned.

Re:heh, yeah right

[mistabobdobalina]

come on. i don't have a link but i think most rational people that follow these things agree that cia operates internal to us

Re:heh, yeah right

[oromme]

Can you prove they haven't? Nor can I. Or anyone else

What many of us can prove is that they have snooped in my country and in many others supporting rigth-handed dictatorships for years, as they recognized in the Pinochet case.
They supported his torturing "government" and now they show files saying his guilty.
I hate politics and politicians but, hey, shure I won't use any NSA secure nothing.
And let's get this clear I'm nor left-handed nor right-handed but the worst thing a "freedom-fighter" can do is what they have done and still do in more subtle ways this days (not supporting govs but companies)

Sorry for the language difficulties. -F

Re:heh, yeah right

[Fjandr]

That right is guaranteed to US citizens, not to the US government. The US government is supposed to be accountable to the citizens that it is there to serve. Saying a large, secret, governmental organization shouldn't get intense scrutiny just because nobody knows what they do is like saying that you shouldn't keep a careful eye on a person wearing a ski mask prowling around your house at midnight. Just because you can't prove he's committed any crimes or has intent to by the situation doesn't mean jack. It's called using common sense. The power is there to be abused. Power-abusers are drawn to this sort of organization, and thus should be watched very closely. Look at any office or organization that comprises the "government." Bet you can't name many where there haven't been major abuses of power. Additionally, those abuses are routinely more flagrant in the executive branch. Anyway, anyone who thinks other countries who want strong crypto won't get it if the US is out of the market are deluding themselves. If those people make up the NSA, I wouldn't trust them. Since that's not likely the case, it's more likely that the government is perfectly happy crippling an entire industy just so that they have a little easier time controlling domestic encryption technologies. I'm just guessing though, because, as you said, nobody knows what the agenda really is.

Re:heh, yeah right

You don't understand Echelon. First off, since the Echelon agreements have been confirmed by the Australian and New Zealand governments, they are not hypothetical. Second, Echelon is explicitly there to give foreign intelligence officials a platform to relay information collected on US citizens to US intelligence agencies and vice versa. This means that US intelligence agencies are evading restrictions on domestic intelligence by using friendly foreign intelligence services as proxies and vice versa.

Re:heh, yeah right

yeah dude, I've seen the X Files. I know how it is brother

NSA Secure Linux web page

This press release doesn't seem consistent with the announcement at http://www.cs.utah.edu/flux/fluke /html/linux.html. That web page indicates that the NSA is developing a secure Linux system with a flexible security architecture for public release.

OpenBSD already supports LOTS of platforms

[Smurf]

They've probably already GOT ultra-secure versions of OpenBSD for PC-based, single-processor servers, but Linux isn't just for PC's or just for one processor.

OpenBSD branched from NetBSD and therefore it has been ported to a great number of hardware platforms (and could be ported easily to many more). See http://www.openbsd.org/plat.html for a list.

I'm not sure if OpenBSD (or NetBSD, for that matter) is multiprocessor enabled. But FreeBSD is, and AFAIK it's far more efficient than Linux handling several processors.

Re:OpenBSD already supports LOTS of platforms

I'm not sure if OpenBSD (or NetBSD, for that matter) is multiprocessor enabled. But FreeBSD is, and AFAIK it's far more efficient than Linux handling several processors.

FreeBSD does have the best multiprocessor support of the *BSDs. It's certainly not "far more efficient" than Linux, though; in fact, Linux retains a sizeable advantage in this area.

And for that quad-Xeon, quad-gigabit Ethernet, static web page serving box under your desk, don't overlook NT. :-)

AC

So *this* is Transmeta's real project!!!

No wonder there was all the secrecy swirling about Transmeta. Linus was actually hired by the NSA to develop a "secure Linux" (*cough*hack*gasp*). Maybe it's time to take another look at BSD?

Experience with "Type Enforcement"...

[John+Fulmer]

A little background.

I've been consulting, installing, and using Secure Computing's Sidewinder firewall for about 3.5 years now, which includes the "Patented Type Enforcement Technology". Here's the skinny..

Type enforcement was developed by Secure Computing to be run on a Motorola mini computer system for the NSA about 10-15 years ago. This was specificly designed to be a system to hold both classified and non-classified information, with both classified and non-classified users.

What type enforcement does is create a series of domains within the context of the operating system. Each file and user is assigned to a domain, or a series of domains, and cannot pass domain boundaries, unless explicitly allowed. Attempting to cross boundaries will result in the offending application being killed by the system kernel, the attempted logged, and alarms rung.

The important thing here is that the domain permissions and rules are set in the kernel itself, and changing those rules requires a recompile. I know that Secure Computing was working on a 'type enforcement lite', where the rules were enforced by a userspace daemon, but I hadn't seen anything about that for quite awhile.

Sidewinder is a damned effective firewall, due to the type enforcement. Even if someone breaks a proxy or service running on the outside of the firewall, you still haven't breached the firewall, since there is no logical path to the inside domains or the internal ethernet card, except through a series of named pipes between dual IP stacks (one for the 'outside' and one for the 'inside'). Breaking through those is extremely non-trivial, since every time you touch the wrong domain, you get kicked and logged.

Type enforcement is real, and it's been around for a very long time. And works very well.


jf

Re:Experience with "Type Enforcement"...

[Amphigory]

So, kind of like multics? I guess everything is coming full circle now.

wow

[Kenshiro]

I am in the process of implementing this for linux right now... I was working from the 1996 TIS
papers on "DTE" (domain and type enforcement), and saw (well, noticed) no mentions of patents.

Re:Pre-emptive strike against cluelessness...

[Royster]

I don't know what you mean by a loophole. I can contract you to make for me a "work for hire". You may only distribute that work to me. Copyright for the work (i.e the .diff files) resides with me. An external license like the GPL does not restrict us from contracting this way.

DTE for linux - available as a patch!

[listen]

at this url:

(Hope that someone reads down far enough to moderate this up). The site has a good explanation of what DTE is, but I don't know how active they are.

They have a patch against 2.2.13, which was created on Dec 13 1999. So its not too out of date, though it wil have to be forward ported to 2.3 I suppose...

Maybe the NSA should be spending their money elsewhere - or maybe they should clue up to what open source is all about.

I wonder what is covered by the patent Secure are so proud of?

Re:DTE for linux - available as a patch!

[ricksmith]

I wonder what is covered by the patent Secure are so proud of?

I work for Secure Computing and I've read the Type Enforcement patent. I have no idea how the patent might be enforced, since I'm no lawyer. The patent is from the late '80s and was originally written on the assumption that TE would be implemented in firmware. Actually, the first implementation was in C on a 68020.

The patent talks about controlling access based on applications instead of being based on user IDs. Software processes are assigned to domains and resources are assigned to types. There is a TE database that establishes accesses between them. The TE database can not be modified during normal system operation.

As other posters noted, it's been used in Sidewinder, SecureZone, and a military mail guard. Some folks of NSA like it because it puts really strong separation between processes and administrators can't shut it off by accident or on purpose.

Why Linux? Here's an easy answer...

[HariSeldon]

If the NSA wants TEed BSD, they already can get it from Secure Computing. Secure's Sidewinder and SecureZone firewall are hardened versions of BSDi. Very groovy, by the bye, at least Sidewinder is. Ergo, they have a BSD. They want Linux. Probably because someone Up There thinks Linux is the cat's pajamas. Prognosticating the future since the end of the First Galactic Empire, -Hari

Hmm...this sounds a bit suspicious to me...

[diamond]

Call me paranoid, but consider the following... The NSA commissions Secure Computing to make a high-security linux distribution, and SC returns only gthe binaries to the NSA, not requiring the release of the source (via the internal changes clause in the GPL). Now there's an official NSA-sanctioned "secure" linux, and all of a sudden everyone who carse about security is using it. Doesn't sound so bad... But what if the NSA has a back door put in? If there's no source, then the only people that know it's there are the NSA themselves, and SC, who I'm sure will be forced to sign an NDA of some sort. I know it sounds paranoid, but this could be viewed as just another provision for "National Security"...

Re:Hmm...this sounds a bit suspicious to me...

[mochaone]

who cares if there's a backdoor if NSA is the only one using the "distribution". SC has probably been contracted to modify the kernel just for NSA. As such, I doubt there will be a backdoor.

DTE for linux - available as a patch!

[listen]

oops - messed it up last time! Doh!

at this url: http://research-cistw.saic.com/cace/dte.html

(Hope that someone reads down far enough to moderate this up). The site has a good explanation of what DTE is, but I don't know how active they are.

They have a patch against 2.2.13, which was created on Dec 13 1999. So its not too out of date, though it will have to be forward ported to 2.3 I suppose...

Maybe the NSA should be spending their money elsewhere - or maybe they should clue up to what open source is all about.

I wonder what is covered by the patent Secure are so proud of?

dang that's funny

[The+HaikuMaster]

Am I the only one who sees the humor in seeing

About the National Security Agency

..in a press release?

Re:dang that's funny

[CyberSp00k]

Consider, HaikuMaster:

The way you can go
isn't the real way.
The name you can say
isn't the real name. ...


Spiritus ex Machina

NEWS FLASH: "This Just In..."

NEWS FLASH:

"TEXAS: The Open Source community is mourning two of it's most important members today, Linus Torvalds, originator of the Linux computer operating system, was killed when he accidentally, brutaly stabbed himself in the stomach while shaving; and Alan Cox, the guy who REALLY does the programming for the Linux operating system kernel, was killed when he acidentally, brutally cut his head off while combing his hair. Texas Authorities denied any suspicions of foul play, saying that the fact that the two were found hundreds of miles away from their homes and places of work, and the fact that they were discovered face down, with burlap sacks over their faces, was merely a co-incidence."

I don't think they've much to worry about...

[HariSeldon]

Heh. If Secure doesn't screw it up, it'll be fine. Secure's Sidewinder system is pretty damn tight. Only as good as its admins, of course, but it works terribly well.

-Hari, who knows way the hell too much about firewalls.

Not a total disaster

[Straker+Skunk]

If, for some reason a court would declare the GPL invalid, in whole or in part, what would this mean to Linux and the rest of the free software community?

Programs under the GPL would revert to standard copyright under its authors. I believe this would automatically bring into force the usual restrictions on copying and distribution (i.e. prohibited without author's permission, etc.). No one will suddenly be able to turn emacs or gcc proprietary; quite the opposite-- until a valid license is put on some [formerly GPL'ed] package, no one will be legally able to even download it.

The scenario, I imagine, would go something like this:

1. GPL v2 is declared invalid
   
2. The top guns at the FSF draft a new GPL in line with the legal opinion, and true to the spirit of the previous version
   
3. Release GPL v3
   
4. Free-software maintainers the world over update the COPYING file in their tarballs, using the "either version 2 of the License, or (at your option) any later version" provision, or in the worse case, after checking with everyone in AUTHORS
   

So it would certainly cause a lot of hubbub (gnu.misc.discuss and debian-legal would go berzerk, that's for sure), but in the end, people will just patch the bug, and get on with business as usual. And the new GPL will be that much harder against future legal challenges.

IS EVERYBODY IN A COMMA!!!!!!!

[commandante+cheX]

Secure Computing:
In the early 1970s the National Security Agency engaged a division of Honeywell's Air Space Defense Group to build what became the first firewall. From that beginning, the company spun off from Honeywell as a stand-alone organization in 1989, moved into the commercial firewall space in 1992,and went public in 1995.
Secure Computing's history

NSA:
"The ability to understand the secret communications of our foreign adversaries while protecting our own communications--a capability in which the United States leads the world --gives our nation a unique advantage."
--NSA Mission Statement.

China:
"As a country, you really have to be in control of your own destiny," Keller says. "They don't want a sole source situation, especially when that sole source is coming from another country.They want to localize the product. And of course, there are issues of security. If you don't have control of the source code,there are security issues to be concerned about. It's a very important decision for them. Linux allows them the freedom to address all those issues."
Upside article on Red Flag Linux

Does anybody make any non-tech assosciations? It can't be this obvious right?
I mean, while everyone's talking why not bsd, how this is good or bad, contracts, business, bla bla bla........IS EVERYONE BLIND OR SOMETHING....or maybe it's just so obvious, that there's no way it could be......but i can ***guarantee*** that in the event of a real national security threat (like china bombing taiwan--as oppossed to ouzama bin laden), the NSA **will** be in charge.......the NSA is the guarantor of the US's existence. Whether conspiratorial or not, the effect is the same. These people live to destroy any real or perceived threat to national security, even if that threat takes the shape of a global community of programmers. This is about control, and both China and the NSA are steering in their own directions.

Re:IS EVERYBODY IN A COMMA!!!!!!!

Anyone who actually thinks a government agency can be THIS organized is an idiot!

:) perhaps there is a reason

Also, not to start a war ... It may be that they have concluded that Linux development is likely to be more robust and diverse. BSD code is still not exactly public property. While it is in the BSD form, it is public. But future derivities are not guarenteed to be public as well. A small matter, perhaps. But it does mean that I, personally, will not contribute to a BSD project knowing that I could just end up contributing to Microsoft rather than to Civilization as we know it. Or at least to how we wish it to be. BTW, there are already word floating about that it has already happened and W2000 contains hunks of BSD code. could just be a roumor but ...

Re::) perhaps there is a reason

nope. windoze always contained some BSD code. grep for "Regents of California" on a win95/98/NT drive and you will find at least a few instances.

Re::) perhaps there is a reason

[TheGreek]

grep for "Regents of California" on a win95/98/NT drive and you will find at least a few instances.

Errrm, no. I did just that on a stock NTW4SP6 box here at work. Not there. That doesn't mean there's no BSD code in Win95/98/NT. That just means that none of the copyrights made it to the compiled object code. It'd be a bad compiler that'd put comments (where the BSD copyrights are located in the BSD source) in the object code.

Re:Pre-emptive strike against cluefulness...

[Artie+FM]

Most clueful Government contractors do not work this way. From reading the site I'm sure Secure Computing does not have this arangement. Whats more likely is that they charge the NSA to develop software, but when the deal is done, both Secure Computing and the NSA will have rights to the source code. Under normal government contracting the NSA could then take that code to another contractor or fork it themselves. This only happens when the customer gets really, really, pissed at you but needs the software. As Secure Computing develops future versions of this linux, the NSA will probably have to pay again for support and updates. Overall this works well with the GPL. The only thing the GPL does in this case is reinforce the NSA's ability to fork or hire someone else to do the job. Neither of which are likely. It does not force source code release to the public, it only gives more rights to people who paid for programs.

Re:Pre-emptive strike against cluefulness...

[Artie+FM]

Most clueful Government contractors do not work this way. From reading the site I'm sure Secure Computing does not have this arangement.

Whats more likely is that they charge the NSA to develop software, but when the deal is done, both Secure Computing and the NSA will have rights to the source code. Under normal government contracting the NSA could then take that code to another contractor or fork it themselves. This only happens when the customer gets really, really, pissed at you but needs the software.

As Secure Computing develops future versions of this linux, the NSA will probably have to pay again for support and updates. Overall this works well with the GPL. The only thing the GPL does in this case is reinforce the NSA's ability to fork or hire someone else to do the job. Neither of which are likely. It does not force source code release to the public, it only gives more rights to people who paid for programs.

In-house Loophole?

[hypergeek]

A number of posts have mentioned that if the NSA keeps its "distro" completely in-house, they aren't required to distribute their source code.

Others have pointed out that an insider could simply sell/distribute the NSA Linux, and that the NSA wouldn't be able to do much about its further distribution.

But, if they keep the source code in a very secure place, and separate from most of their computers (which would only contain the binaries), then anyone who tried to disseminate the binaries could be sued by the NSA (since they have the copyright on their "derivative work") over GPL violations.

The NSA would simply claim that the GPL prohibits distribution of the binaries without the source code, and before anyone got the chance to reverse engineer the binaries, the NSA'd prosecute anybody caught distributing said binaries for software piracy.

Kind of a disgusting loophole... if anybody could come up with any passage from the GPL (or copyright law) that contradicts this, I'd sleep much better tonight!

-Hypr Geeque

Re:In-house Loophole?

[ariux]

I'm not sure whether licensees can be organizations or just individuals. That affects this.

Assuming an organization can be a single GPL licensor or licensee:

A licensor can sue a licensee, or a licensee a licensor, for damages to them caused by license violation.

If a provider has given the software to anyone before, they are already licensor and every other person and organization in the world is already a licensee. If this is the first time they're giving it to anyone, they become a licensor and all others become licensees.

Org could sue Provider for damages caused to it by breaches of the provider's duties as licensor (for example, trying to give them binaries without source), or Provider could sue Org for damage (to their reputation, say) caused by Org's breach of its duties as licensee.

Two branches from here:
(1) Org is licensee as an organization, and its employees are part of it. Its employees are not individual licensees.
(2) Employees are themselves single licensees if they receive the software from other parts of Org, and Org is their licensor.

(1)
Org becomes a licensor through its employee's action, and everyone in the world becomes a licensee. Org's provider, or those who receive the binaries, can sue Org for damages unless it also gives source to the same people.
Org can't sue its employee for license breach, because no license has passed between it and its employee.

(2)
Org could sue an employee who distributes source without binaries. But it's required to give source to employees on their demand!

Conclusion: Org can't sue Employee for GPL breach, unless Employee had access to source but tried to give away only binaries.

I'm not sure of this following part. Either or both cases may allow an employee who rebelliously gives out "company" GPL'd software to be fired and/or sued for breach of employment contract. It could be that in case (2), Org's acceptance of the GPL prohibits it from entering conflicting agreements (like an employment contract prohibiting the employee from distributing in-house GPL'd software), or (if the employee was hired before Org got the software) that such existing contracts with its employees really prohibited it from legally accepting the conflicting GPL.

Re:In-house Loophole?

[Bassthang]

Assuming an organization can be a single GPL licensor or licensee:

In British law, at least, and I presume also in countries such as the US whose legal system derived from ours, a company is a legal "person" in its own right (and by implication so are other organisations such as the government, universities, charities). University researchers have no legal right to any profits on exploitations of their University work, unless (as is normal) there is a prior or standing arrangement to cover this.

Any employee of Secure Computing who thought they had a right, under the GPL, to a copy of the source of NSA/Linux would almost certainly be in breach of contract - it would be no different from them taking a binary or copies of internal documentation.

But the NSA get the source (and the freedom to use it). Public sector computer contracts are notorious for government departments getting locked into long-term use of outdated, expensive, proprietory technology. GPL'd software helps combat this, since it allows the department to switch suppliers of software and support. We should be thankful, as it will save us tax dollars (or £'s!) in the future.

What is C2

[chicken]

Linux will never reach C2 security, that requires every kernel object be secured with ACLs and issue security audit alarms on both success and failed opens. It also requires the capacity to use alternate identification mechanisms like biometrics or smart cards as opposed to just username/password. The POSIX APIs have no means to accopmlish either of these goals since it is resitricted to username/password and UGO security flags. The only reason NT made C2 is because they planned it that way from the beginning.

Similarly, no operating system that offers standards-conforming mail, news, web, ftp, netbios (or lan manager), dhcp, ldap, rpc or pptp will ever qualify for C2 because none of those meet C2 authentication requirements.

C2 is the highest rating a commercial operating system can get, higher ratings can only be internally developed within the government (or by government contractors) and cannot be kept online.

Re:What is C2

Hey you braindead idiotic troll - C2 is the *lowest* security rating you can get. A lot of unixes without all that fancy shit have got B1/B2 ratings or higher and linux can get more than that. so shut the fuck up and learn something.

Re:What is C2

[Dr.+Blue]

It's true that C2 requires ACLs, but I don't believe that alternate id mechanisms are required.

Furthermore, the statement that higher than C2 must be internally developped within the government is totally wrong. There are plenty of privately developed B-grade systems (even secure variants of Unix!), and even an A1 system or two that were privately developed (the A1 was by Unisys maybe?).

Re:What is C2

[CyberSp00k]

C2 does not require ACLs, but ACLs are an acceptable implementation of the C2 requirement: "The TCB shall define and control access between named users and named objects (e.g., files and programs) in the ADP system. The enforcement mechanism (e.g., self/group/public controls, access control lists) shall allow users ..." Note that ACLs are provided as an example, but are not mandated as an implementation.

Unique user names (for identification) and passwords (for authentication) are sufficient to meet the C2 requirements for Accountability/I&A and no other mechanisms are required, but other mechanisms are not prohibited, either. The C2 requirements specify enforcement of individual accountability but not the mechanisms of that enforcement.

Honeywell (a private company) produced the A1 SCOMP (what a boat anchor!) and the B3 XTS-200 and XTS-300 systems (check out http://www.wang.com/gov_services/security/ssso/gov _services_ssso_xts_c.asp).


Spiritus ex Machina

NSA **IS** Interested in Linux: another report. .

[Salgak1]

I teach a networking class at a small College, of which the students are ALL NSA employees. Although the course is primarily NT/MCSE stuff, (plus the A+ and Network + Certifications) I **WAS** told, and am planning to include Linux in the course, and certain Linux/NT topics like Samba. And this course has been underway since last year. No Such Agency has obviously had SOME interest in Linux for a while now. . . .

Just some corroborating evidence. . .

What does this mean for us??

After reading the article, I don't see anything affecting the commnity. Personally, I couldn't care less if the NSA is paying for a more secure Linux... Unless they are releasing the mods, making my Linux box more secure.

The article mentioned several times Secure Computing's Patent on their "Type Enforcement" technology. I see no indication that anything they are doing will be released back to the community.

No, but I'm in a semi-colon right now.

Sorry, couldn't resist. You meant to spell 'coma' I assume.

But no NDAs

[/]

The NSA may be able to pay the contracting company enough money that they won't want to distribute the code, but if they do distribute, the NSA doesn't have recourse to retaliate under the GPL, since the GPL forbids a more restrictive liscense from being imposed on GPLed code or code linked against GPLed code. It's probably irrelevent, though, since the NSA can always resort to national-security concerns and trample the people's rights that way. It's worked in the past.

Secure Computing Sidewinder

[vrazhumin]

With all the OpenBSD vs. Linux talk going on - I thought I'd mention that the Sidewinder firewall that currently runs Secure's Type Enforcement is based on BSDi.

Not sure if that clears the waters or muddies them. The *BSD's and BSDi are all siblings, so doing an OpenBSD version should be relatively simple in comparison with Linux. However, if the NSA wanted a BSD derived version, they probably would have just bought Sidewinder (with the appropriate NSA "improvements").

They must be up to something.

Interesting...

It does, mostly

[/]

The GPL prohibits the use of code-obfuscation programs, but that doesn't mean they have to make their code particularly friendly to read, either. Maybe they have something really really subtle in mind. Or maybe they're actually sincere. Remember, this version is for THEIR networks, and they'd be insane to compromise those.

5th amendment violation

[/]

National security or not, if what you say does happen then it violates the 5th amendment's guarantee of compensation for government takings and which doesn't make an exception for national security. It ought to be easy enough for the government to compensate owners for their intellectual property without necessarily explaining how the intellectual property is being used or even which property is used.

I have some idealism in me yet. Wait, I can feel it draining away; slowly, slowly, done. Ah, cynicism, my dear friend, we meet again. How're the wife and kids? Mine'll all die, I see that now, even the ones I don't have yet. Personal rights and liberties? No, this is government work. Constitutions as a means of restraining government which by its very nature is unrestrainable? Justice Marshall got it wrong, I see that now. I can see a lot now. I think I hear a knock at my door. Ah, two young men in blue hats. They want to talk to me. I'll be back soon.

NO CARRIER

Other NSA Secure Linux work

[LnkStern]

There is another ongoing NSA Secure Linux project. It is being done by the Computer Security Research Division at NSA. They are attempting to port the Flask Security Architecture to Linux. Flask is a policy-flexible OS security architecture.

Their Secure Linux project page is available.

Uh, and where is Linux "from"?

Linux is from everywhere, so I don't see how this makes any sense at all. Unless the US has really got it in for Canada specifically.

Re:Uh, and where is Linux "from"?

[Relforn]

You've missed an important distinction.

Linux isn't from everywhere. It's from anywhere.

And the "any" can be controlled by whomever produces a distribution.

OpenBSD is a specific implementation ('distribution') of BSD. It's not from everywhere. The distribution is from Canada.

Patent issues and the GPL

[JoeBuck]

The press release brags about "Secure Computing's patented Type Enforcement technology". Clearly, to make this work they need to put their type enforcement stuff in the kernel. However, the GPL in Clause 7 specifically states

7. If, as a consequence of a court judgment or allegation of patent infringement or for any other reason (not limited to patent issues), conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not distribute the Program at all. For example, if a patent license would not permit royalty-free redistribution of the Program by all those who receive copies directly or indirectly through you, then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Program.

This means that Secure Computing must grant a royalty-free license to all direct or indirect recipients to use their patented technologies in Linux kernels. Other clauses of the GPL forbid them from restricting redistribution. So are they giving up hope of making money on their patent? Do they know this?

/. readers absolutely CLUELESS regarding GPL

[moderate this up, ffs] I dont understand how the vast majority of /. readers, despite being major users and fans of GPL 'd and OSS in general, are apparently incapable of understanding what is basically a very simple license.

"If you change stuff and give out your changed binaries, you also have to out the source, and you also have to GPL your modifications."

Nowhere, nowhere in the GPL does it say, "If you change stuff, you are forced to distribute your modifications."

Is that clear, once and for all? Or are we destined forevermore, that whenever the possibility that someone might change GPL'd stuff arises, the majority of idiots start saying "but they'd have to give out their changes?!"

No, they wouldn't. If they kept it internal, nothing forces them to distribute source, GPL'd or otherwise.

I dont even USE GNU/Linux or any Open Source software and I can understand. What's so hard???

Re:/. readers absolutely CLUELESS regarding GPL

[radja]

hmm.. IANAL.. but it seems to me they contracted an outside corporation, secure computing. Secure computing doesn't keep the secure OS internal, which IMO means they release it. And release means the viral nature of GPL kicks in.

//rdj

How will this jive with the GPL?

[gnerd]

Since Secure Computing's technology is patented, I seriously doubt they intend to release the source of their distribution to the world at large. I'm no legal expert by any stretch, but won't this be a direct challenge to the legality of the GPL?

Education to the contrary is welcome, but no flames, please.

Offtopic but very funny

[clark9mm]

The New Yorker magazine, in an article about the NSA, quoted a senior military officer posted to the NSA who described the civilian bureaucracy there as a "self-licking ice cream cone."

Re:[OT] heh, yeah right

[sjames]

Can you prove they haven't? Nor can I. Or anyone else.

That depends on how strong you need that proof. Echelon is NOT a theory, it is documented fact. Part of that fact is the exchange of intelligence where foreign agencies tell NSA what they know about U.S. citizens, and the NSA returns the favor for their citizens.

Further, their refusal to cooperate with congress is at least probable cause.

As for the NSA and the venusians using genetically engineered sasquatch to read the minds of anyone wearing tinfoil by order of the trilateral committee, that is just an unsubstantiated rumour.[/humor]

Some NSA secure system history

[Animats]

NSA has funded a long series of special-purpose secure systems, many of which are on the Evaluated Products List. Unfortunately, many of the more secure systems were developed for unpopular platforms, such as Wang, Unisys, and Data General hardware.

An A1 rating of a high-rated system is worth reading. This gives you an idea of what it takes to get it right. At the lower levels, it's easier; Microsoft NT 4.0 with service pack 6A plus a "C2 hotfix set" finally got a C2 rating (the lowest offered), after years of failed attempts. Microsoft had to use the new "outside evaluator" system to do it, rather than having NSA itself do the evaluation. The difference is that NSA only gives you two tries to pass. You can pay an outside evaluator to let you try again and again. NSA allows this at the lowest security level to encourage vendors to try to meet the minimal C2 requirements.

It makes a lot of sense for NSA to fund an effort based on Linux; they'll get something they can run on popular hardware. But some major kernel changes will be needed to get into the B levels. (NSA never had much interest in C-level systems.)

I've been out of that world for a long time now, but from 1978 to 1982 I worked on KSOS, an early NSA-funded attempt to build a secure UNIX-like OS. The original design was done at SRI International, and we at Ford Aerospace implemented it. It eventually worked, but was too slow. It was for PDP-11 machines (0.5 MIPS, 64K address space per process), and was implemented in Modula I, since C was considered unsafe even back then. The combination of an inefficient Modula compiler and a small address space ruined the thing; we had to cut out speed optimizations to make it fit. This was one of the first systems designed against the Orange Book criteria, which, incidentally, started life as Grace Nibaldi's master's thesis.

BSD Unix, incidentally, was viewed as hopeless from a DoD security standpoint. The kernel was far too complicated. A rewrite in Ada was considered in the early 1980s, but rejected. The DoD view at the time was that BSD was a dead end, and Mach was the future. They wanted something at least as secure as Multics, which was a system from the late 1960s rated at B2 in 1985. But that's another story.

Re:Some NSA secure system history

[ricksmith]

This is a bit of amplification on how type enforcement fits (or doesn't fit) into traditional secure systems. But, first, a correction:

NSA has funded a long series of special-purpose secure systems, many of which are on the Evaluated Products List.

Actually, the EPL only includes commercial products. Although a government sponsored system can earn an evaluation level, the EPL listing is generally reserved for companies that pay their way.

High security systems traditionally provide multilevel security (MLS). Today, lots of military types want to share data across multiple classification levels, but they don't want the specific technical feature called "multi-level security." It just doesn't solve the real problem.

Various technical folks at NSA have liked type enforcement (TE) because it helps enforce least privilege, encapsulation, and process pipelining. While you can do that with MLS, it's like using an incrementing while() loop to do addition. TE gives developers a more direct way of representing their requirements. TE provides the bones necessary to build multilevel "guard" systems and it's been field proven (the mail guard, Sidewinder, etc.), even though it doesn't implement MLS directly.

As far as security evaluations go, nobody in their right minds is doing C2 or B1/B2/B3 style evaluations any more. People are doing the Common Criteria, if anything. There have been discussions about evaluating Linux, but it's 'way too soon to tell what might happen in that arena.

"grep NSAKEY *.c *.h"

[1010011010]

$ su - root
password:
# cd /usr/src/linux
# grep NSAKEY *.c *.h
ACCESS DENIED
# crap
bash: crap: command not found

giggle

A New Direction?

[KeyLargo]

Perhaps this is the NSA starting in a new direction. Despite all the X-Files I watch, I have to believe that the NSA is working in the best interests of the American people. For a long time that ment monitering for say, suspicous bhabviour. ie. terrorist activities. Maybe with crytography the way it is, that is too difficuly and no longer their primary focus. Could they instead be working to safeguard American businesses by making sure that faulty standards are not being used?

Just a thought.

Regards,
KeyLargo.

NSA's Linux will be proprietary!! Read the press R

Secure Computing's patented Type Enforcement technology. . . Implementing Type Enforcement within the operation system itself assures the highest level of security available in commercial operating systems. Here is the paragraph it is taken out of. Secure Computing's patented Type Enforcement technology provides network security protection that is unique to the industry. This technology, first developed under previous government contracts, is available today as part of the UNIX OS for Secure Computing's Sidewinder[tm] firewall. Type Enforcement secures underlying operating systems and protects applications and network services, by segmenting them into domains. Each domain is granted permission to access only specific file types, including executables. As such, each domain provides a self-contained, discrete layer of protection that cannot be altered. Implementing Type Enforcement within the operating system itself assures the highest level of security available in commercial operating systems.

The interesting GPL question...

7. If, as a consequence of a court judgment or allegation of patent infringement or for any other reason (not limited to patent issues), conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not distribute the Program at all. For example, if a patent license would not permit royalty-free redistribution of the Program by all those who receive copies directly or indirectly through you, then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Program.

The interesting question, to me, is whether the NSA gan give its employees copies and still bar them from taking the copies home. (Removing anything machine-readable from Ft. Meade is, in general, streng verboten.)

The GPL can't bar "don't make your employer unhappy" pressure, but are they permitted to stop someone who wants to try?

The patentedness of the relevant technology also becomes an issue. The GPL is rather clearer on those grounds.

This is a GOOD THING

[ron_nelson]

Secure Computing had done a lot of work with BSDI. They also contributed fixes and modifications back to the BSD tree.

In fact, they have an employee credited in The Design and Implementation of the 4.4BSD Operating System book.

It is unlikely that Secure Computing will contribute the final code that they deliver to the NSA to the public, but the additional eyes on the kernel source can only be a good thing. As a bonus, any tools they need developed by other opensource companies like Cygnus would be released by Cygnus to the community.

Welcome the folks new to the "bandwagon"...

Ron

Not quite: NSA and companies CAN keep secrets

[redelm]

"The club cannot (under GPL) restrict anyone from doing so."

Not quite. NSA employees are bound by secrecy laws and most certainly will be prosecuted for revealing secrets. Modified Linux would be one of them.

Outside the govt/military sphere, employees can be sued for disclosing their employers secrets. Unless the company authorizes publication, it can fire and sue people.

-- Robert

Re:Not quite: NSA and companies CAN keep secrets

[timmyd]

Maybe they can get them to keep a secret legally, but if it gets out, it doesn't really matter what they do to the employee(s) because it would be out... could they stop that then?

Re:Not quite: NSA and companies CAN keep secrets

[redelm]

Interesting. But I'd bet that whomever got the code from the errant employee wouldn't have ANY licence to use/distribute it, especially not the mods. They'd be in the position of receiving stolen goods. GPL warez :)

NSA wouldn't be giving out any licences, even though if they did, it would have to abide by GPL. But they aren't compelled to licence it at all, and so wouldn't. So nobody could distribute it legally.

-- Robert

Re:Not quite: NSA and companies CAN keep secrets

[Malcontent]

interesting. It seems like this is a loophole in the GPL. Governmental agencies can trump the GPL with secrecy claims.

Re:4:Interesting (Boaring)

This is myself.
I'm me, the other is he.
I != He
He's comment was funny, you are a real troll, and a boaring one.

Name/Slogan Suggestions

[computerboy]

How about this:

The SpookOS
"We'll give you the source, but we'll have to kill you."

Well? ::)

--computerboy

Sidewinder is OpenBSD

[spauldo]

Basicly, they've already done this very thing to OpenBSD - Sidewinder firewall. Lotsa military bases use it. It's based on OpenBSD.

I've used OpenBSD, and I have found linux much easier to use. While for a company, you would just hire some guy who already knows the system, here you have to train them on it (or contract a civilian, who can't be deployed during contengency). So you have to use systems you can train people on easily, because (in the air force at least) an airman is only on station for between one to three years, and may change jobs two or three times during that period. I'd rather train them linux than OpenBSD, just 'cause non-geek airmen will probably understand it better.

Re:Sidewinder is OpenBSD

It's BSDI you ninny. And if you've ever looked at an installation of same, it's a pathetic mess of everything including the kitchen sink. Oh, sure they have "type enforcement" but any firewall I consider looking at had better fucking NOT have a compiler and 400+MB's of shit on it. Xwindows? You gotta be kidding...

I can see it now...

[Millennium]

NSA Public License (NSAPL) v1.0... We could give you the source, but then we'd have to kill you.

GNU/Hurd

[timmyd]

Does anyone know enough about HURD to tell if it is made well for security? It sort of sounds like it would be an interesting alternative if linux didn't work out.

Why so?

[Robert+S+Gormley]

I use OBSD 2.6, and subscribe to a lot of OBSD lists.

Was just curious about the NetBSD thing. I do know he can be rather brusque at times on the mailing lists, but shrug :) He doesn't pretend the system is for newbies/cluebies/doesn't have time for people asking FAQ'ed questions.

NSOS

[Bad+Juju]

No Such Operating System.. we don't have an os, what are you talking about? Go back to bed, America.

Uh, so don't use it.

[Bad+Juju]

This is the NSA, you think it'll be on sale at Best Buy? Anyway,even if it was, nobody's twisting your arm to use it.

espionage anyone?

[digitalunity]

Doubtful. If they really want to keep this tight, they won't charge you with software piracy. Under US code Title 18, section 3592(B) they can put someone to death for treason(espionage in this case). According to this title, there are many factors determining appropriateness of death sentence. I would doubt that they would ever complete this sentence but intentionaly passing out the source code to something like this could definitely be cause for a stiff jail sentence.

Sleep well knowing they have that power...

ps: IANAL, but I play one in law class.

Gimme gimme

Tell me as soon as you find the iso

Patents VS GPLed Kernel == Problems

This sounds problematic. From what I can make out they claim that they have patented technology which they are going to add to the Linux kernel. Since the Linux kernel is released under the GPL, and the GPL asserts that patents which are used in GPLed software have to be licensed to everybody this is going to cause problems, unless they release their stuff as binary only kernel modules. Am I understanding this correctly ? Is it time to get out the big GUNS and threaten with lawsuits ? Some Linux people now have lots of money, so the threat of this sort might now actually carry some weight..

Russians did that years before

So, why are you wondering ? Russia military forses did that years before. Stripped down RH4.2 with most services thrown off and others are disabled, self-made kernel audit, gcc and devt libs/headers available only after additional request, whole distro is 7 1.44 floppies - and they call is MSVS. Works quite stable on their hardware (486 in enhanced security case (locks on everything, EM shield, special cabling)). Developers for this system are cryind in desperate :).

Re:NSOS (off topic)

[keyeto]

Solipsistic sig file. Neat. Give my regards to Elson Roa, and don't forget "Aim Here!".

OpenBSD copyright statement in WinXX

[Paul+Jakma]

ermmm.. actually a lot of Win software did use to have the "Regents of California" coyright statement. Eg ftp on older WinXX installs would print it out when you started it. (code had to actually print it out to the user - nothing to do with code comments)

However the "must display copyright" clause was removed from the BSD licence about a year or 3 ago. I believe it was RMS that persuaded them. Hence the reason why you can't find "Regents ..." in WinXX today. But still that code is BSD based - eg the WinXX tcp/ip stack was developed from BSD. A lot of the utilities (ftp, traceroute, etc.) are BSD based.. etc..

Re:OpenBSD copyright statement in WinXX

However the "must display copyright" clause was removed from the BSD licence about a year or 3 ago

Can anyone substantiate this? I see no evidence in any of the source code. ftp.c still goes:

• 2. Redistributions in binary form must reproduce the above copyright
• notice, this list of conditions and the following disclaimer in the
• documentation and/or other materials provided with the distribution.

Real intentions

[DotSlasher]

If there were to release their modifications back into the open-source community, could it be with the purpose of making linux more secure against everybody else, but leaving opening up the typical NSA backdoor for themselves.

We wouldn't allow a known theif to replace the locks on your doors with their own self-created brand.

Another subject that tackles my mind, is the possibility that software companies opposed to linux could have plants working on projects vital to the future success of linux, ready to strike with damaging code that hits the news/media big time and making potential newcomers shy away.
But thats my paranoid side.

*Sigh* Re-inventing the wheel

[proberts]

There's _already_ a project that's most of the way to B-level functionality. It's at http://www.rsbac.de/ and it already works.

I think we should question the use of our tax dollars to reinvent this wheel when there's an active *FREE* implementation already most of the way done that doesn't use patented technology.

Paul

This is a great thing coming to Linux!

[Steeltoe]

Type enforcement sounds like a killer app for Linux. Just imagine doing your casual IRCing and then some D00dz starts scanning your ports and launching DoS attacks against your machine. But now with the latest kernel you can remotely shut down their computer, ring several alarms in their house while flashing red lightbulbs. Not to mention a couple of dark dressed NSA gays knocking their door down a few minutes later. This would work wonders against silly script kiddies on IRC.

- Steeltoe

NSA getting clues

[karb]

Here's a hint : SAIC is a government contractor.

Their job is to hunt down government contracts and get them.

I would guess that SAIC probably competed against Secure Computing to get the contract. Obviously, if they did, they lost.

My possibly true assumption : SAIC bid, possibly using their own tool as evidence of their prowess. For whatever reason, the NSA *still* passed them up on the deal.

Not too much trouble

[mikera]

I don't have a copy of the GPL to hand, but I think the wording and intent is that free licenses to use the patented technology must be distributed along with the GPL'd software and source code.

That is to say, if some patented technique is incorporated into YetAnotherLinux, then anyone who recieves a copy of YetAnotherLinux is automatically licensed to use the patented technology and redistribute it under the GPL.

Therefore I don't think this is a particularly great cause for concern - though some components may be patented, the company that incorporated them into the kernel in the first place has effectively given up the rights over the patent in the GPL domain.

Pretty clever contract, that GPL.....

Thanks!

I work SAIC and was unaware of that patch. Thanks, and somebody moderate this thing up! ;)

Windows NT 4.0 with Service Pack 6a and the C2 Upd

True, it is certified. But anyone interested should check the specs. Only on the Compaq Workstation and Server platform tested. And without IIS or other web server on the server side. No browser on the client, etc...

If you really, really wanted to provide NT in a C2 configuration, you could, but not without considerable effort, and at that the config would have severely limited functionality.

Re:Riiight. (my thoughts exactly, OpenBSD)

Sorry. Linux /proc filesystem is not like OpenBSD /proc filesystem and emulation is not provided yet. You cannot run the Linux StarOffice on OpenBSD because of this. I think you might be able to run the ix86 Solaris StarOffice though.

colossis

...but you can't have one. it's the forbidden machine

The Secure Computing FAQ on this subject

[bpdlr]

Secure Computing Corporation

Type Enforced Linux / NSA Press Release

Frequently Asked Questions

Question 1: What are you announcing today?

Today we are announcing a sole source contract award from the National Security Agency, to Secure Computing's Advanced Technology Division to apply Secure's patented Type Enforcement technology, to the Linux operating system

Question 2: Why is this announcement important? Who needs these solutions?

This announcement is important because it supports our position that Secure Computing's technology provides security functionality unequalled in industry. The National Security Agency has had a longstanding reputation as being one of the most stringent information security customers in the world. The fact that they came to Secure Computing to provide this capability demonstrates their recognition of our capabilities.

Secure Computing believes that a primary measure that corporations can take to enhance their security, is to move critical applications onto operating systems that are not susceptible to attack. With the recent emergence of Linux, and its phenomenal growth rate, developing a secure Linux operating system, for customer applications, as well as our own security products, is a logical step. In addition to the DoD, we envision that our target customers, the medium to high-end corporations, will see the benefit of this activity.

In short, we believe that the market has "voted" and Linux is rapidly becoming a standard platform for the enterprise and for e-commerce and e-business. We undertook this work because we are committed to Linux and are currently porting our applications to the Linux platform.

Question 3: Why are you announcing this now?

We have just recently been awarded the development contract for this effort, so we are releasing the information.

Question 4: How does this change your existing security products and services?

We believe that the market has "voted" and Linux is rapidly becoming a standard platform for the enterprise and for e-commerce and e-business. We undertook this work because we are committed to Linux and are currently porting our applications to the Linux platform.

Question 5: Why did you enter into this Contract?

Secure Computing Corporation has a longstanding relationship with the NSA and several other agencies within the DoD. Sidewinder is currently the #1 Firewall in the DoD, and our Advanced Technology Division achieves almost 100% of their revenue from government contracts. Entering into this contract continues a very strong relationship, with some of the most advanced, security conscious customers in the world. Additionally, we undertook this work because we recognized the need for our products to be available on a secure version Linux. This is a win for both our Customer, the NSA and for ourselves, allowing us to leverage the NSA work to provide a foundation for future product directions.

Question 6: Can you provide a brief description of Type Enforcement, and the benefits it provides to the underlying operating system?

Type Enforcement is a mandatory access control mechanism that is tailored to provide the strength and flexibility required in today's business to business e-commerce environments. The strength comes from locating the Type Enforcement mechanisms in the lowest level of the OS kernel, thus ensuring that a clever attacker cannot bypass them. This also enables the Type Enforcement mechanism to protect all the applications and higher level operating system components on the system. At Secure Computing Corporation, we use Type Enforcement to protect the integrity of our Application Layer Gateway firewalls. The flexibility comes from separating the policy definition engine from the enforcement mechanisms. Thus, organizations and system vendors can develop Type Enforcement policy engines that are tuned to provide the security that they need, rather than being forced to accept a "one size fits all" form of security.

A Type Enforced system resembles a honeycomb, with each critical system component placed in its own separate cell, in which it can access only the resources and utilize the privileges it needs to perform its function. A security breach that affects one component does not affect components in other cells. Type Enforcement controls the harmful effects of security flaws in applications, including configuration errors by administrators.

The CERT Coordination Center Security Advisories are packed with examples of attacks that take advantage of an application flaw to attack a system. The recent successful attack against PC Week's Apache/Linux challenge system would have failed if the underlying Linux system had been Type Enforced.

Question 7: Is there a revenue impact to this announcement?

Yes, however, we have not entered into this contract merely for the contract revenue. As we have stated before, federal contracting offers us the opportunity to conduct R&D on new technologies and product, without additional company investment. So although this contract will produce in excess of 7 figures for ATD contract revenue, this was not the driving force.

Question 8: What are you contributing to the market with this announcement?

We believe this contract and announcement furthers our claim that Secure Computing provides security technology that is unequaled in this space.

Question 9: What are your plan regarding the Open Source nature of Linux?

It is our intention to be an active, responsible member of the open source community. Within the constraints this imposes, we will work with partners to develop new product offerings that will benefit our customers, our partners, and us. However, we will also benefit simply by having a Linux based secure operating system on which to host our products.

Our modifications to Linux will consist of:

- strong policy enforcement code which is in the kernel itself, - a flexible policy engine which is structured as a separate module We will open source all the modifications to the kernel as well as a general-purpose policy engine. We have not determined the exact functionality of this engine, but it will support a broad set of basic applications and it will be complete enough too teach the community how to write other policy engines. We hope that others will choose to enhance this engine and/or develop their own policy engines that are optimized for their purposes. We will keep the policy engines for our products, such as the Sidewinder policy engine, proprietary.

----