Slashdot Mirror

← Back to Stories (view on slashdot.org)

Would You Use SELinux?

Posted by Cliff on from the NSA-wouldn't-dare-backdoor-a-penguin-,,,-would-they dept.

silent_tyr asks: "I am going to re-install my Linux box and being security conscious I am looking for a secure distribution. After a couple of Google searches I found a version called Secure Linux, which sounded ideal. So I followed this link, which turned out to be what I assume is a genuine NSA web-site. All in all, it looks like a good idea and I can play around with it as I wish, but eventually I will be using this machine as my base-system. So before I start I want to ask two questions: 1) Do you think that it is a good idea to trust the NSA not to put in back-door/spy-ware type code to enable them to snoop my personal information? 2) What other security-patched distro's can people recommend? I don't want to open up the floor for generic NSA-bashing, but I also don't want to have to work my way through every line of code before I install." There was a similar question that was asked a while ago, but there wasn't much to the discussion. For those of you who are running SELinux, what have your experiences been, so far?

65 comments

  1. Are you serious? by Anonymous Coward · · Score: 2, Funny

    Holy Welcome to Last Decade, Batman.

  2. SELinux? by Prince_Ali · · Score: 4, Funny

    Just install Windows XP like everyone else. Stick the free version of ZoneAlarm on there, and you will be as secure as any box out there!

    --
    Slashdotter are stupid and biased.
    1. Re:SELinux? by BrokenHalo · · Score: 4, Insightful
      Uhh... maybe. but if I were so paranoid about NSA introducing backdoors etc, I would be more inclined to go for Linux From Scratch. I have a reasonable degree of faith in the GNU components and other applications that I use, and if I wanted to be sure that they hadn't been tampered with, I would download the source of each piece of software, check the MD5sums and compile it all myself.

      Since I live in the real world (tm) I just use Slackware. I reckon I can trust Pat not to fuck with my system :-).

    2. Re:SELinux? by Xpilot · · Score: 1

      Since I live in the real world (tm) I just use Slackware. I reckon I can trust Pat not to fuck with my system :-).

      Dude, this is probably the best comment I've heard on slashdot :)

      --
      "Backups are for wimps. Real men upload their data to an FTP site and have everyone else mirror it." -- Linus Torvalds
    3. Re:SELinux? by Anonymous Coward · · Score: 0
      Just install Windows XP like everyone else. Stick the free version of ZoneAlarm on there, and you will be as secure as any box out there!

      This is simply not true. There are countless holes in ZoneAlarm. The biggest one (IMHO) is intentional. Microsoft is allowed to come and go from your computer as they please because they are "trusted". This is documented on the ZoneAlarm site somewhere, and you can google for the other issues. The big question is what else does ZoneAlarm trust? Don't be a sheep. Learn to think for yourself!

    4. Re:SELinux? by d3faultus3r · · Score: 1

      Plus with microsofts new competition eliminator plugin, you can protect your children from smut like linux

      --
      read my blog
      musings on politics and technol
    5. Re:SELinux? by mrlpz · · Score: 1

      Dude...what kind of Evil Master Plan Droid are you ? Do you realize that someone is actually going to believe you when you say that ?

  3. What? by 4of12 · · Score: 3, Interesting

    Do you think that it is a good idea to trust the NSA not to put in back-door/spy-ware type code to enable them to snoop my personal information?

    Am I mistaken, or is SE Linux not a source distribution?

    GPL'd source guarantees that nothing lives in your kernel that you cannot examine as much as you like for backdoors.

    It's a powerful guarantee, one that cannot be made of many commercially produced operating systems, whether they are called "secure" or anything else.

    --
    "Provided by the management for your protection."
    1. Re:What? by thefroatgt · · Score: 5, Informative
      From the main SELinux page:
      Security-enhanced Linux is being released under the same terms and conditions as the original sources. The release includes documentation and source code for both the system and some system utilities that were modified to make use of the new features. Participation with comments, constructive criticism, and/or improvements is welcome.
    2. Re:What? by fredrikj · · Score: 2, Insightful

      GPL'd source guarantees that nothing lives in your kernel that you cannot examine as much as you like for backdoors.

      From the post:

      I also don't want to have to work my way through every line of code before I install.

    3. Re:What? by tka · · Score: 5, Insightful

      GPL'd source guarantees that nothing lives in your kernel that you cannot examine as much as you like for backdoors. Yet this examination has to be done somebody else, by larger group of people who have great amount of knowledge and experience on these matters. It is simply not "possible" to this guy/girl to examine the kernel. Besides it is not not a easy task look for backdoors etc. Does anybody know that this kind of examination has been taken place by independent group?

    4. Re:What? by Anonymous Coward · · Score: 1, Informative

      Am I mistaken, or is SE Linux not a source distribution?

      How about reading the link you are given?

      Security-enhanced Linux is being released under the same terms and conditions as the original sources. The release includes documentation and source code for both the system and some system utilities that were modified to make use of the new features. Participation with comments, constructive criticism, and/or improvements is welcome.

    5. Re:What? by BrokenHalo · · Score: 3, Informative
      GPL'd source guarantees that nothing lives in your kernel that you cannot examine as much as you like for backdoors

      Not quite.

      (1) It's not just your kernel...
      (2) Sure, you could spend weeks browsing through the source by yourself (and probably not find any backdoors even if they do exist).
      (3) Having a source distro in itself doesn't guarantee that said source hasn't been tampered with. I seem to remember there was something like this that came up a few months ago with sendmail where somebody (IIRC) had replaced the source tgz file on some servers. If people do not check MD5sums at the original point of distribution then sooner or later they're going to get their fingers burnt.

    6. Re:What? by nova20 · · Score: 1
      Do you think that it is a good idea to trust the NSA not to put in back-door/spy-ware type code to enable them to snoop my personal information?

      GPL'd source guarantees that nothing lives in your kernel that you cannot examine as much as you like for backdoors.

      ...and you think the NSA couldn't code a backdoor that would go unseen by the average linux user?

    7. Re:What? by spencerogden · · Score: 4, Insightful

      Yes, but having the source of SELinux and the vanilla kernel sources means you can diff the two trees and get a very good idea of what has been changed. Viewing the changes in this manner should make a code inspection managable.

      --

      Spencer Ogden

    8. Re:What? by Aix · · Score: 2, Interesting

      While I understand your point, this is unfortunately not entirely accurate. I suggest reading Ken Thompson's Turing Award Lecture for an explanation of exactly why having the source code is not necessarily enough. I don't think the scenario he describes is a likely one, but it's worth looking at and thinking about in any case.

      --
      Nonperiodic Central Trajectory
    9. Re:What? by 4of12 · · Score: 4, Insightful

      you could spend weeks browsing through the source by yourself (and probably not find any backdoors even if they do exist).

      Me (an average good C programmer) and hundreds of others (that are average good C programmers with good networking experience) would stand a reasonable chance of finding something.

      In fact, if you are in the computer security business, uncovering a backdoor like this would be a real feather in your cap, look good on your resume, and help you drum up more business, so there's definitely motivation for people to look closely at the NSA code, not just for backdoors, but for any kind of flaw that could potentially compromise security.

      Critical (almost hostile!) code review like that is going to do a lot better job than a more friendly limited internal review at Company X, where Marketing wants to ship the product yesterday.



      check MD5sums at the original point of distribution

      You bring up a good precaution, checking the MD5 sums, especially in light of the trojan distribution problem that happenned with (SSH?,SSL?) last year.

      But I've always thought it was silly to check MD5 sums for tarballs from the same point of origin.

      If I were a trojan writer, I'd change the webpage so that the MD5 sum displayed was in sync with my malware.

      Getting independent verification of the MD5 sum from a different source is better; checking a PGP signature is better still.

      Finally, from a political perspective, it would Look Bad if someone managed to hack into nsa.gov and replace chunks of their site. I'd expect NSA sysadmins to pay closer attention to securing their site than average sites.

      --
      "Provided by the management for your protection."
    10. Re:What? by jo42 · · Score: 3, Funny

      Read The Source, Luke...!!

    11. Re:What? by Winter · · Score: 1
      GPL'd source guarantees that nothing lives in your kernel that you cannot examine as much as you like for backdoors. Yet this examination has to be done somebody else, by larger group of people who have great amount of knowledge and experience on these matters. It is simply not "possible" to this guy/girl to examine the kernel. Besides it is not not a easy task look for backdoors etc. Does anybody know that this kind of examination has been taken place by independent group?


      So you mean I can't just do:
      cd /usr/src/linux
      grep -R backdoor *
       :)
      --
      main(i){putchar(177663314>>6*(i-1)&63|!!(i<5)<<6)&&main(++i);}
    12. Re:What? by Anonymous Coward · · Score: 0

      Does anybody know that this kind of examination has been taken place by independent group?

      Don't know, but I'd guess that it will now.

    13. Re:What? by baloogan · · Score: 1

      I am your `who | grep father | awk'{ print $2}'` Luke

    14. Re:What? by danielsmc · · Score: 1
      Finally, from a political perspective, it would Look Bad if someone managed to hack into nsa.gov and replace chunks of their site. I'd expect NSA sysadmins to pay closer attention to securing their site than average sites.
      From Netcraft: The site www.nsa.gov is running Microsoft-IIS/5.0 on Windows 2000.
    15. Re:What? by tprox · · Score: 1

      Then you're going to have to take a leap of faith, no matter what you install. Anything can have a back door in it. Besides, if the NSA wanted to get into your computer, no matter what the distribution, I'm willing to bet they could.

  4. EnGarde Linux by moonboy · · Score: 4, Informative

    Check out EnGarde Linux.

    Also, LinuxSecurity.com is a very helpful and informative site.

    --

    Co-founder and designer at Music Nearby: http://musicnearby.com
  5. Alternative options by redhat421 · · Score: 5, Informative
    I have not really used SELinux that much, but I have used and would recommend the following two projects.

    grsecurity

    LIDS

    As far as the NSA planting a back door into SELinux, I really doubt it. A backdoor in open source code would be discovered eventually, and the NSA would have a very hard time denying it.

    It seems much more likely that they would put back doors into closed source products, which do not receive as much scrunity.

    1. Re:Alternative options by SpaceLifeForm · · Score: 1

      For example, Windows.

      --
      You are being MICROattacked, from various angles, in a SOFT manner.
    2. Re:Alternative options by dubl-u · · Score: 1

      LIDS

      I second the recommendation for LIDS. I've been using it for the last couple of years.

      It's a bit of a pain to install, but it's worth it. Even a root compromise in, say, named means that the black hats can only touch the files that I've explicitly said named can touch.

      I've never heard of anybody getting around it, but even if they eventually could, I'd still keep it. It seems the quality of hackers has dropped off since my youth; the breakins I've taken a look at have often been stopped by very minor difficulties (e.g., where the system doesn't allow HTTP out when they try to get their tools, so they just give up).

  6. Regarding NSA backdoors by Bravo_Two_Zero · · Score: 4, Insightful

    IIRC, it's a series of kernel patches and some modified basic utilities. I wouldn't be surprised if there was more to it than when I first looked at it a couple of years ago.

    But as to NSA backdoors, honestly, how much intel would they gather from the handful of people who would install SELinux? Wouldn't it make way more sense to crack into Microsoft's source code (if a Russian hacker could do it, well, I'm sure they can) and do it in a closed-source, widely adopted OS?

    Hey, I'm as much a conspiracy theorist as the next mildly-intelligent person who sees strings pulling the marionettes in our government. But it ultimately comes down to a resource allocation issue. Why bother when there's so much more to be gained with the same (or less, if you consider the need to somehow disguise the backdoor in open code! ;) amount of work?

    Now about those microwave towers...

    --


    Amateurs discuss tactics. Professionals discuss logistics.

  7. NSA already has your keys by Hungus · · Score: 3, Interesting

    I personally have a great deal of respect for the folks at the NSA. I am also quite aware of their abilities, and let me say this if you are going to hand teh keys to your system to any one organization you might as well hand them over to the NSA becasuse they already have them.

    Seriously I work in the security field, and have worked closely with all kinds of govt. operatives from local, state national and even foreign groups in my various and sundry dealings. Nobody and I mean NOBODY has the smarts/ ability / computational facilities as the NSA. The only other group I hold in such extreme regard is Mosad

    --
    Bad Panda! No Bamboo for you! In matters of importance ACs will not be responded to. Want to say something critical,OK
    1. Re:NSA already has your keys by dmayle · · Score: 3, Interesting

      That's very nice to say, but there's a WORLD of difference between being incredibly competent and being incredibly trustworthy.

      I in no way intend to imply that the two are mutually exclusive, but there is no correlation between the two. And what's important in this case is the trustworthy aspect. I, like many Americans, don't have that much trust in the government. It's one of the great things about our country. (Skepticism, that is; it keeps us on our toes...)

    2. Re:NSA already has your keys by Hungus · · Score: 2, Insightful

      I didnt say ANYTHING about being trustworthy!
      Lets be honest I know that Mossad could come up with legal documents proving you are my 3 year old daughter.
      AND I know that the NSA could show my direct email correspondence to Lenin himself.
      AND I, especially being in the security business, am paid to be paranoid ( which I would be even if I wasn't in the security field) after all just because you are paranoid doesn't mean they aren't really after you. What I am saying is there are 30 big ugly guys standing outside your home with the ability to come in. Some by breaking down your door, others breaking a window. Unless I am a cryptography expert ( I personally am good but am by no means an expert) and a security expert, and a linux expert who has gone through every line of code out there and written appropriate patches yourself you have to trust someone. Me, well I am going to trust the guy with the locksmith business card and teh truck and experience to back it up. After all he is an expert and if i didnt give him the keys he could still walk in. In the end it is not somuch a matter of trust as it is a matter of logic.

      "I would be a libertarian but they believe in too much government"

      Well, in actuallity, I am a consitutionalist

      --
      Bad Panda! No Bamboo for you! In matters of importance ACs will not be responded to. Want to say something critical,OK
  8. Yeah, go ahead. by Hanashi · · Score: 4, Insightful
    SELinux is fairly well known and has been available for some time. The original release was greeted with some amount of fanfare and hoopla, even. If there were a secret NSA backdoor, it would have been found by now.

    IMO, the bigger question is: "will the extra security measures get in the way of doing what you need to do?" And probably the corollary: "If you're going to have to disable any of those features, is it still worth using this distribution?"

    --
    Check out my eclectic infosec blog at InfoSecPotpou
  9. self-defeating... by belbo · · Score: 4, Interesting
    "I also don't want to have to work my way through every line of code before I install."

    Hum, so you ask us, who you don't know, which developers, who - in most cases - you nor we know either -, to trust? Maybe you are an NSA agent in search of backdoor-free distributions? Why should we trust you, sir?

    Seriously, short of a full code audit, you can never be sure. Security is a process, and not something you can install. I thought that was commonplace around here.

    --

    --
    "Just believe everything I tell you, and it will all be very, very simple."

  10. So, use OpenBSD already... by ivi · · Score: 5, Interesting


    Does it -have- to be Linux?!?

    SDF (the free shell-provider) switched -from-
    Linux... after a security breech...

    OpenBSD is claiming to have had:

    "Only one remote hole in the default install,
    in more than 7 years!"

    That's not too bad IMO.

    And... if you -really- itch for Linux...
    you can always put it on a box -this-
    side of an OpenBSD box (ie away from
    the Internet...)

    1. Re:So, use OpenBSD already... by gdc34 · · Score: 1

      You imply (but don't say) that SDF switched to OpenBSD.

      They switched to NetBSD which has no more security features that your standard linux distro.

  11. Choices by GreyyGuy · · Score: 3, Insightful

    First off, which is more likely- that you have information that the NSA is curious about on your machine or that some random loser with test it for various vulnerabilities? If I remember correctly, the idea behind the NSA distro was to provide a free, secure solution to slow or stop the DDOS attacks and the like. If you have anything that the NSA would REALLY be interested in, other then a pron stash that everyone else has, (meaning actual illegal, get-you-jail-time stuff) why on earth would you put that on a machine conencted to the internet? Put it on a separate machine behind a firewall and encrypt it if you are that concerned about it.

  12. Linux is Linux by hafree · · Score: 1

    It's been my experience that Linux is Linux, regardless of what distro you use or how you install it. You get different package management tools, varying versions of libraries, and better or worse optimized binaries. But the bottom line is that once you take the time to secure it, the various distributions really are not very different from each other. I think the important thing is to trust yourself and not the vendor. Regardless of how secure a server is, it's still your responsibility to change default passwords, disable services you don't use, stay up to date on security patches, and be aware of new exploits. When you keep this in mind you can really go with your distro of choice and get the same results. I'd recommend selecting a distro based on the package management and support options you want.

  13. It's a modification of a standard distro, so... by metamatic · · Score: 5, Insightful
    "I also don't want to have to work my way through every line of code before I install..."


    % man diff

    --
    GCHQ Quantum Insert installed. If only our tongues were made of glass, how much more careful we would be when we speak
  14. dumb question... by Anonymous Coward · · Score: 0

    If you *really* think that NSA planted backdoors intending to gain intel on people who installed it, would the people they want information on install it? eg - would al Quida peeps install it? How about the (pre-war) Iraqi Military? Would they install if there was speculation over backdoors? Answer - no.

    Therefore - it would be a waste of effort, time, energy, and money for the NSA to plant a backdoor in something they make publicly available. Besides - its frickin open source!! Check the code yourself - or check one of the many websites that have information about it - you'll also find one group that has completed an independent audit (looking for backdoors, trojans, etc). Guess what they found? None.

    (I'll leave the searching for that report to the poster who appparently feels threatened by backdoors but cant do a google search.)

  15. SELinux Backdoor Found by berb · · Score: 5, Funny

    After exaustive code riview of the LSM patches I have discovered a backdoor in the PAM module re-write lin...

    excuse me, there's some at the door. brb.....

    thers no suh thig as backdoor in seLinux, he was joking.

    --
    In teh event of an actual emergency this space might provide useful information.
  16. Not when you can't trust the compiler by DrSkwid · · Score: 3, Insightful


    The moral is obvious.

    You can't trust code that you did not totally create yourself. (Especially code from companies that employ people like me.) No amount of source-level verification or scrutiny will protect you from using untrusted code. In demonstrating the possibility of this kind of attack, I picked on the C compiler. I could have picked on any program-handling program such as an assembler, a loader, or even hardware microcode. As the level of program gets lower, these bugs will be harder and harder to detect. A well installed microcode bug will be almost impossible to detect.

    --
    There are places where the networks are not touching,and there are places where they are-Boeing's Lori Gunter
  17. Yes. by noselasd · · Score: 1

    NSA publishes the source to SELinux. If they put a backdoor/whatever in it, there would be lots of fuzz about it by people who know what they are talking about by now.

  18. Differing security goals by jhines · · Score: 1

    My understanding is that SElinux is more about mandatory access controls, that is enforcing security between multiple individual users.

    More along the lines of breaking the dependancy to give elevated privs (admin) to get anything done on a machine.

    The BSD's may have the features that a person needs in their applications.

  19. Gentoo SELinux by Robbat2 · · Score: 3, Informative

    SELinux is directly supported under Gentoo.
    See
    http://www.gentoo.org/proj/en/harden ed/selinux-qui ckstart.xml
    for details on installing.

    Or dig on the mailing lists for a recent post to gentoo-dev about it for a lot more information.

    --
    ICQ# : 30269588
    "I used to be an idealist, but I got mugged by reality."
  20. Have to agree Winter. by OwnerOfWhinyCat · · Score: 2, Insightful

    Though you expressed it with humor, the point is very valid. Doing a diff on to kernel source trees that kicks out 50k lines of code sounds like reading enough, but in many cases of a 10 line change, you'll have to read a good chunk of the rest of the module to get the proper context.

    Additionally, all this is in the realm of seriously expert shit. If the NSA put in a backdoor like

    if (connecting_socket->IP == 152.63.39.37) {
    connecting_socket->priv_level = GODLIKE;
    }

    You're in luck.

    In most other cases a backdoor is just a hard to exploit/spot vulnerability like a stack overflow, or an awkwardly cast variable assignment that allows the tricky person to assign values to the target varible that are outside it's normal range and have a desirable side effect. If you wrote the modules in question these things would be noticable, if you're a full time kernel coder, they would be possible but hard to spot. If you're asking /. this question, you have no chance in hell of catching them.

    The Linux From Scratch suggestion above seems like the most user accessible way to go. I would trust the good will and intentions of individuals over any government's institutions every day of the week.

  21. National SECURITY Agency by radon28 · · Score: 1

    About the NSA:
    It coordinates, directs, and performs highly specialized activities to protect U.S. information systems and produce foreign intelligence information. A high technology organization, NSA is on the frontiers of communications and data processing. It is also one of the most important centers of foreign language analysis and research within the Government.
    It's actually in their public duty to create something like SELinux. If you go to their front page, they have links to many guides on how to secure various Windows and Cisco systems. It's seems really surprising when you think about it, but they actually want to protect the United States.

    1. Re:National SECURITY Agency by Anonymous Coward · · Score: 0

      They want to protect the United States but not the people living in the United States. Since the U.S. is no realy democratic country this is not the same thing. The "national security" (which includes much more than the words suggests) is more important than individual security, freedom and human rights in the U.S.

    2. Re:National SECURITY Agency by radon28 · · Score: 1

      With the people of the United States holding and maintaining a large part of the country's infrastructure, it makes sense to protect them in the pursuit of protecting the country as a whole.

  22. Man, I'm Jealous by jayayeem · · Score: 1

    Sounds like a lot of you people are doing things the NSA might be interested in. I could email every file I've ever touched to the NSA, and they still wouldn't care to notice me.

    If I did have stuff the NSA might be interested in, I sure would not put it on a computer that was connected to the internet.

    --
    I metamoderate, therefore I am
  23. Just mainly kernel patches by SeanAhern · · Score: 1
    We're not talking about going through every line of code in an entire Linux distro.

    From their FAQ:
    # What does your distribution include?

    Security-enhanced Linux includes patches to the Linux kernel and patches to a number of standard tools and utilities. It also includes a number of new utilities, support files, and documentation. By far the easiest way to build and install Security-enhanced Linux currently is to duplicate our source trees (lsm-2.4 and selinux) and follow the instructions in selinux/README. We have provided compressed archives of our source trees, as well as several ways to build it by acquiring only our modifications from our web site (http://www.nsa.gov/selinux/). As time permits, we intend to create or modify the RPM spec files as appropriate and provide SRPM format files.
    The download should verify this. In fact, I downloaded the patch to the 2.4.20 kernel, and it topped out at just over 40,000 LOC changed, including what looks to be a good amount of documentation. While that's a decent chunk of code to review, it's not the 5,399,647 LOC (I just counted) that go into the 2.4.20 kernel itself.

    So if you're really paranoid, go check it out.
  24. Yes... by joto · · Score: 1
    ) Do you think that it is a good idea to trust the NSA not to put in back-door/spy-ware type code to enable them to snoop my personal information?

    Yes, given that...

    • the NSA do not want to get caught doing it
    • the NSA knows that many people will be looking for such a backdoor, because finding it will mean instant fame
    • the code has been available for inspection quite some time now...
    ...I'd say, you are pretty safe!

    Now, granted, a backdoor could exist, but it could equally well exist in any other distribution. If you want to be a conspiracy-theorist, there is little reason to believe they haven't already forced Linus or anyone else to accept some patches, or even installed them in gcc, as explained Ken Thompson's excellent article.

    2) What other security-patched distro's can people recommend?

    I have no idea. My guess would be that there are a lot more people writing security patches for linux, then there are people reviewing them, so I doubt anyone else knows much about this either. Everyone will probably recommend their own patches... :-)

  25. firewall by xluap · · Score: 1

    For maximum security i would use another box as a firewall. I think it would help when the firewall box has another operating system as the workstation. Of course a linux firewall box is better if you run windows. If your workstation runs linux your firewall box should run windows. That will confuse the attacker.

  26. Debian too by Xtifr · · Score: 3, Informative

    Debian also includes SELinux, and the "details for installing" seem to be: 'apt-get install selinux'. :)

    So, that's at least two major community-oriented distros that have found SELinux worth offering on at least an optional basis; two communities of sometimes-paranoid developers that have probably at least scanned for obvious backdoors. Given that, I suspect that SELinux can probably be considered reasonably safe. (At least as safe as anything else available with your system: when was the last time you reviewed KDE or GNOME for potential backdoors?)

  27. you assumed? by burns210 · · Score: 1
    "So I followed this link, which turned out to be what I assume is a genuine NSA web-site."

    It is nsa.gov, and you had to ASSUME it was legit? do you think our spies have a sense of humor or something?

  28. NSA and trusted systems by Mr.+Slippery · · Score: 1
    Do you think that it is a good idea to trust the NSA not to put in back-door/spy-ware type code to enable them to snoop my personal information?

    The NSA has done a lot of reputable work on building trusted systems - if I recall correctly, it was the NSA that published the Rainbow Series. I worked on an NSA-funded project to develop a trusted OS (Trusted Mach) for several years.

    There seems to be several distinct groups within NSA. The infosec guys are generally ok; so are the foreign intel linguists. It's the crypto people who worry me.

    I would trust an open source OS from the NSA. I would have some trepidation about a closed source one. I wouldn't use a crypto algorithm designed by them for anything interesting.

    --
    Tom Swiss | the infamous tms | my blog
    You cannot wash away blood with blood
  29. Easier, Better Way for NSA To Get a Linux Backdoor by reallocate · · Score: 1

    Being a little paranoid about NSA putting sneaky code into their own little obscure distribution isn't justified. Why would NSA backdoor something almost no one will use?

    If the NSA wants to get a backdoor into Linux, there are easier and more traditional ways to do it. A sufficient amount of money passed to the appropriate developers and commercial Linux vendors would do the trick quite nicely.

    --
    -- Slashdot: When Public Access TV Says "No"
  30. It will be fine by BJC · · Score: 1

    after running /sbin/rmmod nsakey

  31. Chill. by archnerd · · Score: 1

    I use SELinux. I've read through all the modified code. I'm not the first one to do so. It's not backdoored. It works.

  32. Sounds like you'd be better off elsewhere by Anonymous Coward · · Score: 0
    If you are that predisposed to distrust SELinux (especially after looking at their excellent and informative website) tho apparently willing to trust most other distributions you haven't heard of, then you would probably be better off not using SELinux. You'd have more peace-of-mind that way.

    By the way, do you trust that Microsoft doesn't have backdoors put in? If not, then do you trust the big Linux distros? If you trust either of those, then why are you so suspect towards the NSA patches?

    1. Re:Sounds like you'd be better off elsewhere by Eliman · · Score: 1

      I trust larger distros because of the large and (largely) intelligent user-base that frequently gets intimate with the workings of their OS. I believe that given such a large population of OS-savy users, such a backdoor would likely be discovered and publicized.

  33. You can ssh into a gentoo SELinux machine as root by bLanark · · Score: 1

    http://selinux.dev.gentoo.org/ runs gentoo SELinux.

    Simply ssh into that machine as root (password is gentoo). It's uncanny. You can't see the apache processes with "ps". You can't do much, really. It's probably too secure to be useful as a workstation, more of a single-task production server.

    I'm glad I tried it, but I certainly won't be using SELinux, I should try all those grsecurity options at the bottom of the kernel config some time though.

    --
    Note to ACs: I won't mod you up, even if you are being funny or insightful. So take a chance! It's not real life!
  34. Re:Easier, Better Way for NSA To Get a Linux Backd by Anonymous Coward · · Score: 0

    A sufficient amount of you shutting the fuck up would also be quite nice.

  35. Administration of SE Linux is still a hell by torsknod · · Score: 1

    You have to keep the policy of your SE Linux installation up to date and customize it for your needs. I've found, it's a time consuming job to do so. If you haven't too much time, I would suggest to wait, until there is a tight default policy for more packages and it is integrated in the actual stable linux kernel. Also SE Linux is only a small part of security. For the average user, a personal packet firewall, JavaScript and co. filter and stack smashing protection (e.g. supported by Open BSD AFAIK), should be more helpful.

  36. SE linux - Enter the pomygranite by Stonefish · · Score: 1

    Security is all about modes of failure.

    Start with the assumption that all software has vulnerabilities.

    Given enough resources everything is vulnerable.

    Properly implemented SE linux reduces the risk of byzantine failure of the system.

    Most people tend to think of layered security as being effective. SE linux allows the implementation of an encapsulated security policy, think of the internal structure of the pomygranite. IBMs gcc patch is also a good step in this direction however this merely eliminates a class of failures and doesn't make your system immune from attacks. http://www.trl.ibm.com/projects/security/ssp/main. html