Slashdot Mirror

← Back to Stories (view on slashdot.org)

Schwartz Comments On NSA/Sun OpenSolaris Collaboration

Posted by ScuttleMonkey on from the color-me-skeptical-for-now dept.

sean_nestor writes to mention that Sun CEO Jonathan Schwartz took a bit of time recently to comment on last week's announcement that Sun Microsystems would be partnering closely with the NSA for security research surrounding OpenSolaris. Rather than the typical loads of legalese and confidentiality agreements Sun and the NSA are claiming that this move is more about the NSA joining the OpenSolaris community than anything else. I guess only time will tell.

4 of 92 comments (clear)

  1. OpenSolaris by TheNinjaroach · · Score: 5, Insightful

    "Open" is the keyword here. It's not like they are going to be submitting binary patches or that we can't review the source code they submit.

    I'd also like to point out the SELinux project, will you abandon Linux now too?

    You should really adjust that tin foil, it's messing with the signals that are already inside your head.

    --
    I went to eat some animal crackers and the box said, "Do not eat if seal is broken." I opened the box and sure enough..
  2. Re:Great! I liked Solaris. by TrekkieGod · · Score: 5, Insightful

    Spoken like a true Sheep.

    Spoken like a conspiracy theory nut. Distrust of the government is a very good thing. Blindingly thinking the government is out to get you is as stupid as blindingly believing it's out to help you. In this case, SELinux is completely open and out there for you to see.

    It takes teams of people to understand the ins and outs of large sums of source code

    Do you think teams of people haven't gone through the SELinux code with a fine-tooth comb? Security researchers were all over that, when the code was first given to the community in 2000. It wasn't placed in the mainline kernel until 2003. There has been plenty of time for people to find echelon-type code in there. Not to mention it would be pretty stupid to put that type of code in the open, as it would destroy people's confidence in the NSA and allow people who looked at the code to use these hooks for their own benefits, thus potentially using it against the US Government itself, since several departments including the DoD and the NSA itself use it.

    I have hacked the kernel and made changes but I do not understand the entire thing, not one person could build an OS like Linux and deploy it without community support.

    No, but I guarantee you that if you submitted your kernel changes to the mainline tree, several people above you looked at those changes and vetted it as worthwhile for inclusion. And you can bet every one of those people don't understand the entire kernel, but sure as hell understood the part of the kernel you were messing with. And they understood what your code was doing. Anyone can make changes to the linux code, but it's not an open source repository that everyone submits to, there are specific processes to get things accepted to the main tree.

    The government is like a sexually transmitted disease, easy to catch and hard as hell to get rid of.

    The solution to sexually transmitted diseases is to be vigilant and careful, not to stop having sex. If all humans become so afraid of sexually transmitted diseases that they quit having children humanity would be gone. Similar fate would befall you in total anarchism. Be wary of your government, and require it to be open. Please don't bitch about the good and open things the government has done, we need to encourage more of that.

    --

    Warning: Opinions known to be heavily biased.

  3. Re:New Meaning of Spyware by bfields · · Score: 5, Insightful

    The NSA is a huge organization, does a lot of different things, and as a result, it can--like a lot of large companies and agencies--seem a bit schizophrenic.

    NSA employees have made significant contributions to Linux already, and there have been the usual arguments over design choices that any such project faces, but there's never been the smallest suggestion of any subterfuge.

    OpenSolaris's work is conducted in the light of day, and I doubt the NSA's participation will be any more nefarious there.

    Part of the NSA's mandate seems to be to improve the security of everybody's operating systems. That's work that can benefit all of us, is exactly the sort of work that a "national security agency" *should* do, and we should encourage it, while still condemning the projects we disapprove of.

  4. Re:New Meaning of Spyware by Zoidbergo · · Score: 5, Insightful

    I'll be the first to yell out at things like warrantless wiretapping, but believe it or not, even at NSA they use Windows and Linux/Unix on their hardware. It's in their best interest and the interest of their mission (as a consumer of said OSs) to make sure that those OSs are as secure as they can be. And some of the smartest security researchers on the planet work for NSA. So why not?

    One of the NSA's growing missions is also to secure the electronic interests of the United States and its citizens. That includes doing anything they can to help secure the infrastructure of US interests. All our banks and national financial stability rely heavily on the security of computer systems. If they can't benefit from this added security, what's the point of securing a defense system if someone can hack into your federal bank system and make you lose billions?

    So things like an overall more secure Solaris or Linux (or even Windows Vista) benefits everyone, including the electronic interests of the citizens of the USA, who the NSA also serves. Remember, they ARE a government agency (an occasionally evil one, though most of them do evil things every now and then.)