i urge you to read this entire thread
http://forum.prisonplanet.com/index.php?topic=46357.0
now!
:microwave:
Printable View
i urge you to read this entire thread
http://forum.prisonplanet.com/index.php?topic=46357.0
now!
:microwave:
Erm...
it's called SE-Linux
Modules for SE-Linux have been present in the Kernel for over 5 years
There's absolutely no point in scare-mongering
(not least cause you're 5 years late)
but more importantly, you can't hide "back doors" in open source software
I'd be more suspicious of back doors in Windows, than SE-Linux
At any one time, you don't know what Windows is doing
Anyway,
The idea was to extend basic *nix file permissions to incorporate mandatory access controls
The story, as I understand it, is:
- In 1998 the NSA started a complete overhaul of their computer systems. going from proprietary UNIX systems to Linux
They chose Linux as it offered the best features and security
plus, being open source, they could customise is to their own needs
- Linux lacked MAC security policies (which the NSA wanted), so the NSA wrote some kernel modules to fill the role
- In 2000 (presumably after extensive testing was completed), they released the modules to the Linux community - Kernels compiled with the NSA modules were dubbed Security Enhanced (SE) Linux
- In 2003, the modules were merged into the main-line kernel
If you don't like it, there's AppArmor as well, which does the same thing
(a few people complained that SE-Linux was overly complicated & difficult to implement for bog standard systems - so AppArmor was written to achieve the same goals as SE-Linux, but highly simplified)
^yes
Sneaking a backdoor into Linux is like the Trojan Horse, expect without the horse.
Well trojan horse without the horse is just trojan, but I'm not sure what a condom has to do with computer security.
Unless of course you are talking about a metaphorical condom, which would catch metaphorical semen, but that still really is pretty useless in a conversation about backdoors in computer softwate.
No, I mean... a backdoor in Linux is like...
if the Trojans, instead of hiding in a horse, would have just knocked on the door and said "Hi, we want to kill you".
Edit: Perhaps a Trojan Horse made of glass works better as an allegory.
how about thisQuote:
Originally Posted by Korittke
Sponge-Cake Linux:
100g butter
100g caster sugar
100g self raising flour
50g cyanide
Vanilla essence
Pinch of salt
2 medium eggs
Sponge cake recipe cooking instructions:
1. Preheat oven to Gas mark 190°C.
2. Place the butter and sugar into a mixing bowl. Beat until smooth and creamy.
3. Beat the eggs in basin or cup and add to the mixture a little at the time, with the flour keeping the same smooth and creamy consistency.
4. Making sure the mixtures does not get too wet or dry as you go when you have used all the flour and the eggs.
5. Add the vanilla essence and a pinch of salt, mix for a few minutes.
6. Add the cyanide.
7. Divide into two lined, or non-stick sponge tins, put into a moderately hot oven, middle shelf.
8. Put into the oven and bake for 20-25 minutes (it is important that the oven is well heated).
9. Put to cool on a rack to cool.
10.When cool put one upside down on a plate spread with jam, you can also put fresh cream in at this stage, put the other piece on the top and dust with icing sugar.
Umm, since SELinux is open source, there's no chance the NSA could have made it into a backdoor without the Linux community noticing. SELinux is a just a customization of the kernl that the NSA developed for their own systems to make them more secure, and the Linux community looked at the source, made sure it was safe, and popped it into the kernel. This makes systems with SELinux more secure, but we aren't vulnerable to a backdoor from the NSA.
yeah but its not in the source code
the NSA's own program, SELinux is built into the kernel, which lies beneath the actual operating system
Somehow I'm not incredibly worried.
just go to google and type in NSA linux
or NSA windows
or NSA microsoft
or NSA apple or macintosh
then read the articles
The kernel is also open source. What's your point?Quote:
Originally Posted by Hercuflea
The kernel is actually part of the operating system.Quote:
SELinux is built into the kernel, which lies beneath the actual operating system
Linux is a KernelQuote:
Originally Posted by Hercuflea
A kernel is part of an operating system (the lowest part)
roughly speaking,
it looks like this
http://www.snoopy.force9.co.uk/os.png
with the SE-Linux modules (which are open source, btw) sitting in the kernel modules section