PGP Division to Work With NSA on Secure Linux 151
NAI Labs, a division of PGP Security, just sent out a
press release
announcing that they're "joining with the National Security Agency (NSA) and its other partners to further develop the NSA's Security-Enhanced Linux
(SELinux)
prototype." Wow.
NSA (Score:1)
I'd Just Like to State (Score:1)
They can't put backdoors in Linux because we'd catch them and then have a national scare as proof poured out that the NSA is definately trying to spy on us. Strike 1.
Backdoors *can* be put in NAI PGP. But you ARE using Werner Koch's GPL'd GNU Privacy Guard (GPG) for crypto, right? Strike 2.
If you want crypto in the kernel, go to kerneli.org and grab the international patch. The 2.4.0 patch will work even up to 2.4.2. You can make encrypted loopback filesystems using very strong alogithms. IOW, it's been done. Strike 3.
The NSA is only trying to improve security in other parts of the kernel, and PGP is probably the strongest way to do it right now. Folks, this is a Good Thing(tm).
So? phUck PGP and uze Blowfish. (Score:2)
Relying on any one crypto methodology is stupid. Why would anyone so worried about people snooping their data put all their trust into one crypto format?
dd if=/dev/random of=/somefile-1 bs=1M count=1024
losetup -e blowfish /dev/loop1 /somefile-1 /dev/loop1 /dev/loop1 /mnt/chain1 /mnt/chain1
mke2fs
mount
cd
dd if=/dev/random of=/somefile-2
losetup -e serpent /dev/loop2 /chain1/somefile-2 /dev/loop2 /dev/loop2 /mnt/chain2 /mnt/chain2
mke2fs
mount
cd
dd if=/dev/random of=/somefile-3
losetup -e cast128 /dev/loop3 /chain2/somefile-3 /dev/loop3 /dev/loop3 /mnt/chain3 /mnt/chain3
mke2fs
mount
cd
dd if=/dev/random of=/somefile-4
losetup -e rijndael /dev/loop4 /chain3/somefile-4 /dev/loop4 /dev/loop4 /mnt/chain4 /mnt/chain4
mke2fs
mount
cd
dd if=/dev/random of=/somefile-5
losetup -e twofish /dev/loop5 /chain3/somefile-5 /dev/loop5 /dev/loop5 /mnt/chain5 /mnt/chain5
mke2fs
mount
cd
Store secure data here. When Feds rip out your machine (they never conduct data searches on the spot cuz they're stupid), they won't be aboe to mount that 1GB of random data without the 5 passphrases.
Performance hit? Yes. Security costs. Which is more important? Get a faster CPU.
NAI Labs == former TIS Labs (Score:2)
Some of you are over-interpreting the occurence of the word "PGP" in this press release. This has little or nothing to do with Phil Zimmerman's program.
A merger-and-acquisition review for those who missed it:
NAI took these various companies and tried, totally unsuccessfully, to merge their products into one product line so they would become a "one stop shop" for security purchases.
NAI dismally failed at this strategy, outmaneuvered by competitors like Cisco, Axent and in particular Internet Security Systems.
NAI reorganizes, and essentially splits into several groups. These are called:
In this reorg, "TIS Labs" became "NAI Labs".
So as you can see the juxtaposition of "PGP" with "NAI labs" is merely a happenstance of the merger and acquisition history of this company.
Awesome! (Score:3)
PGP is just an all around good company, and I'm sure their participation on this project will only make it better for everyone involved.
I really can't see any way in which this could turn out badly!
Re:Moderator Crack Day! (Score:1)
Bill - aka taniwha
--
Run a diff (Score:1)
Hack Shoeboy... (Score:1)
~^~~^~^^~~^
This is not news (Score:3)
The Security-enhanced Linux prototype was developed in conjunction with research partners from NAI Labs, Secure Computing Corporation (SCC), and the MITRE Corporation.
This like annoucing that AOL/Netscape is joining up with the Mozilla project to produce Mozilla.
Python
Re:For the paranoid (Score:2)
Actually, of the two I'd rather have Microsoft. Why? Because if the NSA don't like your information, you're going to jail, it's as simple as that.
Re:For the paranoid (Score:2)
To paraphrase JWZ, the NSA have the r00t password to the constitution. There is no legal defence against the national interest.
On the other hand, if Microsoft finds something they don't like (anything that violates their liscencing agreements)
Ah, there we differ. I pay for all the commercial software I use (actually, that's not true; it would be more accurate to say that I only use commercial software that someone has paid for, for example a company). If you get caught for it, you just pay up and it's settled.
No, what I'm worried about is information that may be politically or socially unacceptable to the government. What would Thoreau have done?
Re:NSA Info (Score:2)
LIDS (Score:1)
Very nice implementation of MAC. Not as flexible as the NSA's scheme but it's useable right now and greatly limits the amount of damage an intruder with root access can do. Highly recommended for any system.
Re:Not bad (Score:1)
Without the specifics of the deal, it's of course hard to say, but as it's about Linux security and cryptography commercial/NSA joint project and, from reading the press release, there are more partners in this project, the total impact is likely to be big.
However, I don't remember if mandatory access control framework was generally accepted as a target for 2.5 development by the kernel guys. And, being a big change, I think it's either one of the main targets, or it's going to wait for the next development cycle. Which might fit nicely for the 2-year project deadline
Logo for the NSA-Linux distribution. (Score:2)
---
Re:Backdoors? (Score:1)
Computing is the only field in which we consider adding a wing to the building to be maintenance.
Re:clever folks (Score:1)
I think his target was to improve Linux, and he had a clue.
To Quote McCullagh, (Score:2)
It's certainly a new (is that, gnu?) world out there. This does raise, however, further questions about PGP-via-NAI's security and lack of governmental collusion. One wonders if the talks leading up to this were what spurred Zimmerman to leave to focus on OpenPGP?
No holes in source, but how about compilers (Score:1)
Re:NSA must like PGP (Score:2)
The NSA has two jobs to do in order to fulfill their mission of protecting the interests of the United States.
The first one is well, invasion of privacy. They need to be able to read the communications of "Bad Guys". Most people on Slashdot are perfectly aware of this role.
The other role, paradoxically, is protection of privacy. They need to prevent the communications of "Good Guys" from being intercepted by the "Bad Guys". Currently, one of the most annoying threats to national security is industrial espionage. Thus it behooves the NSA to provide tools to American citizens and corporations to protect themselves.
Thus you see the NSA fighting encryption by encouraging export restrictions & key escrow schemes on one hand, while simultaneously promoting encryption by working with PGP, and enhancing the security of Linux.
Trying to think how the NSA reconciles those two roles makes my head hurt.
Re:Backdoors? (Score:1)
Re:Backdoors? (Score:1)
I'll tell you why they are doing this. They are providing a robust secure OS that will protect you against everybody except the NSA. How many servers are YOU going to deploy that on? There has never in the history of Earth been a trustworthy government. EVER. Why is this one all of a sudden so cuddly?
Re:Backdoors? (Score:2)
Why is the NSA doing this? How can it benefit them? What could possibly motivate them to cooperate with an open source effort, if not to compromise its security?
Re:Backdoors? (Score:2)
I submit that it's not possible to examine the product thoroughly enough to ensure that no back doors have been introduced. Surely you don't believe that the NSA is even SLIGHTLY worried about YOUR privacy, do you?
Re:Backdoors? (Score:2)
(Distributed processing node for Echelon, anybody?)
Trust the NSA??? Yea Right (Score:1)
Like that'll happen, I wonder how many 'hooks and back-doors' they can hide? I guess it's a fasntasy to think the public could ever have an encryption scheme strong enough to block their eyes anyway...
clever folks (Score:5)
Don't think that it wasn't difficult for the NSA to do what we've seen with SELinux. For an organization who's entire history has been built upon the idea that incognito is good, this movement of opening up and embracing the open source community was certainly hampered by the knee-jerk reaction of middle-managers who can't imagine working openly with private companies, much less thousands of developers worldwide.
Bravo, NSA. And bravo, Mr. Man-behind-the-scenes who's making this happen. My hat's off to you.
Re:Backdoors? (Score:1)
Why do I care if the NSA has some super secret backdoor into my pc? They certainly have backdoors in the phone system, etc. and I use that every day.
What would the NSA want to look at my box for? I'm not doing anything illegal. I don't think the NSA is really going to care if I have deCSS code or MP3's on here. They've got better things to do.
The first time they use evidence collected via a back door someone will find out and then we'll find out. They're not going to risk that over anything I could ever imagine doing on a computer.
Geez. I don't understand the paranoia. If they want to see what's on your box, they'll bust in and physically take it.
Paranoia is for people who have something to hide.
I work for NAILabs on NSA sponsored projects (Score:3)
Previously, we worked on a publicly available implementation of SNMPv3 (first in net-snmp [net-snmp.org] and then from scratch in opensnmp [opensnmp.com], both of which are BSD copyrighted code).
My next project is targeted to large scale management [ietf.org] of IPsec [ietf.org] installations, the code for which should also be released to the public (though the popular FreeS/Wan [freeswan.org] code base won't accept US patches, so we'll probably be instrumenting Cerberus [nist.gov] instead; FreeS/WAN's loss I guess, otherwise we might have implemented code for them both).
Working on projects like this is great, because it's typically in the form of "here's a hard problem", now "go solve it" without any mention of "do it this way".
re: Why Now? (Score:1)
The people that RUN the agency (like every OTHER gov't agency) are politicians. Remember, George Bush Sr. was Director of the CIA before becoming VP -- a politician.
--
Charles E. Hill
Re:Easier to predict... (Score:1)
Not necessarily. It is difficult either way because it is so rare that anyone actually has enough facts to predict anything accurately.
Remember, inaction is an action. You have to go on what you know. Learn from your mistakes.
--
Charles E. Hill
Re:Not the start of involvement.... (Score:1)
--
Charles E. Hill
Re:"Wolf works with farmer to help safeguard sheep (Score:1)
There simply has to be enough incentive for the wolf to override his interest in snatching the sheep for himself.
The cost of "trusted" OSes like Solaris, AIX, etc. that they use probably adds up. They are also rumored to be a big consumer of OpenBSD.
--
Charles E. Hill
Just the kernel... (Score:1)
The cost savings over their current use of "Trusted" OSes has already been mentioned. It probably adds up.
But you are forgetting one thing. Most of the reported vulnerabilities are not in the kernel! They are in associated apps and misconfigured services!
Yes, I know what MACs are and that properly configured they would go a long way towards securing a system.
Guess what? Most people can't properly configure a system now much less understand and properly setup a MAC-based one!
Look at the Top 10 [sans.org] vulnerabilities on the net today and you will see most of them have had fixes/patches for a long time -- they just haven't been applied!
THIS ISN'T GOING TO CHANGE WITH SE LINUX! If you know what you are doing you can properly configure a pretty damn secure Linux/BSD system -- especially a non-server -- with minimal effort. Combine IPChains/IPTables with Tripwire, Snort, NMAP (to double-check) and don't run any services that aren't absolutely necessary and ANYONE, including the NSA, is going to have a damn hard time getting in to your system.
If you really want to be paranoid -- use different passwords for local-access items (like logging in) and remote-access items (like POP3 e-mail -- which can be easily sniffed); install the International crypto patch [kerneli.org] on your kernel and setup a loopback device to encrypt all your file systems. (BTW: the 2.4.3 Int'l patch is out.)
Professional involvement by the world's largest employer of mathematicians and cryptographers is a good thing.
--
Charles E. Hill
Obligatory quote from "Good Will Hunting" re NSA (Score:3)
Say I'm working at the NSA and somebody puts a code on my desk, something nobody else can break. Maybe I take a shot at it, maybe I break it. I'm really happy with myself, because I did my job well.
But maybe that code was the location of some rebel army in North Africa or in the Middle East and once they have that location they bomb the village where the rebel army is hiding. Fifteen hundred people that I never met, never had no problem with, just got killed.
Now the politicians are saying "Oh, send in the Marines to secure the area," because they don't give a shit. It won't be their kid over there getting shot just like it wasn't them when their number got called because they were pulling a tour in the National Guard.
It'll be some kid from Southie over there taking shrapnel in the ass. He comes back to find that the plant he used to work at got exported to the country he just got back from, and the guy that put the shrapnel in his ass got his old job, because he'll work for fifteen cents a day and no bathroom breaks.
Meanwhile he realizes that the only reason he was over there in the first place was so we could install a government that would sell us oil at a good price. And of course the oil companies use the little skirmish to scare up oil prices. It's a cute little ancillary benefit for them, but it ain't helping my buddy at two-fifty a gallon.
They're taking their sweet time bringing the oil back, of course, and maybe they took the liberty of hiring an alcoholic skipper who likes to drink martinis and fucking play slalom with the icebergs. It ain't too long until he hits one, spills the oil, and kills all the sea life in the North Atlantic.
So now my buddy's out of work, he can't afford to drive, so he's walking to the fucking job interviews which sucks because the shrapnel in his ass is giving him chronic hemorrhoids. Meanwhile, he's starving because any time he tries to get a bite to eat the only Blue Plate Special they're serving is North Atlantic Scrod with Quaker State.
So what did I think? I'm holding out for something better.
I figure, fuck it. While I'm at it, I might as well just shoot my buddy in the ass, take his job, give it to his sworn enemy, hike up gas prices, bomb a village, club a baby seal, hit the hash pipe and join the National Guard. I could be elected President.
--From "Good Will Hunting" (Matt Damon's character speaking to an NSA recruiter, in a heavy Boston accent)
NSA responsibilities (Score:2)
A truly secure COTS OS won't hurt the NSA and FBI too much - they have plenty of other resources available to them. But not many groups will be able to afford the HumInt required to get around NSA/FBI safeguards, if the easy technical backdoors have been eliminated.
Re:Backdoors? (Score:2)
On the flip side, actually doing something useful with this hack would be very difficult. It would be too easy to get caught if someone with the right skills goes poking around binaries and finds something amiss. And it's a fair bet that any NSA-blessed code would get such a close look. It wouldn't be so easy to hide, either. This is much easier with Microsoft OSes, which have such a large amount of undocumented stuff all over teh place that could be linked together.
Who knows, often things are no more complex than they appear. I bet that the NSA has found that it would be much easier to protect themselves and other government agencies if there were a distribution that THEY could trust without the expense of coding it all themselves. With proprietary software, they are at a slight disadvantage in that cat and mouse game. Maybe the _NSAKEY was a Microsoft trick to backdoor the NSA...
But the lesson from the compiler hack is that you can really only trust it if you've examined it yourself. And a secure linux distrubution would undeniably be of very high utility all on it's own to the NSA.
Now let us have no more curiosity about this bizaare cover-up.
Boss of nothin. Big deal.
Son, go get daddy's hard plastic eyes.
NAI labs and NSA (Score:2)
A few years ago, Network Associates gobbled up Trusted Information Systems - the folks who brought you the TIS Firewall Toolkit, and brought me my first job out of grad school. TIS was very cozy with the NSA (founder and many employees were ex-NSA), and did several research projects for them (including the one I worked on, Trusted Mach).
I don't know what the current organizational structure of Network Associates is, but I suspect that NAI labs may be the remains of TIS. I wouldn't be surprised if the NSA came to Network Associates as the result of this relationship.
(In the interests of full disclosure: I'm a Network Associates stockholder.)
Tom Swiss | the infamous tms | http://www.infamous.net/
PGP cracked? (Score:1)
Re:Great (Score:1)
Re:Great (Score:2)
they did make some [at the time] incomprehensible changes to the S-Boxes that DES uses for its non-linear component. However, it was later discovered that these changes were 100 beneficial, in that they were specifically designed to protect against differential cryptanalysis (IIRC: if the non-linear transform isn't uniform, the bias can be statistically sampled and used to cut down the search space), that the original design would have been vunerable to.
So, they may move in strange ways, but that is not always against everyone else.
(mind you, at the time, they were possibly the only people who could have afforded to build a brute-forcer, so you could argue that this change WAS to their benefit in the long run)
Re:Great (Score:1)
Nah, you'll just get modded down for having a typo on your sig.
Re:Great (Score:1)
I expect that I'll get modded down because I am thinking with common sense rather than stating my thought with the grace of the typical knee jerk reaction...*sigh* welcome to slashdot.
--------
"Counting in octal is just like counting in decimal--if you don't use your thumbs."
Re:Great (Score:1)
--------
"Counting in octal is just like counting in decimal--if you don't use your thumbs."
Re:Great (Score:2)
SELinux is simply about making the data on your machine safe from other processes on your machine. It prevents a program from accessing any resource on the machine it is not cleared for, no matter who the process is running as.
OK, let's put on our paranoid hats <SoundFX type="crinkling aluminum foil"> and try to guess what benefit this has to the NSA: It makes it possible to use Linux in a secure environment. It gives them an OS for which they have source code (I am pretty sure they have the source for Windows(9*|NT|XP|2000) and Solaris, legally aquired), but they have the legal right to modify and distribute. This allows them to secure any government agency's computing resources in a consistant fashion. Remember, part of their job is securing OUR stuff.
Now, I'm sure that if a modification to allow all TCP traffic to be encrypted by default were to be added to normal IPv4, they might have a problem with that, since that would interfere with their normal data gathering operations. BUT, hardening Linux so a Trojan/Malicious user cannot get access to somebody else's stuff is going to make their life EASIER.
Remember, if the NSA wanted what is on your hard drive, they'd just wait till you were out, pick your locks, dd the drive, and leave.
Re:NAI labs and NSA (Score:1)
I worked at NAILabs and ran couple of NSA sponsored projects there. The funds are coming out R? departments (R == Research). The only strings attached to these projects are performance related such as making progress, regular status updates, and make results public in source code and/or papers.
NSA has two main missions evesdropping on the world AND PROTECTING US Gov. computer systems and in the second role this project makes lots of sense.
My take is that NSA realizes they have a bad image and are trying to do more DARPA like projects to improve the image. There is nothing sinister about NSA involvement. It is only about a year ago that NSA allowed press releases of projects like this one.
What prior work? (Score:2)
Does anybody know what NSA's prior work on the kernel is? Any pointers, web sites, /. articles, ... for the un-initiated?
Re:NSA Linux (Score:2)
Funny!
But for reference: it's licenced under the GPL [nsa.gov] - that's the normal GPL.
Useful information on NSA web site (Score:3)
Stupid me: should have checked the NSA web site [nsa.gov] for the information.
Excellent! (Score:1)
Now, this means that the NSA can personally secure the file system, password protection schemes, and so on for all Linux users. Can you imagine the kind of security that Linux can have now?!?!!? Finally, Linux might become a viable online brokerage operating system. The only reason that Windows is still being used is because it's the most secure O/S out there.
I'm looking forward to seeing the new O/S that the NSA will come out with. It should be interesting.
------
That's just the way it is
Good! (Score:3)
Re:Backdoors? (Score:1)
More info on NSA research (Score:1)
I wonder what they mean by "commercial implementation of a Linux operating system".
Re:NSA Linux (Score:1)
"Joining"? What? Why is this news? (Score:1)
Moderator Crack Day! (Score:1)
I have to wonder if somehow the folks at
Re:Moderator Crack Day! (Score:1)
----
Re:Easier to predict... (Score:1)
Smart people learn from their mistakes. Smarter people learn from other people's mistakes.
----
Dig a little deeper (follow a few links): (Score:2)
The security mechanisms implemented in the system provide flexible support for a wide range of security policies. They make it possible to configure the system to meet a wide range of security requirements. The release includes a general-purpose security policy configuration designed to meet a number of security objectives as an example of how this may be done. The flexibility of the system allows the policy to be modified and extended to customize the security policy as required for any given installation.
There is still much work needed to develop a complete security solution. In addition, due to resource limitations, we have not yet been able to evaluate and optimize the performance of the security mechanisms. Currently, we can only support the x86 architecture and have only been able to test it on Red Hat 6.1 distribution. Nonetheless, we feel we have presented a good starting point to bring valuable security features to Linux. We are looking forward to building upon this work with the Linux community."
This is NOT security fixes of Linux, NOT auditing. It is simply a showcase for how to bolt a more complex security model onto an existing mainstream Open Source OS. The kind of security most normal users DO NOT need in their day-to-day browsing habits. However, I hope the project goes well so that they get more funds to do even more.
- Steeltoe
NSA Linux (Score:3)
All privacy functions within NSA Linux have been removed or disabled, all Internet traffic is cached at NSA headquarters for your convenience, and nearly-anonymous statistics are recorded about you to improve customer service. Any attempt to circumvent these features will result in quiet, painless death in the middle of the night.
NSA Info (Score:4)
Re:What would be the mascot? (Score:1)
The real question is, why am I putting so much thought into this?
-J
Re:What I want to know (Score:1)
Re:Awesome! (Score:1)
Hasn't Slashdot Said Encryption is Pointless? (Score:1)
The National Security Agency today abandonded its plans to integrate a well-known encryption program into its secure version of Linux. According to an anonymous agent of the NSA, the department was shocked when they read a post on a forum known as Slashdot, that encryption was pointless. [slashdot.org] Said the staffer, "We've decided to forgo even putting this in, cause, whats the point. In fact we're getting out of the code business altogether. That question on Ask Slashdot was a blow to a lot of people who've spent their lives working on encryption, only to learn its pretty much pointless."
Re:Nice (Score:1)
Really? Cool! Hey what was the name of my cat, old friend? :)
Nice (Score:5)
Come on, stop being so damn paranoid. Trust me, you're not nearly as intersting to the government as you might think you are.
Re:Backdoors? (Score:1)
Re:Backdoors? (Score:2)
It would be extremely hard to add backdoors to Linux. The code is all Open Source. Under the GNU, the NSA is required by law to release source code modifications to the public. How would they explain a source code modification like, "05/13/01 - Added backdoor code to the TCP stack."?
People are overly paranoid. Just because its the NSA doesn't mean that they're doing this just to add backdoors to Linux. Even if they did, and they somehow manged to get away with it (which is extremely doubtful), it would only be applicable to their distribution. They could always convince Torvalds to let them add it to the kernel as a whole, but do you think all the other kernel hackers wouldn't notice?
I have no doubt that the NSA puts backdoors in Microsoft software, but I also have very little doubt that they will try the same with Linux. An ex-spook even admitted to Microsoft backdoors. Try the same with Open Source software, and you'll have hundreds upon thousands of angry hacker-types banging down your doors. Give the NSA a little more credit.
If anything, this is a step in the right direction for the NSA. They realize that security through obscurity is a poor way to protect systems, and that Linux can provide them with an ultra-secure OS. They can then give this back to the people, and show what years of security and encryption research has produced. I say encourage them. Nothing will make Linux more secure than the US government pumping money and their best security hackers (yes, I mean hackers, not crackers) into the OS. As long as they follow the GNU license, we should see lots of excellent security enhancements in Linux coming soon!
Re:What would be the mascot? (Score:1)
I work for MITRE (Score:1)
Re:Backdoors? (Score:1)
That said, also remember if you're trying to place a back door in software why broadcast that you're the NSA. Why not simply slip it in more subtly.
And finally, this is $1.2 Million for an agency that gets $Billions. Hell it could just simply be to keep a couple of dispirited yet highly valued NSA programmers happy. It's just spare change
Difficult (Score:1)
Bet its not as hard as cracking someones pgp encrypted files though.
Re:Backdoors? (Score:1)
So people could check that what they did WAS secure.
What would be the mascot? (Score:3)
--
Re:The Next Step of Linux... Audited Security (Score:1)
Actually, one of the interesting points that they make is that Orange Book standards are not the be-all end-all of computer security. To quote:
The Orange Book was designed to implement the military's system of data security, but there are other potential security models that depend on mandatory access controls. To take this into account, the NSA researchers designed a much more flexible system in which the kernel implements some very generic mandatory access control structures but the details of the security model are substantially configurable. That means that you can implement an Orange Book B-class security model, but that's not the only security model that's available.
Re:Backdoors? (Score:2)
Gee, I don't know could it be:
I don't know about you, but I think that pretty clearly covers the idea of new, higher security versions of existing software. Remember that SE Linux isn't really about encryption, but about adding a better security architecture to the system. That means helping to make the system cracker-proof, not making its communications more secure. They still have plenty of room to intercept and decode the other guys' communications even if they can't crack his boxen anymore.
Re:Backdoors? (Score:2)
Of course there's still a very serious need to make those systems secure. Not being on the Internet does reduce your risk of being hax0red by skript kiddiez, but being a high profile, high value target attracts other kinds of attackers. You can bet that just about every unfriendly power out there is trying to get access to Intelink, either by infiltrating a mole or suborning someone who already has access. The number of potential attackers may be lower, but their dedication, skill, and support is likely to be a lot higher than random kiddiez.
And, of course, there's more to national security than keeping top secret military secrets from the prying eyes of the baddies. The long term economic health of the country is critical for national security, and that means helping companies that need security to get it. The NYSE, for instance, needs to have a lot of its critical systems exposed to the net, since their whole purpose is to send out critical information. It would be no good at all if they were broken into by morons intent on vandalizing the computers, and really, really bad if they were cracked by somebody with some subtlety and bad intentions, though I'm pretty confident that they're already running something more secure than Apache/Linux or IIS/Win2000. And, of course, that's just one example. Corporate espionage is a real potential problem, as is large scale credit card fraud, both of which could be carried out by cracking the right computers.
Not the start of involvement.... (Score:3)
It's interesting to note that NAI have been involved for months with the project - see an NSA Press Release from January here [nsa.gov].
An interesting techy overview is available from IBM here. I'm a serious NSA-paranoid (in 98 I wrote the rhyme: "Mary had a crypto key, she kept it in escrow, and everything that Mary said, the Feds were sure to know."), but I for one think that NSA 'hardened' Linux is a VERY good thing....Don't forget that, as well as being dirty spying bastards , the NSA (and the rest of the USG) are the largest consumers of secure computing.
At the moment they pay through the nose for 'hardened' versions of AIX, Solaris, HP-UX etc. They see that Linux is a 'free' alternative and would like to cut costs. They see that Linux isn't secure enough (e.g. would struggle to get c2 rating, let along B*), so they decide to start coding themselves, adding functionality such as MAC.
Rather than keep the changes themselves, the NSA decide to share the source code back with the community - this really embraces the Free Software / Linux philosophy. Any code released will be scrutinized no end - a peer review of the initial code for example uncovered a potential buffer overflow vulnerability.
I appreciate that my comments may not be popular with the ultra-paranoid, but if you can objectively view the facts this development really is a good thing for Linux. Hell, if you don't want to use the changes, then don't apply the diffs.
The bottom line: I strongly support NAI in their efforts to further develop Linux.
Re:Not bad (Score:2)
1.2 million dollars will be pumped into the development of Linux.
That's 1.2 million dollars of government effort. It gets you one project manager who doesn't understand the project, three programmers who are there because they can do no work and not get fired, two programmers who are there bankrolling thier education to the government, one programmer who died at his desk in '79 and nobody's noticed yet, 20 dot matrix printers someone in procurement bought because they're an idiot, five toilet seats, and a ball-peen hammer.
Re:Not bad (Score:1)
It's actually better than that. Turns out, the NSA had been researching linear cryptanalysis sometime prior to 1977. So, when their designers get together with IBM's, they hand over some very particular S-boxes for the algorithm. Until the work of Shamir et al in the 90s, nobody knew where they'd pulled them from. It was one of those "We can't tell you where we got them, or why you should use them -- just trust us" deals.
So around 1995, linear cryptanalysis is discovered in the non-classified world, and applied to DES. To everyone's great surprise, when you factor in the storage requirements, linear cryptanalyzing DES is almost exactly as hard as brute forcing it, because of the particular structure of the S-boxes.
So sure, the NSA almost certainly wouldn't *tell* us if they knew how to break RSA, but their mandate *is* the security of the US. As such, they have an interest in getting security that works into the hands of Americans (business in particular, you might notice from the press release -- same reasoning behind designing DES so strong).
The Next Step of Linux... Audited Security (Score:2)
For those of you who are concerned about this port, pay close attention to this next line.
GPL/OSS's strength is in the availablity of source which can be audited.
For those of you cryptonauts and paranoids who don't quite know C (present company included), you've a very good reason to learn. Reading the multitudinous (ooh! big word!) kilos and megs of kernel source ain't my idea of a great vacation, but the results of the extensive audit will be worth it. (B1 operating systems are, shall we say, DAMNED hard nuts to crack.)
If that's not enough, there's an article (name, site, and url escape me) where Linus says that audited parts of the NSA port may well be injected into the source tree.
Windows.. Good for targeting rocks.
Re:Trust the NSA??? Yea Right (Score:2)
"The Morris Worm was the worst thing to happen to the CIA, because then system administrators looked for all those cracks in security!"
Full audio at h2k.net.
Windows.. Good for targeting rocks.
Re:Excellent! (Score:2)
Re:Backdoors? (Score:3)
This (infiltrating the linux community through the prebuilt compiler or even kernel) would actually work to a certain extent with the current Linux community. How many of you are running a home-compiled kernel? [OK, lots] Now keep your hands up if you are running a kernel you comlpiled with a compiler you compiled. [most hands go down.] What kernel were you running when you compiled the compiler? And what compiler did you use on that kernel?
The mechanism for complete infection would not be there, though, since there would be plenty of people and distros out there that would begin to track and maintain the purity of the lineage of their compilers and kernels, but the NSA could get a foothold into the more promiscuous script kiddies community, which they have some incentive to do anyway.
Bingo Foo
---
Re:NSA hysterics (Score:3)
Doesn't anybody think before going into hysterics?
Of course not. That is kind of the point of hysterics.
Re:Great (Score:3)
Although they have a reason to want the net to be unhackable, they also have a reason to be the exception. Given the brainpower they have, they could conceivably know something we don't. Beware of algorithms you don't understand.
Not bad (Score:4)
Now lets look at other times a joint commercial/NSA endeavor has taken place, DES. The standard was published in January 1977 and no major cryptographic break has been discovered yet save brute force (I hardly consider linear cryptanalysis a real threat).
Personally I am a little more worried about NAI's involvement than the NSA's .
Re:There goes the neighborhood (Score:2)
Note to obtuse mods: J/K ;)
--
NSA must like PGP (Score:2)
Its interesting to me then that the NSA has chosen to partner with NAI on this, it seems to give some very strong support to the belief that public domain cryptography is at least as good as NSA level stuff.
Of course it could all be a massive ruse to put us poor saps off guard - but honestly I'm not willing to go that paranoid today. any takers?
Re:enemy of the state (Score:2)
Re:clever folks (Score:2)
enemy of the state (Score:2)
Its a nice idea, but ask yourself this question... The NSA could have done this a long time ago, why now? With the rising amount of cybercrime, one would think that, _THAT_ would be their motives however, if that were the case they would be strong opponents of crypto for the masses, so why one and not the other?
So again jumping into the paranoia stage, could it be because the typical script kiddiot is using various forms, of Linux, this could be a method to monitor them? If so how do corporations who use this (SELin) fall into the muck of it all, what about employees of the NSA, and NAI, if they were capturing data, that could affect stock markets, integrity of people, confidence. Total PR nightmare...
Anyways it is nice to see a secure (for now) OS on the market, but as for me... I'd take Open over SELinux anytime.
click this link... get fired [antioffline.com]
P.S. almost forgot about PGP (Score:2)
Outguess [outguess.org]
Not a threat?!? (Score:2)
Vaudenay, S. 1995. An Experiment on DES Statistical Cryptanalysis.
Linear cryptanalysis and differential cryptanalysis are the most important methods of attack against block ciphers. Their efficiency have been demonstrated against several ciphers, including the Data Encryption Standard. We prove that both of them can be considered, improved and joined in a more general statistical framework. We also show that the very same results as those obtained in the case of DES can be found without any linear analysis and we slightly improve them into an attack with theoretical complexity
Re:Backdoors? (Score:2)
Leaving a backdoor in would be pretty stupid, because the impact (to the nation and the NSA itself) if it was found and exploited would be enormous. You may think of the NSA as a bunch of goons, but they do have a sense of self-preservation; they'd have to be suicidal to do what you're proposing.
--
NSA hysterics (Score:5)
You know what the saddest thing is about this?
Somebody busted his hump to get his boss at NSA to let him work on Linux. Said person then busted his hump even further to get his boss to actually allow the release of the source code. What, you think it was easy to get the NSA to release the source code?
I can only imagine how many levels of authorization this poor guy had to go through to get permission to release the source code. Can you even begin to imagine the hell he went through for our benefit?
And as his reward, this poor soul now gets a bunch of idiots screaming about the NSA trying to break Linux's security. If he ever gets invited to speak at a conference, he'll probably be booed off the stage for his efforts.
Doesn't anybody think before going into hysterics?
For the paranoid (Score:2)
The NSA has to worry about the GAO breathing down their necks and the CIA, DIA, and FBI competing with them in some things. Microsoft is a monopoly. Who's going to be the one to worry more about the end-user?
Re:There goes the neighborhood (Score:5)
Re:Not the start of involvement.... (Score:2)
Actually, the Linux GPL requires them to make the modifications available under GPL. They are not symbolically embracing "Free Software / Linux philosophy"; they are simply complying with the licensing agreement.
On the other hand, this in and of itself seems amazing.