
The NSA has tried to backdoor Linux three times (2016) - MrXOR
https://www.reddit.com/r/linux/comments/54in5s/the_nsa_has_tried_to_backdoor_linux_three_times/
======
AdmiralAsshat
So we have one _actual_ backdoor attempt, one OpenSSL bug that may have been a
backdoor attempt but was more likely an honest bug, one tongue-in-cheek
attempt mentioned by Linus, and that same attempt repeated seriously by his
father.

Assuming Linus was being serious and not facetious, I would say that's one
attempt. And if the NSA really wanted Linus to backdoor his kernel, I imagine
they would have approached him in-person and asked (as they have been known to
do), so I'm not convinced that the two other attempts were them either.

------
Analemma_
This is a bad headline. We have no idea who was behind the 2003 incident, and
the linked article even admits that the 2013 Debian SSL vulnerability was
probably an honest mistake. Saying that both of these were definitely the work
of the NSA is an accusation not supported by any evidence.

~~~
mtgx
If I were a Project Lead at NSA's backdoor division, I'd also make it look
like when the backdoor is discovered (vulnerabilities are always discovered,
even if it happens 2 decades later) it will look like a "honest mistake" or
even a "dumb mistake" that a developer made. Definitely wouldn't call backdoor
variables something like "rear_entry", "remote_auth", etc.

I don't assume all NSA spies are smart enough to think like that and sometimes
NSA code may be a dead-giveaway, but I do assume that at least some of them
are, for the more important/bigger backdoor projects.

You can also look at NSA's history with IPSec, or the more recent Simon &
Speck situation, where they pushed forward their own design that at first
glance might seem fine, but if you tried to push them on the details, they
would stonewall you.

~~~
yodon
The NSA also didn't want to explain their reasoning for shortening the DES key
size to 56 bits. It took many years for the public crypto community to
discover the technique called differential cryptography, at which point it
became clear that the actual theoretical maximum strength of the DES crypto
system was 56 bits and the originally proposed longer key sizes didn't
actually offer any true strength over 56 bit key variants. It remains
important to be distrustful of all things in cryptography, but it also remains
important that the one time the NSA had a huge and apparently negative impact
on the strength of a crypto system, they were actually not weakening the
system at all they were instead providing the public community with a
significantly more accurate measure of the actual strength of the then
proposed method (and given the accuracy with which differential cryptography
computed 56 bits, I remain surprised they were able to provide that
information, as the recommendation clearly communicated to a skilled adversary
that they had developed and were leveraging this significant unpublished
technique at that time).

~~~
dogma1138
Differential cryptanalysis was discovered initially by IBM while working on
DES.

The NSA made design alterations to DES to make it more resistant to DCA.
However they didn’t publish those design decisions because they would reveal
the existence of the technique, which at the time was applicable to many other
ciphers including nearly all Soviet ciphers.

The NSA didn’t backdoor DES the key shortening and the addition of parity bits
was an attempt to make it more resilient to DCA while making it only slightly
more susceptible to brute force attacks.

It’s also important to note that DES was a 1970’s cipher which survived long
enough to be relevant, even a 1080ti would take 2 or more days to crack a
single DES key and its considerably more powerful than likely all the super
computers in the world combined in say 1983.

The NSA isn’t your friend for sure but they know exactly what they are doing.

------
NikolaeVarius
Good ol' Reddit, making a statement implying its factual, with linked sources
saying anything but.

------
MrXOR
What about SELinux?

~~~
sofaofthedamned
Don't think it matters, though I was wondering the same. SEL is kernel,
nothing to do with userland.

------
mtgx
That we know of.

