Hacker News new | past | comments | ask | show | jobs | submit login
NSA Wanted Backdoor Access in Linux, Says Linus Torvalds’ Father (omgubuntu.co.uk)
129 points by coliveira on Jan 6, 2021 | hide | past | favorite | 31 comments



Anyone who doesn't think that NSA has backdoor access in Linux is a naïve optimist.

All that the NSA needs is a security hole. They can generate them by submitting reasonable code whose misbehavior is hard to spot, like http://www.underhanded-c.org/, or by searching for holes that already exist in the wild. And if you wind up putting a proprietary driver into your computer and they got a hole in the driver, you do even better.

Given the NSA's resources and the rate at which groups like Project Zero find bugs, they certainly have multiple ways in to any system that they want.


> reasonable code whose misbehavior is hard to spot,

Have you submitted code to Linux? It's routine that people are told to rewrite something in a more clear way.

I'm not saying that it's impossible, far from it, but it's not like you could just submit something and have it accepted. You'd have to put a lot of work over a long time and be very careful, preferably with one of the more obscure drivers. Then again, enormous patience and budgets are what the three letter agencies are best at.


I don't think people think that NSA doesn't have backdoor access in Linux.

But I think there's a huge difference between the maintainers purposefully implemented a backdoor for the NSA, and the NSA found exploits to gain backdoor.

Given that, what I'm more interested in is why Linus would say no when asked.


He lives in the US currently, right?

That being the case, I can think of a number of reasons to say no.


> reasonable code whose misbehavior is hard to spot

Like this one! https://freedom-to-tinker.com/2013/10/09/the-linux-backdoor-...


I wonder if the same is true for OpenBSD systems, given their greater focus on security.


I came across some slides once which compared bugs in Linux & BSDs. Overall it found that bugs per lines of code was relatively consistent across projects, but OpenBSD came out ahead since they tend to have less lines of code

But it definitely wasn't zero


It was alleged that the FBI paid someone to put that kind of backdoor masquerading as a bug into OpenBSD, but no evidence was ever found. OpenBSD being discussed as a possible target by an ex-FBI consultant is enough for me to assume they have something.


This just made me wonder about the engineering culture at the FBI. Do they have standups and roadmaps? What's their relationship with the rest of the FBI? Do they search stackoverflow like the rest of us? Are they in on all the latest programmer memes? Maybe it's just the secrecy but there's something fascinating about all of this.


It is a great OS, they do focus on security. On the other hand they use old compilers for license reasons and threading is not yet on the same level as in FreeBSD or NetBSD.

The kernel itself should hopefully be unaffected by these issues though.


They do update compilers now. Except for some architectures.

    $ cc -v
    OpenBSD clang version 10.0.1 
    Target: amd64-unknown-openbsd6.8
    Thread model: posix
    InstalledDir: /usr/bin
Threading is plenty fast, and the kernel has, like everything, bugs.


Do you also think that Qubes OS (https://qubes-os.org) has an NSA backdoor, too?


I've never heard of Qubes doing significant in-distro kernel hardening, so if they think Linux does Qubes would too.


This is not so simple. Qubes implements security through isolation. Dom0 has not Internet access, so you can only have a backdoor in VMs. Some VMs also have no Internet access, so they're safe. Others are reset every reboot. In addition, all VMs can rely on different Linux distributions (Arch, Debian, Fedora etc.). I think Qubes provides a good defense against such attacks.

Upd:

> I've never heard of Qubes doing significant in-distro kernel hardening

https://github.com/QubesOS/qubes-issues/issues/4233

https://github.com/QubesOS/qubes-issues/issues/2748

https://github.com/QubesOS/qubes-issues/issues/2045


Better defense of course, but reminds me this [0] quote.

[0] https://news.ycombinator.com/item?id=7585031


Qubes OS v4+ does not use typical software virtualization methods. VT-d hardware virtualization it uses was broken only once, and it was done by the Qubes founder: https://en.wikipedia.org/wiki/Blue_Pill_(software)


Why do they need to submit code?

Why not just do the same as for Windows and MacOS back doors they’ve uncovered? https://en.m.wikipedia.org/wiki/Zero-day_(computing)#Vulnera...


Like the Apple double semicolon bug?

Stealthy. That was like using a secret door knock to get root.


> If any holes were left around for the NSA’s overly-long tentacles to creep into, you can bet your bottom dollar that they’d have been found, exposed and rooted out long before now.

Like how heartbleed was discovered so quickly by all those eyes looking for holes? /s


Not quite the same thing.. for one, the Kernel's development is significantly higher-profile.


Strange, because I heard from Linus' cousin's neighbor's hairdresser than it was APT23 that wanted backdoor access into Linux, while someone who once shared a cab with Lennart Poettering told me the Freemasons were demanding the placement of a buffer overflow in Pulse Audio that could be triggered by the right combination of harmonics in the mp3 decoder. I am not sure which rumor I find more credible, there are just so many to choose from...


Everyone knows the Pulseaudio backdoor to gain root access can be activated by playing "Party in the CIA" by Werid Al, yelling George Washington's name 6 times and then typing in a valid .gov email.


The very fact that a random HN commenter can allege that such a backdoor exists is enough for me to believe that it probably exists, but of course you can't be sure.


Very unfeasible. Poettering would deny there were any bugs!


https://www.theregister.com/2000/03/10/us_preacher_finds_dem...

>"While the Computer Age has ushered in many advances, it has also opened yet another door through which Lucifer and his minions can enter and corrupt men's souls," the paper quotes the Reverend Jim Peasboro, author of an upcoming book, The Devil in the Machine, as saying. Demons are able to possess anything with a brain, from a chicken to a human being. And today's thinking machines have enough space on their hard drives to accommodate Satan or his pals, the paper reports. Disk capacity is an issue, however. Only a PC built after 1985 has the storage capacity to house an evil spirit, the minister explained." <g>

Here's the associated Weekly World News article, which in my opinion is way better (The Weekly World News was fake news, that's true and all -- but unlike today's media -- at least it was honest about being fake news! <g>):

https://books.google.com/books?id=CPADAAAAMBAJ&pg=PA47&lpg=P...

I believe that there was some quote to the effect that "Any machine with more than 256K -- could host evil and/or demonic spirits" <g>, but I can't find this quote on the web anymore...

Still, I swear it was there, a long time ago! <g>

Must be the ol' Orwellian "memory hole"... <g>


NSA also forked their own version of Linux, SELinux [0]. And were gracious enough to include it in most distros. And while it was extremely audited, at the time, because of the reputation of the maintainer it never quite sat right with me.

[0] https://en.wikipedia.org/wiki/Security-Enhanced_Linux


That wasn't a fork, it was a research project, and the resulting patches were integrated into mainline linux back in 2.6

It was run by the University of Utah and the NSA but eventually involving several contractors to implement the FLASK architecture as prototyped in the Fluke research OS as patches against Linux. Met and worked with some people who handled the user-space tools and patches, interesting stuff.

The goal was to enhance Linux beyond discretionary access control (DAC) to mandatory access control (MAC) which would put Linux a step above WinNT and in the same boat as Trusted Solaris, so you could properly implement a Bell–LaPadula security model (write up, no write down)

They succeeded and so now you have stuff like General Dynamic's PitBull cross domain solution which builds on and extends it. That was really what NSA wanted out of it in the end, since they have the responsibility to provide and approve such systems, which are very in demand in DoD and govt.

AppArmor uses the same framework in the kernel that SELinux uses, but the policy implementation is different. The competing needs of AppArmor, LIDS, and SELinux are what prompted LSM to be created in the first place.

But that research also has applicability in the space of trust segmentation, providing similar capabilities to containers and sandboxes but before they popularly existed. SELinux still performs this policy enforcement function for many distros' container security implementations, in addition to seccomp.


Do you feel the same way about AES?

It is also in the interest of the government to keep their own computers secure.


Yes, I do. I feel secure in using AES and still remain skeptical of its creator. The NSA does good things and a whole lot of bad things simultaneously.


Rather than a coding bug I think the major risk of SELinux is a higher complexity I.e. its so absolutely horrible to work with that it’s easy to fuck it up and leave a hole in something.


Needs a (2013).




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: