NSA offers supersecure Linux

Infoworld ^ | October 4, 2001 | Deni Conner

[yhwhsman]

THE NATIONAL SECURITY Agency, the government's security arm, along with help from Network Associates, last week announced it has made a security-enhanced version of Linux available for download.

The NSA said it realizes that operating system security is necessary and that mainstream operating systems often lack critical security features that could enforce the confidentiality and integrity of network communications. Dubbed Security-Enhanced (SE) Linux, the NSA's version allows programs to have only the slimmest security permissions to run.

SE Linux has a strong, yet flexible, access control architecture incorporated into the kernel to foil tampering and bypassing of security mechanisms. The NSA chose Linux as a platform for this work because of its open environment. SE Linux does not correct any flaws in Linux, but rather serves as an example of how mandatory access controls, including superuser access, can be added to Linux.

With SE Linux, it is possible to configure a system that meets a number of security objectives such as roles-based access.

At present, SE Linux only supports the Intel x86 platform and has only been tested on Red Hat Linux.

The release includes documentation and source code. Users can download it from www.nsa.gov/selinux/index.html

[yhwhsman]

So, the National Security Agency wanted a secure operating system, and they chose to go with Linux. Could it possibly be because another popular OS issued 70 patches last year, and have already put out 30 so far this year (story is at The Register)?

Thought this would be food for thought. Personally, I'm using Win98 (but soon, very soon, I will have my Linux box up and running).

Yhwhsman

[Taxbilly]

National Security Agency

How much you want to bet they will have a backdoor into your machine if you install it?

[MonroeDNA]

Too cool!!!

[Dog]

Agree.

[Servant of the Nine]

Someone is gonna have to look very close. You can be sure their back door is well hidden.
You can also be sure it's in there.

So9

[KayEyeDoubleDee]

Don't get rid of your Windows box. Trust me, having two OS's around is better than a single one. There are plenty of things that you are used to doing on one, which you won't be able to do on the other. Trust me. It goes both ways.

What Linux distro are you going with? I use Mandrake 9.1 only because it supports XFree86 v4.3.0 (and my relatively new video card), but it crashes almost every day. I plan on going back to SuSE asap.

[Eala]

Neat!

[lysie]

Ping!

[Orangedog]

Backdoor?! Hell, you might as well move the agency director in with you.

They have to be counting on all of us being really, really stupid to go with this.

[taxcontrol]

Should I have a need for SELinux, I would not be worried. In fact, I'll bet that there is not a back door.

Reason -
1) There will be THOUSANDS of people looking through these patches

2) I would build the kernal myself from a different distribution.

3) I would personnaly review the patches by looking at the source code and compliling the source

[cryptical]

2) I would build the kernal myself from a different distribution.

From the article:

SE Linux has a strong, yet flexible, access control architecture incorporated into the kernel

[taxcontrol]

[sigh]

From the actual down load page (http://www.nsa.gov/selinux/download3.html)


"Option 3 Individual patches and archives"

[BushCountry]

This is funny. "Hi, I am from the NSA and I am your friend."

However, if the backdoor is found thanks to the open sourceness of Linux this might be a very good thing.

[cryptical]

It'd be interesting if this is an implementation of Type Enforcement in the Linux kernel. I find the following sentence most interesting:

SE Linux does not correct any flaws in Linux, but rather serves as an example of how mandatory access controls, including superuser access, can be added to Linux.

[BushCountry]

So, all they are doing is implementing correctly the built-in security features that is inherit in the Linux kernal?

[Luke Skyfreeper]

I would tend to agree with you. No matter how well a back door might be hidden, if they're releasing the source code, someone's gonna find and publicize it.

Bad PR.

So if there's no back door, then why are they doing this?

The explanation has to be: United States security is enhanced by enhancing the security of individual companies, because American companies are generally the most technologically advanced companies in the world. We have the most secrets to protect.

[cryptical]

Nope, it implies that there are flaws in Linux, but it doesn't correct them, and that it's an example implementation. Type Enforcement (which this apparently is, according to the nsa.gov website) goes way beyond anything that is inherent in the kernel.

[MarkL]

Someone is gonna have to look very close. You can be sure their back door is well hidden.

You can also be sure it's in there.

The best way to hide a back door is to not put it into the OS source code, but in the complier that has to be used to compile the OS! That's exactly what a certain "super programmer" did with the original releases of Unix! Every organization that had a copy of the source code of unix removed the backdoor, but they didn't look too closely at the compiler... If the backdoor was missing, the code was reinserted before the modules were compiled!

Mark

[Eala]

Don't get rid of your Windows box. Trust me, having two OS's around is better than a single one. There are plenty of things that you are used to doing on one, which you won't be able to do on the other. Trust me. It goes both ways.

I concur. My keyboard, monitor & mouse are on a switch connected to a Win98 box and my Linux system. (RH7.3, because I got burned by RH*.0 releases, but... that's all they seem to release now. Is 9.0 okay?)

[KayEyeDoubleDee]

Is 9.0 okay

Redhat 9.0? Couldn't tell you. I'm thinking about going to SuS 9.2E, b/c my Mandrake 9.1 is really flaky.