An article on the front of the latest Linux Format caught my attention, it announced “Beat the NSA” I presume the article is going to offer various options such as using openvpn and encrypting your drives and emails etc, etc. An article which they wrote a few years back but was titled “Beat the hackers” so I’m not expecting much of an update with regards to material.
The thing that I can’t help get out of my mind with regards to the NSA and Linux is that it was the NSA who developed SELinux.
Yes, SELinux, that mechanism that helps to protect your Linux box even after intrusion by way of policies identifying what a process can and can’t do and what a file in what location should and should not be able to do.
That is, assuming that the sysadmin hasn’t already set enforcing to disabled (not usually a recommended approach).
So, when the NSA developed this, were they being nice to the Linux community, were they the good guys then (I’ll have to admit I viewed them in an entirely different light back then) or have they written back doors into many popular Linux distributions right before our eyes? I hope someone has reviewed the code recently.