Re: Wiretapping Linux?

From: Valdis . Kletnieks
Date: Tue May 16 2006 - 21:27:05 EST

Next message: Andi Kleen: "Re: [RFC] [Patch 7/8] statistics infrastructure - exploitation prerequisite"
Previous message: Peter Chubb: "Re: [RFC] [Patch 7/8] statistics infrastructure - exploitation prerequisite"
In reply to: Willy Tarreau: "Re: Wiretapping Linux?"
Next in thread: Joerg Pommnitz: "Re: Wiretapping Linux?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, 16 May 2006 06:24:38 PDT, Marc Perkel said:
> So what about Linux? With thousands of people working on the Kernel if
> someone from the NSA wanted to slip a back door into the Kernel, could
> the do that?

Actually, if the NSA wanted to slip in a back door, they'd have done so
in the SELinux code. :)

As others have mentioned, the kernel code isn't the best place to try
to put a back door in, precisely because of the depth of scrutiny. A
much more likely avenue is to backdoor some popular userspace code (as
did happen to Sendmail and OpenSSH within a few weeks of each other a
few years ago).

And then there's the Underhanded C Code contest:

http://www.brainhz.com/underhanded/

:)

Attachment: pgp00000.pgp
Description: PGP signature

Next message: Andi Kleen: "Re: [RFC] [Patch 7/8] statistics infrastructure - exploitation prerequisite"
Previous message: Peter Chubb: "Re: [RFC] [Patch 7/8] statistics infrastructure - exploitation prerequisite"
In reply to: Willy Tarreau: "Re: Wiretapping Linux?"
Next in thread: Joerg Pommnitz: "Re: Wiretapping Linux?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]