Announcement

Collapse
No announcement yet.

Coreboot Project Is Leveraging NSA Software To Help With Firmware Reverse Engineering

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • #11
    What the heck is Michael talking about: "It's not often the National Security Agency (NSA) can be thanked for their contributions to society"

    Hello, I use NSA-funded and developed, publicly-contributed software and services every single day of my life, and SO DO YOU.

    Everyone who uses Phoronix is making use of software written by the NSA, because the majority of servers are running Linux and in the NOC they almost universally have SELINUX enabled.

    Everyone who uses Tor is using relays and exit nodes paid for by the NSA. Why? Their reasons for funding Tor are pretty straightforward. #1 if they control a significant portion of Tor nodes then they can correlate global packet movement to de-anonymize anyone they choose to, and #2 by owning it they prevent foreign nations from having the same power, which gives them an upper hand in espionage and in preserving the safety of US-security-policy-friendly journalists worldwide who are whistle-blowing on foreign and domestic targets.

    Is it scary that NSA controls Tor? If you want to rock US applecart... probably.

    Last edited by linuxgeex; 06-05-2019, 01:44 PM.

    Comment


    • #12
      Originally posted by linuxgeex View Post
      What the heck is Michael talking about: "It's not often the National Security Agency (NSA) can be thanked for their contributions to society"

      Hello, I use NSA-funded and developed, publicly-contributed software and services every single day of my life, and SO DO YOU.

      Everyone who uses Phoronix is making use of software written by the NSA, because the majority of servers are running Linux and in the NOC they almost universally have SELINUX enabled.

      Everyone who uses Tor is using relays and exit nodes paid for by the NSA. Why? Their reasons for funding Tor are pretty straightforward. #1 if they control a significant portion of Tor nodes then they can correlate global packet movement to de-anonymize anyone they choose to, and #2 by owning it they prevent foreign nations from having the same power, which gives them an upper hand in espionage and in preserving the safety of US-security-policy-friendly journalists worldwide who are whistle-blowing on foreign and domestic targets.

      Is it scary that NSA controls Tor? If you want to rock US applecart... probably.
      YOU forgot that SELINUX is NOT THE only TOOL for Linux HARDENING. There also is TOMOYO, APPARMOR and some more.

      Is the latter true? Can we begin calling NSA "ISA"?! (International Security Agency)

      Comment


      • #13
        Originally posted by tildearrow View Post

        YOU forgot that SELINUX is NOT THE only TOOL for Linux HARDENING. There also is TOMOYO, APPARMOR and some more.

        Is the latter true? Can we begin calling NSA "ISA"?! (International Security Agency)
        I didn't forget. The fact that there's alternate implementations doesn't change the fact that the NSA with Red Hat developed SELinux in 2000 before there was MAC in the Kernel, and contributed it in 2001, and it was mainlined in 2003. In 2006 NSA and Immunix developed LSM. Smack was mainlined in 2008, Tomoyo in 2009, and AppArmour was mainlined in 2010 after Canonical took it over.

        ISA? NSA has international scope of operations. Personally I don't feel they have international jurisdiction, and their name (National...) makes that plain. I'm sure a lot of Americans feel they rule the world and therefore even FBI has international jurisdiction in their eyes. Extradition treaties != jurisdiction... but economy of effort will prevent me getting into that discussion, lol.

        My argument remains that disagreement with the politics of a contributor doesn't make their contributions any less valuable. I feel that Michael made a cheap shot at a group of people who invested real engineering skill, and probably worked off the clock for all our benefit. That disrespect to OSS contributors doesn't benefit us, or Michael, in any way.
        Last edited by linuxgeex; 08-04-2019, 11:22 AM.

        Comment


        • #14
          Yawn... NSA is the ev1l


          Not really: they have multiple roles, improving US and allies’ computer security, monitoring sophisticated crime networks, etc.

          Do they have a metric tonne of zero days ready to go? Yes: that’s what they are paid for.

          Do they deliberately put backdoors into things? Not using a @nsa.gov email address.

          is their data collection capability as good as Google and Facebook? Probably not any more

          Comment

          Working...
          X