Maybe all this goodwill from them is because they want to diminish the hemorrhage of industrial espionage, like in the case of Lockheed's F-35 files that the Chinese got their hands on.
Announcement
Collapse
No announcement yet.
The NSA Is Looking To Contribute To A New x86 Security Feature To Coreboot
Collapse
X
-
Originally posted by DoMiNeLa10 View PostIs anyone besides me paranoid that NSA is getting lazy and they will slip in "unintentional" bugs into the project?
Allowing a general vulnerability would render their own systems unsafe. Obviously an audit is always preferable. The NSA is also responsible for SELinux, which no one has found any malicious "bugs" so far.
Finally, the NSA would completely lose face if such a thing was found. If they really were interested in putting "bugs" in a project, they would do so through a false identity, they wouldn't sign their name on it. Information warfare experts aren't that sloppy.
- Likes 8
Comment
-
Originally posted by AndyChow View Post
Given that companies like Google use coreboot, not so much. The NSA has a lot of very good experts in security, it makes sense that they contribute to a project like this.
Allowing a general vulnerability would render their own systems unsafe. Obviously an audit is always preferable. The NSA is also responsible for SELinux, which no one has found any malicious "bugs" so far.
Finally, the NSA would completely lose face if such a thing was found. If they really were interested in putting "bugs" in a project, they would do so through a false identity, they wouldn't sign their name on it. Information warfare experts aren't that sloppy.
The NSA does not work to improve the security of computer software. Their job is to collect, analyze and exploit.
Reject all their code you'll be much better off.Last edited by k1e0x; 19 June 2019, 08:05 PM.
- Likes 6
Comment
-
Originally posted by DoMiNeLa10 View PostIs anyone besides me paranoid that NSA is getting lazy and they will slip in "unintentional" bugs into the project?
An Open Bios without back-doors...I think they will ensure the same access they have in proprietary ones..
This for me, brakes the confidence we had in CoreBoot, and derails the Project Objective completely..
- Likes 2
Comment
-
Originally posted by torsionbar28 View PostMakes me lol when people assume malice from an agency that knows security better than anyone, while happily logged into google, facebook, amazon, etc. Lets be real about who the information thieves really are.
NSA wants unfettered access to all data, in particular the data you did not sign the rights away for through EULAs.
The dual mandate of the NSA makes them an organization schizophrenic in nature that cannot blindly be trusted for security advice.Last edited by FrankL; 19 June 2019, 11:14 PM.
- Likes 6
Comment
-
They should be forbidden to add any code, it doesn't matter that it's open source, they could still hide backdoors in plain sight that could be discovered only after years and at that time they will say it was just a bug and unintentional.
- Likes 3
Comment
Comment