February 23, 2019

.comment: A Golden Opportunity - page 2

Where Do You Want Your Data to GoToday?

  • January 3, 2001
  • By Dennis E. Powell

One imagines that the Open BSD people would be making big noise about now. Their system is, as shipped, more secure than Linux is, never mind Windows. It has what is arguably a better license (unless you happen to live in an ivory tower in Cambridge and are easily mistaken for the murderous loon Mucko; if you are, there is no possible improvement on the GPL). Open BSD is in some respects the obvious choice.

But Linux is where it's at. NASA is doing serious Linux development. The big guys--okay, IBM--are doing Linux work. The codebase has been examined by tens of thousands of eyes, many of whom can correctly identify what they're seeing. So it was Linux that the National Security Agency, unamused by the Love Bug, began to work with.

The stories about the NSA would be legendary but for the fact that legends tend not to be true, and much of what is said about the NSA is absolutely true. In its suburban Maryland headquarters, a half hour or so from the Goddard Space Flight Center, NSA exists in a complex that has a mushroom farm of satellite dishes on its roof, broadcast receivers we can only imagine inside, and telecommunications equipment that officially hasn't even been invented yet monitored by people who are good at it. It's a very secretive place. For a period of time, it did not exist, if you asked. This is not a slouch outfit.

The NSA has some computer people, as you might well have imagined. Were they to put their minds to it--and who am I to say that they have not?--they could come up with something that would make Carnivore look as primitive by comparison as the work of the undetected pros do the script-kiddie cracks.

These guys are good. Very, very good.

And they've undertaken something called "Secure Linux." It is technically elegant, which is no surprise. It provides process-level security, which is both sensible and sufficiently complex that if it were available for use today, it would be a long time before many of us would figure it out well enough to make use of it. But when implemented, it may well be damn near bulletproof.

This is nice. It is remarkable. But the astounding part is that the NSA is bringing it to the community. The code that is being developed is being offered to the Linux kernel developers, and in turn the developers are very likely to contribute to the project with the idea that it could well become part of mainstream Linux. Not now, but there might well be some aspects of it in the 2.6 series of kernels, with perhaps more to come.

Why? Why would one of the most secret agencies of the U.S. government suddenly offer code to the extremely public and thoroughly international Linux community, and suggest a willingness to accept code from that community?

There are two reasons. The first is that there are some geniuses in the kernel crowd. But the second is more important, and strategic, and made clear in the CSIS report: our computer infrastructure, based on Microsoft software, is a security joke. If drugged-up juvenile delinquents can screw up big corporations, competent people who wish to do real harm could have, and probably are having, a fine old time for themselves. If defending the national security is the goal of the NSA, there's much to be said for a rock-solid and freely available operating system. It's the smart thing to do.

When the announcement of the NSA project was posted on the kernel mailing list, the initial responses were predictably skeptical. Look out for backdoors, said some. Well, yes, of course--you mean you hadn't been doing that already? It was a quick, cheap, shot, and I suppose that those who posted it knew as much. It's not as if the NSA is going to send binaries to Linus and ask that they be placed in some weird way into the otherwise source-only Linux distribution. If there were back doors, they would be visible in the source, available to one and all. They wouldn't go undetected for long enough to make it into a development kernel. The NSA folks know this, and this isn't what they're up to, anyway. They want to secure the nation's--no, really, the world's--computer infrastructure with a system that anyone can afford and anybody who is very good can button up.

Most Popular LinuxPlanet Stories