Support NeoGAF

[Vanillalite]

In unsurprising news the NSA supposedly asked for a backdoor into Linux.

OMGUbuntu

Far from being a rumour, word of the approach comes via Linus’ father, Nils Torvalds.

As a Member of the European Parliament (MEP), Nils was present at recent committee inquiry held on the “Mass Surveillance of EU Citizens”. Here, representatives from a number of companies named in documents leaked by NSA whistleblower Edward Snowden were questioned about their own (alleged) involvement.

Following a question put to a Microsoft spokeswoman by Pirate Party MEP Christian Engström on whether the company willingly include “backdoors” for the NSA in their system, Nils Torvalds MEP said:

When my oldest son [Linus Torvalds] was asked the same question: “Has he been approached by the NSA about backdoors?” he said “No”, but at the same time he nodded. Then he was sort of in the legal free. He had given the right answer …everybody understood that the NSA had approached him.

 

[Acorn]

Linus Torvalds is the linux guy for those that don't recognise the name immediately, he also hates Nvidia this may or may not be related.

 

[iamblades]

Say what you will about the ethics of the NSA's widespread spying, I want a tax refund if this is indicative of the kind of super geniuses we have working at the NSA.

Put a backdoor in the linux kernel? That is open source? And every line of code is poured over by thousands of borderline paranoid software engineers? Including super geniuses like RMS?

Good luck with that.

 

[maniac-kun]

What kind of power would they have over him? As far as i know he lives in Finland... And Linux is Open Source. So everyone could close that backdoor.

 

[ЯAW]

What kind of power would they have over him? As far as i know he lives in Finland... And Linux is Open Source. So everyone could close that backdoor.

Nah, he lives in Portland (Oregon). Still, I doubt they have any power over him and as you said, backdoors in Linux would be pointless. It will be found out sooner or later.

 

[dave is ok]

What kind of power would they have over him? As far as i know he lives in Finland... And Linux is Open Source. So everyone could close that backdoor.

Just because it's open source doesn't mean he couldn't theoretically hide a backdoor somewhere. Ken Thompson hid a backdoor in Unix for years and people only know about it now because he outright told them about it

 

[whatsinaname]

Didn't Linus say that he was just pulling his dad's leg?

http://mashable.com/2013/09/19/linus-torvalds-backdoor-linux/

Edit: Whoops, that was in OP's article as well.

 

[Diablos]

Uhh Linux is open-source. They don't need to ask him for the backdoor, they can figure it out themselves.

 

[iamblades]

Just because it's open source doesn't mean he couldn't theoretically hide a backdoor somewhere. Ken Thompson hid a backdoor in Unix for years and people only know about it now because he outright told them about it

The Thompson hack was never actually released into the wild, and it wasn't a backdoor in the source code, it was a virus injected into the C compiler that modified the login functions when they were compiled to add the backdoor.

Also Unix was never really open in the same way that linux is open today. Very few people even had access to machines that could run Unix. If he had released it, it likely would have been discovered eventually, but if a similar thing happened with linux, someone would probably discover it overnight.

 

[iamblades]

DP

 

[Deleted member 13876]

I can neither not confirm or not deny this

 

[Acorn]

I can neither not confirm or not deny this

So you can't confirm it or confirm it?

 

[Deleted member 13876]

So you can't confirm it or confirm it?

I DON'T KNOW

 

[that1dude24]

Uhh Linux is open-source. They don't need to ask him for the backdoor, they can figure it out themselves.

edit: i totally misread your comment, sorry.

What kind of power would they have over him? As far as i know he lives in Finland... And Linux is Open Source. So everyone could close that backdoor.

open-source !⇒ understandable

 

[Bony Manifesto]

The Thompson hack was never actually released into the wild, and it wasn't a backdoor in the source code, it was a virus injected into the C compiler that modified the login functions when they were compiled to add the backdoor.

Huh, I always thought Ken Thompson's hack was just a thought experiment about how exactly this sort of low-level backdoor would be all but impossible to detect as the only way you can't be fooled by it is if you're examining the machine code itself.

 

[iamblades]

Huh, I always thought Ken Thompson's hack was just a thought experiment about how exactly this sort of low-level backdoor would be all but impossible to detect as the only way you can't be fooled by it is if you're examining the machine code itself.

It was more about not trusting seemingly 'trusted' things like the compiler. It only becomes almost impossible to detect if all you have access to is that operating system and that compiler, because that compiler can alter any code you run on that system to hide itself.

His hack only really works in a security monoculture. On a OS like Linux where you can just use a different compiler or a different version of bin/login(without having to code it from scratch yourself) it doesn't really work, as the infected compiler can't possibly know how to alter every possible variant of a login system to inject the backdoor, much less accounting for every variant of compiler and debugger to hide itself.

But the main point is that his hack wasn't a source code hack, it was machine code, and that GCC would be a more likely target for a backdoor than the Linux kernel. As mentioned though, such a hack would be less effective because linux is not nearly as much of a monoculture as early Unix was.

 

[Bomber Bob]

They don't need to ask him for the backdoor, they can figure it out themselves.

they need someone with decision power (like Linus) to accept the new code tho