IP: NSA Connection to SE Linux

[David Farber <dave () farber net>]

> Date: Sat, 10 Mar 2001 08:12:57 -0600
> Subject: Of Interest to IP? NSA Connection to Linux
> From: John Lyon <jelyon () jelyon com>
> To: <farber () cis upenn edu>
>
> Prof. Farber;
>
> Got this from another list - might be of interest to the IP list:
>
> > Interesting NSA connection to Linux:
> >
> > http://www-106.ibm.com/developerworks/library/s-selinux/?n-s-381
>
> __________________________
> John Lyon


Dropping the bomb

It came from out of the blue, without fanfare. The "new" National Security 
Agency threw out a security-enhanced version of the Linux 2.2 kernel 
(called SE Linux ) into the open source community. Not only that, they gave 
out background briefing papers on the research methodology that they used 
to model whether or not SE Linux was truly secure.

If you haven't been following the cryptography area lately, let me assure 
you that this action by the NSA was the crypto equivalent of the Pope 
coming down off the balcony in Rome, working the crowd with a few loaves of 
bread and some fishes, and then inviting everyone to come over to his place 
to watch the soccer game and have a few beers. There are some things that 
one just never expects to see, and the NSA handing out source code along 
with details of the security mechanism behind it was right up there on that 
list. Up to this point, the NSA has embodied in itself the classic Cold War 
paranoia imperative of the past 50 years ("If you knew what we knew, you'd 
agree with us"). To see it spewing source like some long-haired Stanford 
student was enough to make for uncontrollable twitching.


<snip>



For archives see: http://www.interesting-people.org/