(cache)Why would one use NSA's SELinux?

exerceo · 06-02-2025, 06:56 AM

Why would anyone trust anything made by the surveillance overlords themselves?

pan64 · 06-02-2025, 06:59 AM

Why not ?

dugan · 06-02-2025, 08:21 AM

Because it's open source and you can check it.

exerceo · 06-02-2025, 09:37 AM

Quote:

Originally Posted by pan64

Why not ?

Quote:

Originally Posted by dugan

Because it's open source and you can check it.

Possible backdoors that are hard to discover, similar to that xz thing in early 2024. The purpose of the NSA is to surveil, so it is hard to believe that they create something like this simply from the goodness of their hearts.

Similarly, Google is an advertising business, so they introduced Manifest v3 to Chrome to attack domain blocking. They didn't just create Chrome from the goodness of their hearts, they created it to gain control over web standards. Google has created a bloat monopoly for itself, making it difficult for any third-parties to compete with Google. It might be open-source, but they control the code.

boughtonp · 06-02-2025, 10:12 AM

Quote:

Originally Posted by exerceo

Possible backdoors that are hard to discover, similar to that xz thing in early 2024.

Do you mean the XZ Utils backdoor that was added in February and detected in March ...?

Smart people don't try putting backdoors in high-profile software because it would be spotted. (They put them in obscure places they hope nobody is paying enough attention to.)

If one takes the position that NSA are entirely hostile/malicious, there are still several potential reasons they might release uninfected software for public benefit - but I'm not going to speculate in case I stumble upon a truth that gets me disappeared...

why_bother · 06-02-2025, 10:41 AM

Quote:

Originally Posted by exerceo

Possible backdoors that are hard to discover, similar to that xz thing in early 2024. The purpose of the NSA is to surveil, so it is hard to believe that they create something like this simply from the goodness of their hearts. ...

No, they didn't. They created it to secure their own systems and then open-sourced it.

exerceo · 06-02-2025, 10:55 AM

Quote:

Originally Posted by why_bother

No, they didn't. They created it to secure their own systems and then open-sourced it.

Couldn't they just have kept it to themselves?

pan64 · 06-02-2025, 11:13 AM

Quote:

Originally Posted by exerceo

Couldn't they just have kept it to themselves?

Does it matter? It's open source, it works, it's tested/verified and it runs on thousands of machines.
What is your goal here ?

exerceo · 06-02-2025, 03:00 PM

Quote:

Originally Posted by pan64

Does it matter? […] What is your goal here ?

Not all that much. I was just curious.

I understand why they open-sourced onion routing, but not this.

Quote:

It's open source, it works, it's tested/verified and it runs on thousands of machines.

Indeed, though I don't think many would trust closed-source software by the surveillance masters.

rclark · 06-02-2025, 03:26 PM

Quote:

I don't think many would trust closed-source software

I believe it is open source... Not closed. That said I don't use it because I feel it isn't necessary on my home machines. In a business environment I would certainly use it.

why_bother · 06-02-2025, 07:19 PM

Quote:

Originally Posted by exerceo

Couldn't they just have kept it to themselves?

I couldn't tell you, I don't work for them to know - and even if I did, chances are, that would be classified.

FWIW, I suspect it was because they didn't want the maintenance burden, so therefore they don't need to pay anyone to maintain it if the "community" is doing that instead.