This meeting was set up by CALUG coordinator Randy Schrickel, who does some consulting for NSA himself and already knew a bit about (Security-Enhanced Linux ), as the modified-by-NSA version is called. Since NSA's headquarters at Fort Meade is close-by Columbia, Schrickel called the agency to ask if someone would be willing to come to the group's meeting to talk about it.
Loscocco and Smalley agreed to stop by, and their talk was a treat. Both worked on SE Linux, and what they described that night seems to be, even as a prototype, some serious stuff. SE Linux goes way beyond the "firewalls," or virtual barriers, that keep intruders out of today's networked computers. As system administrators know all too well, firewalls don't entirely fireproof computers. Crackers still sneak in open ports, send viruses through e-mail, or dump damaging codes through Web-page forms, Trojan Horse-style. And once someone gains "root access" to a machine, they own it. In contrast, SE Linux checks every process the computer undertakes against a customizable matrix of allowable actions. It's security management for control freaks.
That NSA concerns itself with Linux at all might seem surprising at first blush. After all, the operating system and the federal agency occupy opposing ideological poles. Linux is all about openness: Only because its code is publicly available for programmers worldwide to improve upon can it grow and prosper. NSA is all about secrecy: Only by maintaining a cloak of absolute anonymity can it carry out its chief mission of monitoring foreign communications for information of interest to the feds.
But few are aware that NSA has a second mission, one that leads directly to projects such as SE Linux: building communications systems that can't be cracked, listened in on, or otherwise compromised. This is putatively for the Good of the Nation. Especially since the end of the Cold War--operatives cut loose from foreign spy agencies are now engaged in all manner of espionage for foreign companies and governments. (As one CALUG member noted after the meeting, "The wars between nations today are economic ones.") So it is in the country's best interest, the argument goes, for the government to build crack-proof computer systems for U.S. corporations.
And who better to do the building than NSA, which knows a thing or two about cracking systems? Back in the '70s, when IBM was working on what would soon become the government Data Encryption Standard (the super-strength algorithms subsequently used by banks and other organizations to protect sensitive information), the NSA stepped in to assist Big Blue. Turns out, the agency had been working on something similar for years.
Besides, Loscocco pointed out, NSA, like a lot of government agencies, is interested in using Linux to cut costs. NSA's work would go a long way toward making the operating system a lot more attractive to the general public.
While Linux advocates can rejoice that their favorite OS is now a big enough player to warrant attention from the premier U.S. spy agency, the resulting work does raise a serious question: Is there some sort of backdoor code written into SE Linux? Did NSA plant secret access points it can use to gain entry into people's computers?
It's a darn good question. Earlier this month, Germany announced it is ridding sensitive government offices of Microsoft software for fear that NSA has planted back doors in the company's products. Last September, an ex-NSA analyst accused the agency of persuading some commercial software companies to program booby hatches into their products to ease surveillance. And a few years ago, when the government was hammering out a standard for creating electronic signatures for online contracts, NSA approved a proposed digital signature but didn't identify a serious flaw that would allow a sophisticated party (say, NSA) to install a trapdoor.
When the question was put to Loscocco at the CALUG meeting, his answer was simple: Back doors can't be done with Linux--not without being discovered. Unlike commercial programs built on code that isn't public, Linux's innards are open for anyone to examine. It would be darn near impossible to hide some secret functionality in open-source software; sooner or later, some inquisitive programmer would find the planted opening.
Nothing up our sleeves, see?
Loscocco and Smalley seemed earnest about what they are doing. Later this month, Loscocco told the CALUGers, the two will be attending the Linux kernel summit, where choices are made about which contributions will be rolled into future versions of the Linux OS' core. There, they will make their case to incorporate NSA's features.
That's going to be a tough choice for Linux gatekeepers. In the long run, NSA's contributions could strengthen the OS immeasurably. But will Linux adherents really want their software to have "NSA Inside"?
A million conversations are going on right now on Twitter--what do they have to say to you
Three Feet High and Rising (7/22/2009)
Expat Baltimore writer and ex-Last Picture Show lead man Louis Maistros weaves a luring tale from New Orleans
Spy Lame (8/27/2008)
A Book About What Your Stuff Says About You Doesn't Reveal Enough
812 Park Ave.
Baltimore, MD 21201