How NSA access was built into Windows
Andrew Parker
andrewparker at bigfoot.com
Mon Jan 15 15:05:24 UTC 2007
On 1/15/07, Claude Jones <claude_jones at levitjames.com> wrote:
> On Mon January 15 2007 8:03 am, Andrew Parker wrote:
> > I've spent a good 10-15 hours a week developing selinux for the last
> > year or so, and have quite a detailed understanding of the code
> > there. I can assure you now that I have never seen anything that
> > looks like a back door in any of the code.
> >
> > I also work for the NSA.
> >
> > That is how it could be hidden. A few developers saying this, but
> > without the previous paragraph.
>
> Andrew: My intent in posting that link was not to cast aspersions on you or
> Stephen Smalley or any of the other NSA personnel involved in the Selinux
Sorry Claude, I did wonder when I wrote that if it was going to be
misconstrued. My point was that if somebody (or a number of people)
spoke up and vouched for the code, how would we know that they were
legit? They could have been working for the NSA, added the code
themselves, then vouched for themselves (as it would be in their best
interests) and we would be none the wiser. These 'facts' may then
stop others checking the code, and maybe we would never be any wiser.
BTW, I do not/have not ever worked for the NSA, I was just trying to
illustrate a point - how can trust those that may speak up and say
that its ok?
You are right to question it though. It is something that should be
questioned on a regular basis too - if t he code changes, back doors
can be added.
Also, is my memory unreliable, or did selinux actually start out at the NSA?
More information about the users
mailing list