[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: How NSA access was built into Windows



On 1/15/07, Claude Jones <claude_jones levitjames com> wrote:
On Mon January 15 2007 8:03 am, Andrew Parker wrote:
> I've spent a good 10-15 hours a week developing selinux for the last
> year or so, and have quite a detailed understanding of the code
> there. I can assure you now that I have never seen anything that
> looks like a back door in any of the code.
>
> I also work for the NSA.
>
> That is how it could be hidden. A few developers saying this, but
> without the previous paragraph.

Andrew: My intent in posting that link was not to cast aspersions on you or
Stephen Smalley or any of the other NSA personnel involved in the Selinux

Sorry Claude, I did wonder when I wrote that if it was going to be
misconstrued.  My point was that if somebody (or a number of people)
spoke up and vouched for the code, how would we know that they were
legit?  They could have been working for the NSA, added the code
themselves, then vouched for themselves (as it would be in their best
interests) and we would be none the wiser.  These 'facts' may then
stop others checking the code, and maybe we would never be any wiser.

BTW, I do not/have not ever worked for the NSA, I was just trying to
illustrate a point - how can trust those that may speak up and say
that its ok?

You are right to question it though.  It is something that should be
questioned on a regular basis too - if t he code changes, back doors
can be added.

Also, is my memory unreliable, or did selinux actually start out at the NSA?


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]