[Discuss] our friend the nsa
Richard Pieri
richard.pieri at gmail.com
Thu Sep 19 11:09:40 EDT 2013
Eric Chadbourne wrote:
> It seems, from my little apartment in Quincy, with no data to back this
> up, that it's safe to assume 1 through 3. 4 I don't know about. I
> _feel_ safe with the kernel. Gnome and the rest scare me.
I wrote this a while back: security means thinking about worst cases.
Apply this to point number 4. Not knowing whether or not you can trust a
thing should be a much greater concern than knowing what you can or
can't trust.
There are kernel vulnerabilities that on paper can't be exploited but
become exploitable when SELinux is enabled. The ones I know about have
been fixed but remember: worst case thinking. There have to be others
that I don't know about.
Has Linux kernel security been compromised by the NSA? I assume it has
been, which means I know about how much I can trust it. I could be
wrong, but remember: worst case thinking.
--
Rich P.
More information about the Discuss
mailing list