• hemko@lemmy.dbzer0.com
    link
    fedilink
    English
    arrow-up
    273
    arrow-down
    1
    ·
    3 months ago

    The story does not tell us how Linus Torvalds responded to the NSA, but I’m guessing he told them he wouldn’t be able to inject backdoors even if he wanted to, since the source code is open, and all changes to it are reviewed by many independent people.

    Yeah I’m guessing the answer would be more colorful based on the historical data we have

  • Icalasari@fedia.io
    link
    fedilink
    arrow-up
    123
    arrow-down
    7
    ·
    3 months ago

    I somehow misread that as NBA, and was very confused what basketball had to do with OS backdoors

    NSA makes

    WAY more sense

  • Hugin@lemmy.world
    link
    fedilink
    arrow-up
    106
    arrow-down
    1
    ·
    3 months ago

    Years ago there was a commit to the Linux kernal that strangly had no author. This got some attention of several of the developers.

    Looking into the code that had to deal with network transmission. there was a section that if you tried to get network access in a unusual way had a check that was written something like this.

    If (usr_permission = ROOT) … Instead of If (usr_permission == ROOT) …

    The first giving the user root if invoked and the second checking to see if the user was root.

    It’s widely thought this was the NSA or some other intelligence agency trying to backdoor lin Linux.

  • Arthur Besse@lemmy.ml
    link
    fedilink
    English
    arrow-up
    64
    ·
    3 months ago

    he wouldn’t be able to inject backdoors even if he wanted to, since the source code is open

    Jia Tan has entered the chat

    • awiteb@lemmy.4rs.nlOP
      link
      fedilink
      English
      arrow-up
      48
      ·
      3 months ago

      I wouldn’t be surprised if I knew that the backdoors that appear in Windows were designed by someone. I didn’t know they were this brazen.

          • sunzu2@thebrainbin.org
            link
            fedilink
            arrow-up
            18
            arrow-down
            2
            ·
            3 months ago

            exploits regularly found in AMD and intel consumer chips

            didn’t apple chips get spotted with a vulnerability also? m2s?

            • ᥫ᭡ 𐑖ミꪜᴵ𝔦 ᥫ᭡@feddit.org
              link
              fedilink
              English
              arrow-up
              14
              arrow-down
              1
              ·
              edit-2
              3 months ago

              That’s not a hard proof, people keep saying Intel ME and AMD PSP are potential backdoors ( key word: potential ) and this argument is good if we’re arguing about: which is the best ISA, an Open ISA ( RiscV ) or closed ISA ( x86 )

              I was asking for a general example, I know that Mediatek chips included a backdoor but I only found one article that talked about it … In french…

              Mobos : I think it’s MSI ( I could be wrong ) that installed a piece of software through a Bios update, which showed they have privileged remote access capabilities ( I couldn’t find that source, sorry )

              Another example would be ASUS and Gigabyte Mobos, now the initial source says it came from the second hand resellers, but no one confirmed that… which is scary… because that would mean it came straight from ASUS and/or Gigabyte

              I was asking for incidents that you came across that could demonstrate the presence of firmware backdoors, saying having too many bugs is not a good argument, because all software has bugs.

        • awiteb@lemmy.4rs.nlOP
          link
          fedilink
          arrow-up
          2
          arrow-down
          1
          ·
          3 months ago

          I’m not innocent, but this is unbelievable, that they would ask the main developer to plant a virus in it!! This is really rude

          • sunzu2@thebrainbin.org
            link
            fedilink
            arrow-up
            11
            ·
            3 months ago

            He is lucky he is no a US national… that convo could have gone down differently. People telling US spooks no, don’t live long.

            • chicken@lemmy.dbzer0.com
              link
              fedilink
              arrow-up
              4
              ·
              edit-2
              3 months ago

              tbf the article only assumes he told them no because of how implausible it seems the task would be, the actual details of what if anything was discussed and what happened are unknown.

    • einkorn@feddit.org
      link
      fedilink
      arrow-up
      16
      arrow-down
      1
      ·
      3 months ago

      For what? Destabilizing the whole technological ecosystem of the planet is not a crime. ¯\(ツ)

  • ragica@lemmy.ml
    link
    fedilink
    arrow-up
    50
    arrow-down
    1
    ·
    3 months ago

    As long as the backdoor is licenced GPL what’s the problem?

  • youmaynotknow@lemmy.ml
    link
    fedilink
    arrow-up
    12
    ·
    3 months ago

    If you want t see Mr. Torvalds questioning this in the video in the link, go straight to minute 43.

  • fart_pickle@lemmy.world
    link
    fedilink
    arrow-up
    11
    ·
    3 months ago

    Circa 1975, IBM proposed the cipher now called DES, the Data Encryption Standard. It became a worldwide standard for secret key encryption. As IBM originally designed it, DES had a 64-bit key. The National Security Agency (NSA) required that the key be reduced from 64 bits to 56 bits, with the other 8 bits used as a checksum. This made no sense. If a checksum were really needed, then the key could be increased from 64 to 72 bits. It was widely believed that the real reason the NSA made this demand was that it knew how to crack messages using a 56-bit key, but not messages using a 64-bit key. This proved to be true.

    Secret Key Cryptography by Frank Rubin