With 1000+ Linux distros, it seems like there'd be one with backdoors clandestinely created and distributed by the NSA.

no_effing_merlot@lemmy.world · 3 days ago

With 1000+ Linux distros, it seems like there'd be one with backdoors clandestinely created and distributed by the NSA.

bamboo@lemm.ee · 3 days ago

That would be too obvious and thus ineffective. In reality it is more likely that they have inserted bugs into various open source software covertly, like we saw with xz.

Hugin@lemmy.world · 2 days ago

There was at least one attempt. Back before git the linux kernel was in 1 central repo. There was also a backup repo. It was compromised with a very clever backdoor.

The backdoor was caught but only because it didn’t have a reference to the mainline repo.

if ((options == (__WCLONE|__WALL)) && (current->uid = 0)) retval = -EINVAL;

Note the user uid is being set (=) to root instead of being checked(==) for root.

The full story.

https://freedom-to-tinker.com/2013/10/09/the-linux-backdoor-attempt-of-2003/

x00z@lemmy.world · 2 days ago

Looking at leaks of the past, it’s probably more likely that they have an arsenal of bug exploits instead of backdoors when it comes to opensource stuff.

bamboo@lemm.ee · 2 days ago

Yeah actually that makes more sense than what I originally said. The US is one of the main buyers of gray-market zero day bugs, way cheaper and less risk than trying to covertly implement bugs.

habitualTartare@lemmy.world · 3 days ago

More likely it’s probably a non-free repository that many people choose to use like an Intel driver or something.

Hadriscus@lemm.ee · 2 days ago

Exactly. You have to put yourself in the perpetrator’s mindset

burgersc12@mander.xyz · 3 days ago

Why would they bother with the 1% of 4% of Linux users that use their single distro, they’d be better off targeting windows or mobile users.

horse_battery_staple@lemmy.world · edit-2 3 days ago

Cloud servers run Linux. Also the NSA made the defacto secured kernel for enterprise linux

https://www.redhat.com/en/topics/linux/what-is-selinux

burgersc12@mander.xyz · edit-2 3 days ago

Sure, but its still not a lot of users to target a single distro, even if its the biggest one.

horse_battery_staple@lemmy.world · 3 days ago

All your metadata is on cloud servers. Your smartphone calls back to cloud servers. Lemmy is hosted on linux. It’s not desktop OS that any state actor would target.

burgersc12@mander.xyz · edit-2 3 days ago

I guess I’d be less skeptical if they didn’t already have access to so much more data than any one distro would give them, even if it was running all the fucking servers you mentioned. You even pointed out that they have SELinux so why would they need to make any distros?

horse_battery_staple@lemmy.world · edit-2 2 days ago

You and I agree that there’s no reason for the NSA to backdoor an OS. It’s actually in their best interests to have a secured linux OS, and just buy/collect the metadata they want.

https://www.cnn.com/2024/01/26/tech/the-nsa-buys-americans-internet-data-newly-released-documents-show/index.html

adarza@lemmy.ca · 3 days ago

more than one, more likely.

sp3ctr4l · 3 days ago

Probably Kali.