News

NSA Has Code Running In the Linux Kernel And Android

The saying “how deep does the rabbit hole go” has never been more appropriate with regards to NSA speculation as everyday people seem to pull up something new. With the USA’s National Security Agency, or NSA, in the spotlight recently over the whole PRISM saga, it seems to have made pretty big news everywhere. Now it emerges that the NSA has code running in both the Linux Kernel and in Android. Though this isn’t anything new, as it has been known since 2003, it has only just come to mainstream public attention.

The NSA had an active role in developing SELinux, that is security enhanced Linux. I am sure it won’t be long before sceptics pull the “Surveillance enhanced Linux” out of the bag.

The SELinux project was merged into the Linux Kernel back in 2003 meaning it is present in all Android and Linux distributions available today. The tool is an implementation of mandatory access controls for the Linux distribution. It is described below:

SELinux is a security enhancement to Linux which allows users and administrators more control over access control.

Access can be constrained on such variables as which users and applications can access which resources. These resources may take the form of files. Standard Linux access controls, such as file modes (-rwxr-xr-x) are modifiable by the user and the applications which the user runs. Conversely, SELinux access controls are determined by a policy loaded on the system which may not be changed by careless users or misbehaving applications.

SELinux also adds finer granularity to access controls. Instead of only being able to specify who can read, write or execute a file, for example, SELinux lets you specify who can unlink, append only, move a file and so on. SELinux allows you to specify access to many resources other than files as well, such as network resources and interprocess communication (IPC).

Not being a very Linux educated person I can’t really comment on the likelihood of SELinux being a backdoor. However, I can point out that people have speculated SELinux is an NSA backdoor to all Linux and Android devices. On the other hand other people have rubbished those claims stating that with Linux being an open source operating system there is no way such a backdoor could have existed unnoticed. Furthermore all source code for the NSA’s SELinux project is open source and available for examination.

What are your thoughts on this?

Image courtesy of Linux

Ryan Martin

Disqus Comments Loading...

Recent Posts

Intel Unveils Core 200H Processors Based on the Previous Raptor Lake Refresh

Without any formal announcement, Intel appears to have revealed its new Core 200H series processors…

11 hours ago

Ubisoft Reportedly Developing a New Quadruple A Game

Ubisoft is not having the best of times, but despite recent flops, the company still…

11 hours ago

STALKER 2: Heart of Chornobyl Update 1.1 Fixes 1,800 Issues and Revamps A-Life 2.0

If you haven’t started playing STALKER 2: Heart of Chornobyl yet, now might be the…

11 hours ago

Report: Microsoft Developing Cross-platform Interface for Xbox Games on Other Platforms

According to Windows Central journalist Jez Corden, Microsoft is reportedly working on a cross-platform interface…

12 hours ago

Nintendo Switch Sales Surpass PlayStation 2 in the United States

In recent months, gamers have been closely monitoring Nintendo Switch sales as the console edges…

1 day ago

Helldivers II Adds Killzone 2 Collaboration

Despite Helldivers II's popularity, fans have long felt the game lacked collaborations. Nearly a year…

1 day ago