The term "backdoor" in the title is misleading. What is described in the article are a series of what most here would describe as "rootkits". There is no evidence provided of any malicious modification of the Linux kernel or distributions before the user receives them. I don't think that anyone would think that Linux (or any other OS) would be safe after an attacker had obtained complete control of the system.
It doesn't matter what fancy word we are using -what matters is that our systems are compromised by an agency that can just steal our data without us even knowing.
Why should we even care about the academic definition of a backdoor? Is it less of a privacy problem if it is a "malware"?
Words mean things. The term backdoor has specific connotations and GP is right to call the title out as misleading. Your reaction, to immediately accuse them of being a lawyer for the NSA, is absurd, entirely emotionally driven, and makes me question what you think a lawyer working at the NSA would actually do.
No, words have meaning and we should be using the correct terminology. A backdoor usually means that the product is delivered straight from the manufacturer with a way to bypass the authentication set up by the user. By rootkit we typically mean a program that is installed after the product has been deployed and then gives the possibility to bypass authentication.
Both are bad, but one is arguably worse than the other, because one sets every user at risk, the other is much more targeted.
> what matters is that our systems are compromised by an agency
Chinese systems were compromised by an American agency. That's pretty much their job description and business as usual for a spy agency in any country. You can be outraged at that, but if the NSA were putting backdoors in the Linux kernel, then they'd put the whole world including their own citizens at risk, which is arguably even worse.
A backdoor and a rootkit are fundamentally different things with different implications. Any OS can have rootkits written for it. Not all OSes have vulnerabilities that might allow the installation of those rootkits.
For self proclaimed "security researchers", this article is lacking in specifics. For example, what are the CVE's for this backdoor, installation method, processes affected, anything at all?
It is striking that such a backdoor in seemingly safe OSs like Linux and FreeBSD, is nearly completely unknown one year after the revelation. No social media outcries, no mention on the TV, no debates, no comments from people like Torvalds and Stallman (though I by no means imply they were direcly involved).
The reason why is remains a "secret" is that the whole matter is deeply, deeply political.
We are amidst a new Cold War -this time between the US and China. The sole purpose of this backdoor could be exactly to spy on the Chinese government or corporations.
Yet we all know that the NSA would not limit the use of the backdoor to that.
Linux is not a "safe" operating system by any stretch of imagination. The only saving grace is the fact Linux users are not profitable to malware authors due to very low market share. Still, I think it's naive to view it as a secure operating system/kernel because it is not designed nor built for that goal explicitly. OpenBSD on the other hand is a worthy contender against a determined adversary and is developed by skilled and highly paranoid people.
Having managed just about every OS I have learned to see it a little differently. Rather just about every OS can be hardened to the point of being secure but each OS and each iteration of said OS will have different default kernel compile options, admin configurable settings, kernel tuned settings that vary the amount of "friction" the end user is meant to experience. Even Windows NT had more security controls than Linux and BSD combined mostly pilfered from VMS but the defaults were opened up to minimize friction for businesses. Windows XP, Linux, MacOS reduced friction even further to improve adoption by developers and end users alike, to a fault. Not just security but also memory management behavior. Windows Linux and Mac allow over-committing memory by default to improve adoption by people early in their development career. So I guess what I am trying to say is that people have decided they will trade in friction for usability and thus has resulted in a myriad of gaping holes by design. Each OS have tools to harden them as far as one wishes to go. The BSD community have accepted that they will endure a little more friction by default and I can respect that.
I've read Richard's blog (his "political notes") and I come away with a feeling that his extreme politics at the very least clouds his thinking, if not directly influences it.
The end result is he carefully picks and chooses topics for which he is passionate about (in the context of computing and 'software freedom') nearly right up and down party lines.
Once upon a time a basketball player had both a gambling addiction and
a mistress addiction. No news reports on both issues due to the
fact that said player controlled sports reporter access to him.
News not covered never ever has to do with politics no matter what side it has
to do with access to the subject being controlled.
Aha Aha, I got the verbatim info from the sports reporter, he is now dead for over a decade, and the player I refer to is MJ of the Bulls.
No, I don't think anything is safe from a determined adversary with near-infinite resources, especially if they are specifically targeting you. This is a basic tenet of infosec.
So for the record the current title is: So you think Linux is safe from the NSA? You couldn't be more wrong
Personally, I flagged it because that's very misleading and it's not a backdoor.
If anything, the original title should have been edited in the opposite direction, to not use the word "backdoor". Or to add [sic]. But "a backdoor" without "in Linux" is not super egregious.
I flagged it because your silly clickbait title is a misinterpretation of both the contents of the article and narrates a enormous jump to a ridiculous conclusion. Its fake tiktok gosh-wow horseshit and does not belong on hacker news.
Readit News
Why should we even care about the academic definition of a backdoor? Is it less of a privacy problem if it is a "malware"?
No, words have meaning and we should be using the correct terminology. A backdoor usually means that the product is delivered straight from the manufacturer with a way to bypass the authentication set up by the user. By rootkit we typically mean a program that is installed after the product has been deployed and then gives the possibility to bypass authentication.
Both are bad, but one is arguably worse than the other, because one sets every user at risk, the other is much more targeted.
> what matters is that our systems are compromised by an agency
Chinese systems were compromised by an American agency. That's pretty much their job description and business as usual for a spy agency in any country. You can be outraged at that, but if the NSA were putting backdoors in the Linux kernel, then they'd put the whole world including their own citizens at risk, which is arguably even worse.
99.999% of our systems are not compromised.
So yes they do cyber attacks but the scope and method is so very different between those two categories.
Nor did I see any description of a backdoor in Linux, just a backdoor that runs on Linux.
The reason why is remains a "secret" is that the whole matter is deeply, deeply political.
We are amidst a new Cold War -this time between the US and China. The sole purpose of this backdoor could be exactly to spy on the Chinese government or corporations.
Yet we all know that the NSA would not limit the use of the backdoor to that.
The end result is he carefully picks and chooses topics for which he is passionate about (in the context of computing and 'software freedom') nearly right up and down party lines.
Once upon a time a basketball player had both a gambling addiction and a mistress addiction. No news reports on both issues due to the fact that said player controlled sports reporter access to him.
News not covered never ever has to do with politics no matter what side it has to do with access to the subject being controlled.
Aha Aha, I got the verbatim info from the sports reporter, he is now dead for over a decade, and the player I refer to is MJ of the Bulls.
Dead Comment
Not saying these are a 100% secure but you're plying this was _built_ into Linux (and other OSes). It was not. And the PDF makes no such claim either.
Also, (2022)
Personally, I flagged it because that's very misleading and it's not a backdoor.
If anything, the original title should have been edited in the opposite direction, to not use the word "backdoor". Or to add [sic]. But "a backdoor" without "in Linux" is not super egregious.
Deleted Comment
Dead Comment