The NSA, the original primary developer of SELinux, released the first version to the open source development community under the GNU GPL on December 22, 2000.[6] The software was merged into the mainline Linux kernel 2.6.0-test3, released on 8 August 2003. Other significant contributors include Red Hat, Network Associates, Secure Computing Corporation, Tresys Technology, and Trusted Computer Solutions.
While they created a set of patches that would implement the security features that selinux provides, what was actually merged was the result of several years of open collaboration and development towards implementing those features.
There’s general agreement that the idea that the NSA proposed is good and an improvement, but there was, and still is, disagreement about the specific implementation approaches.
To avoid issues, an approach was taken to create a more generic system that selinux would then take advantage of. That’s why selinux, app armor and others can live side by without it being a constant maintenance and security nightmare. Each one lives in their little self contained auditable boxes, and the kernel just makes the “check authorization” function call and it flows into the right module by configuration.
The Linux community was pretty paranoid about the NSA in 2000, so the code definitely got a lot more scrutiny than the typical proposal.
A much easier way to introduce a backdoor would be to start a tiny company that produces some arbitrary piece of hardware which you then add kernel support for.
https://github.com/torvalds/linux/tree/master/drivers/input/keyboard - that’s just the keyboard drivers.
Now you’re adding code to the kernel and with the right driver and development ability you can plausibly make changes that have non-obvious impacts, and as a bonus if someone notices, you can just say “oops!” And not be “the god-damned NSA” who everyone expects to be up to something, and instead be 4 humble keyboard enthusiasts with an esoteric set of lighting and input opinions like are a dime a dozen on Kickstarter.
It’s not paranoia if it’s true. Snowden showed us that they really are spying on all of us all the time
Paranoia in the sense of being concerned with the ill intent of others, not the sense of an irrational worry about about persecution. Much like how the intelligence community itself is said to have institutional paranoia.
It is much harder now that https is the standard. They still can work wig individual companies but that’s a much smaller scope.
If they’re in your OS they see the data before it’s encrypted
Exactly
They first need access. That’s not hard with proprietary focused operating systems but with a properly secured Linux or AOSP system it is much more tricky.
We saw a very sophisticated attack on Linux earlier this year with the XZ exploit. That stuff is terrifying and the sort of thing people should be worried about. SELinux is tame, by comparison.
It is also important to note that it is pretty easy to do surveillance these days. People care around cell phones and there are massive camera systems that can track someone with high detail.
I haven’t looked at the keyboard drivers, or much Linux source. I never really had a reason to do a lot of C other than small microcontroller projects.
But I see this stuff and think of how awesome it must have felt to get a different keyboard working on an OS the first time. I have to do all this stuff with cloud, and api levels, and configuring CI/CD pipelines, and sometimes I get to write backend C# code or they let me play in the front end. Most of the time it’s telling another team of developers what to do, and listening to our clients explain the problems and I have to figure out if we already have anything to fulfill at least some of those needs.
These drivers are the divine marriage of hardware that’s not native to the machine that an OS is running on. It’s so beautiful to read. You can visualize where the values enter a memory address, and bits get shifted or something is static so the keyboard always uses the right thing.