[4916] in cryptography@c2.net mail archive
Could Open Source Software Help Prevent Sabotage? (fwd)
daemon@ATHENA.MIT.EDU (Zombie Cow)
Sun Jun 20 14:05:12 1999
Date: Sun, 20 Jun 1999 20:37:33 +0300 (EEST)
From: Zombie Cow <waste@zor.hut.fi>
To: cryptography@c2.net
Cc: InfoSec News <isn@repsec.com>
http://linuxtoday.com/stories/6876.html
Could Open Source Software Help Prevent Sabotage?
Jun 18th, 11:07:50
[ The opinions expressed by authors on Linux Today are their own.
They speak only for themselves and not for Linux Today. ] -lt ed
Linux Today reader Miko Wakabayashi has been doing a little thinking
about an article she just read:
This may not be directly releated to LINUX, but.... it
underscores a point about software.
Imagine a Chinese agent working at Microsoft. How difficult
do you think it would be to insert a little "backdoor" into a
Windows .dll file or somewhere else? With the Government
jumping into NT left and right, a secret backdoor or even an
"easter egg" that shuts the system down on command could
cripple our entire defense network, law enforcement and just
about anything else. How much easier it would be to fight a
war against an enemy whose computers are all crashed
beyond repair?
They used to worry that the Soviets would detonate a nuclear
device in the atmosphere causing an EMP spike to cripple our
computer networks. If a spy inserted as little as 5 lines of code
into every Windows system in the country, a signal could be
broadcast over the internet to simultaneously crash every NT
server and workstation with an internet connection.
Firewall be damned, it is NT based as well. With the dozens of
"accidental" security holes in NT, how hard would it be to
create one intentionally, and a trusted programmer in
Redmond could do this easily and hide it fairly effectively.
In my opinion, articles like this as well as the Eeye
announcement, absolutely requires that we insist the
Government adopt Open Source software.
That way the agencies can control their own systems and it
would be impossible to hide security holes and backdoors. Plus
if one is uncovered, it can be fixed right away.
This is a scary article[1] and can be used to promote the
adoption of Linux in any enterprise.
Daniel Oran wrote a novel "Ulterior Motive" about
"MegaSoft" inserting secret code into their operating system
that enabled them to spy on people. Now we know Microsoft
can do this and has already admitted to doing this. Can you
imagine the implications of a spy having total access to the
CIA, NSA, FBI, IRS, the Pentagon and every other agency?
Think about it, then write your congressperson.
[1] http://www.worldnetdaily.com/bluesky_dougherty/19990618_xnjdo_missile_fa.shtml
