EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS

11.24.13

Trusting Trust and Trusting Red Hat et al.

Posted in Microsoft, Red Hat, Servers at 5:27 am by Dr. Roy Schestowitz

Even Red Hat’s logo does not inspire confidence

Red Hat logo

Summary: Why companies which are based on the United States cannot be trusted as US law requires them to provide access to personal information (or even back doors) without ever disclosing this

Red Hat Enterprise Linux 6.5 has just come out [1,2,3]. Red Hat targets the so-called 'cloud' (surveillance-friendly) market with it, quite frankly as usual [4]. Cutting-edge RHEL prototypes like Fedora 20 are to be released soon, and Scientific Linux (not just CentOS) will need to catch up by rebranding RHEL (they are being compared in terms of performance in [5]). Some people are remixing [6] Red Hat’s distributions, not rebranding them. But few people actually audit RHEL code line by line. Disassembling RHEL binaries is an even greater challenge, so nobody knows for sure what RHEL does. It’s a vast body of software and it is deployed in many mission-critical operations, not just in the United States.

“Trusting Trust” is an old concept, coined by some of the earlier UNIX folks. This subject happened to have been raised during business lunch earlier this week and it speaks on the degree of trust we must place on compiler developers, chipmakers, high-level software companies, and even Free software developers whose code we never personally audited (or continue to audit every time a new release is made available). Verifying the security of a small piece of software like a CMS (as Germany currently does) is feasible, but for entire operating systems it is virtually impossible and then there’s the peril of checking chip designs, their fabrication process, and the same for software (compilers). IBM et al., those who infect computers with TPM (NSA connections) only lead to mistrust. We are talking about a “special surveillance chip” here. And yes, there is history to it. Slashdot published this bit of analysis a few months ago. Read the comments too. One says: “I work for Red Hat…. The NSA asks me to put code in the Linux kernel and I pass it to Linus.” (see the context for more interesting information of this kind).

There is currently a discussion in Diaspora about this. It is argued that Red Hat will need to appease the government — especially the Pentagon/DOD — in order to keep winning major contracts that are derived from black budgets sometimes. There are stories I am aware of (but cannot share) about the role spies play in procurement for government. They can veto and influence decisions. This is a very ugly side of procurement which many people are simply not aware of. It only makes sense for Red Hat to try to appease the NSA and perhaps attach code from the NSA, with or without sufficient scrutiny (it goes well beyond involvement in SELinux, which is not the NSA’s only role in Linux). Well, some in Twitter wanted more information about this, so I reminded them that several years ago I wrote about how RHEL goes through the NSA before release; the same is true for SUSE. Now we know for sure that Linux was the target of NSA back doors [1, 2, 3, 4]; more new reporting on this [7-10] is starting to appear (people are catching up) and a new report tells us that “NSA infected 50,000 computer networks with malicious software” [11].

“he law in the US has become somewhat incompatible with freedom-respecting software.”We already know that the NSA worked closely with Microsoft and got a widely-used platform (internationally) with back doors it has exclusive access to, which basically means that Microsoft Windows is a Trojan horse for the NSA. Just remember where Linux is being developed. It’s the same country as Microsoft and Apple. Projects like Debian inherit some code from Red Hat, which complicates things further. The chain of trust is undone.

After the new report from the New York Times [12,13] (published to make huge impact this weekend) perhaps it’s time for Torvalds to withdraw his newly-acquired US citizenship and move back Linux development to Finland. With all sorts of National Security Letters, gag orders, oppressive laws like PATRIOT Act etc. we just know that those based in the US can be forced to facilitate surveillance (without ever speaking about it publicly). This may sound like a radical solution, but when companies like Red Hat and the Linux Foundation need to comply with US laws we just simply cannot have any trust. Torvalds pretty much lied to us (in a clever way) about NSA request for back doors in Linux, but his father, who is a European politician based in Europe, told us the truth.

In the past we argued that Red Hat should move to Europe because of software patents (I asked Red Hat’s CEO about it and he dismissed the possibility). Now we have another reason to suggest relocation. The law in the US has become somewhat incompatible with freedom-respecting software.

Related/contextual items from the news:

  1. Red Hat Enterprise Linux 6.5 Delivers Precision Timing
  2. Red Hat Launches Latest Version of Red Hat Enterprise Linux 6
  3. Red Hat Enterprise Linux 6.5 arrives
  4. Red Hat and eNovance to accelerate adoption of Red Hat Enterprise Linux OpenStack platform

    Red Hat Inc. and eNovance, an emerging European leader in the open source cloud computing market, are collaborating to deliver OpenStack implementation and integration services to joint customers. The companies made the announcement at the OpenStack Summit in Hong Kong.

    The collaboration between Red Hat and eNovance is aimed at accelerating enterprise adoption of OpenStack globally. According to a new report from 451 Research, OpenStack-related business revenue is expected to exceed $1 billion by 2015 as the enterprise market for OpenStack evolves.

  5. Fedora 20 Beta vs. Ubuntu 13.10 vs. Scientific Linux 6.4
  6. Update on x2go

    I’ve been playing with / using x2go more lately and I sure do like it. I originally learned about it by reading the Fedora 20 ChangeSet and saw that it will be a new feature in the upcoming Fedora 20. I started using Fedora 20 shortly before the alpha release came out. Fedora 20 Beta was released on 2013-11-12… and I’ve been building my MontanaLinux remix about once a week.

  7. NSA wanted a backdoor in Linux, confirms Linus’ father
  8. Did NSA contact Linus for a backdoor in Linux? [updated]
  9. Linus’ father confirms NSA attempt at backdoor in Linux
  10. Mastering Linux, Backdoor’d, & openSUSE 13.1
  11. NSA infected 50,000 computer networks with malicious software
  12. N.S.A. Report Outlined Goals for More Power

    In a February 2012 paper laying out the four-year strategy for the N.S.A.’s signals intelligence operations, which include the agency’s eavesdropping and communications data collection around the world, agency officials set an objective to “aggressively pursue legal authorities and a policy framework mapped more fully to the information age.”

    Written as an agency mission statement with broad goals, the five-page document said that existing American laws were not adequate to meet the needs of the N.S.A. to conduct broad surveillance in what it cited as “the golden age of Sigint,” or signals intelligence. “The interpretation and guidelines for applying our authorities, and in some cases the authorities themselves, have not kept pace with the complexity of the technology and target environments, or the operational expectations levied on N.S.A.’s mission,” the document concluded.

    Using sweeping language, the paper also outlined some of the agency’s other ambitions. They included defeating the cybersecurity practices of adversaries in order to acquire the data the agency needs from “anyone, anytime, anywhere.” The agency also said it would try to decrypt or bypass codes that keep communications secret by influencing “the global commercial encryption market through commercial relationships,” human spies and intelligence partners in other countries. It also talked of the need to “revolutionize” analysis of its vast collections of data to “radically increase operational impact.”

  13. Latest Snowden leak reveals NSA’s goal to continually expand surveillance abilities

    In a mission statement last year the US National Security Agency described how it would continue to expand its power and assert itself as the global leader in clandestine surveillance, according to a new report based on the Edward Snowden leaks.

Share this post: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Reddit
  • co.mments
  • DZone
  • email
  • Google Bookmarks
  • LinkedIn
  • NewsVine
  • Print
  • Technorati
  • TwitThis
  • Facebook

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

What Else is New


  1. STRASBOURG: Representative of Lufthansa Accused of Corruption

    According to some international sources, it was on account of the corrupt and criminal tendencies with which he has been endowed by nature and which he used to assist international corporations in protecting dubious patents in the Republic of Croatia that Željko Topić was rewarded with a position at the EPO in Munich, although his skills and mindset indicate that he does not belong there. This is also indicated by the fact that this complex-ridden individual recently changed his place of residence in Zagreb.



  2. IBM and Watchtroll, Together With Microsoft, Among the Driving Forces for Resurgence of Software Patents

    A look at who keeps lobbying against Alice and where/how; also our assessment of why such lobbying won't be getting them anywhere any time soon



  3. Alice/U.S.C. § 101 is a Done Deal, Meaning Software Patents Are Effectively Dead in the US

    A look back at this summer’s patent cases where software patents are consistently (almost without exception) invalidated by courts, owing to § 101 (U.S.C./SCOTUS/Supreme Court)



  4. Patents Roundup: Cisco and Arista, MP3 Liberated, and 'Phone (Patent) Tax' Estimated

    Some of the very latest reports about patents in the US and how these impact the market (costs, availability, and viability of Free/Libre Open Source software)



  5. Links 23/7/2017: Wine 2.13, Krita 3.2.0 Second Beta, KDE Applications 17.08 Beta, GNOME 3.25.4, Debian 9.1 and 8.9

    Links for the day



  6. Patent Troll MPEG-LA Expands From Software Patents to Patents on Life While USPTO is Virtually Headless

    The travesty of software patents, such as patents on multimedia compression and playback, may soon be made worse as patents on genome are being aggregated by a notorious patent aggressor



  7. Lack of Independence of the Boards of Appeal at the European Patent Organisation (EPO) a Fatal Blow for the UPC

    Issues associated with the EPC, namely the lack of separation of powers at the EPO, may mean that the UPC is merely a zombie waiting to accept its permanent death



  8. [DE] STRASBOURG: Vertreter der Lufthansa wegen Korruption angeklagt

    Laut manche internationale Quellen wurde Željko Topić gerade wegen korruptiven und kriminellen Neigungen, mit welchen er von Natur begabt ist und mit welchen er den internationalen Korporationen beim Schutz von zwielichtigen Patenten in der Republik Kroatien geholfen hat, eigentlich belohnt mit der Arbeitsstelle in EPO in München, obwohl er laut seine Kenntnisse und seine Mentalität dorthin nicht gehört. Dafür spricht auch die Angabe, daß er als Person mit Komplexen neulich seinen Wohnsitz in Zagreb geändert hat.



  9. Links 21/7/2017: New Wine, Ubuntu EoL

    Links for the day



  10. The Bizarre World of US Patents and Ongoing Pursuit/Granting of Software Patents in Spite of Section 101

    A survey of recent patents that are either far too trivial, pertain purely to software, promote surveillance, or are pursued purely for vanity (when a court is likely to deem these invalid anyway)



  11. Battistelli's EPO Abuses May Soon Lead to the Death of the UPC and Return of the Old Order ('EPO Glory')

    Having severely damaged the EPO, in a selfish effort to make Europe attractive to patent trolls and bullies, Team Battistelli gradually goes away along with the UPC



  12. Links 20/7/2017: Qt Creator 4.4 Beta, Libgcrypt 1.8.0

    Links for the day



  13. Microsoft is Googlebombing “Linux” This Week in Order to Sell Proprietary Software That Does Not Run on GNU/Linux (and While Blackmailing OEMs Over Linux)

    A reminder of the fact that Microsoft very much hates GNU/Linux, lobbies against it (e.g. in Munich), blackmails companies that distribute it (using software patents) and shares all data stored by its software through back doors (for access by the NSA and other Western spy agencies)



  14. PTAB Persists and AIA Dominates in Spite of Smears and Bullying From Patent Extremists Including Watchtroll

    The America Invents Act (AIA) and the Patent Trial and Appeal Board (PTAB) maintain and gain prominence in spite of nefarious tactics of attack sites such as Watchtroll



  15. Patent Reform in the United States is Led by the Supreme Court, Not Industrial Lobbies

    Although lobbying by large corporations has served to change the patent landscape in the US, a lot of the big changes become possible because Justices with no vested interests (in patents and patent lawsuits) overturn decisions from the Court of Appeals for the Federal Circuit



  16. Unified Patent Court (UPC): A Conspiracy of Lies and Silence

    The impasse which makes impossible any progress on the Unified Patent Court (UPC) is simply being ignored -- as if it never happened -- by Team UPC



  17. The British Government May be Pulling Out of the UPC Fantasy, Team UPC in Panic or Denial About It

    The latest news about the UPC -- news that Team UPC conveniently ignores -- is that the British government "withdrew motion on Unified Patent Court with no notice"



  18. Links 19/7/2017: MPV 0.26, Netrunner Rolling 2017.07

    Links for the day



  19. Links 18/7/2017: Sparky 5.0, Krita 3.2 Beta, Mageia 6, Slackware Turns 24

    Links for the day



  20. New Paper Explains Why UPC Ratification Efforts Have Been Just About as Corrupt as EPO Under Battistelli

    Yesterday, Dr. Ingve Björn Stjerna revealed serious Constitutional issues with the campaign for the Unified Patent Court, which resembles an aggressive Battistelli-esque coup, not a democratic process by any stretch of imagination



  21. Anti-Patent Trolls Reform in the US Evolves Nicely and Rogue Judges Get Named, Shamed

    A quick look at today's coverage regarding the battle against patent trolls in the US, as well as the patent microcosm's war on the Patent Trial and Appeal Board (PTAB)



  22. Software Patents Lobbying at IAM Strives to Reinforce the Positions of Patent Maximalists

    The latest push for software patents in the software powerhouse which is India and rants about the EPO's admission about overpatenting, only after pressure from the European Commission



  23. UPC Puff Piece in the Scottish Media is Just an Advertisement by Marks & Clerk

    Advertising in the form of an 'article' (complete with self-serving bias and falsehoods) in The Scotsman today, courtesy of Team UPC



  24. From East to West and Even Down South at the Eastern District of Texas Patent Trolls Are Losing Everything

    Patent trolls that are accustomed to friendly judges, typically in the Eastern District of Texas, will be circling down the drain if the trend of "fee award" (to the vindicated defendant) continues



  25. Those Who Endlessly Attacked Michelle Lee Now Attack Supporters of PTAB, Not Just PTAB

    Watchtroll, which combats patent progress by character assassination of instrumental figures, continues in its warpath today



  26. In the Face of Malicious Lobbying, High Tech Inventors Alliance (HTIA) and Computer and Communications Industry Association (CCIA) Protect PTAB

    A new push by the patent microcosm to eliminate PTAB and marginalise Section 101 (which helps suppress software patents) is quickly met with opposition from concerned politicians and groups that represent actual technology companies



  27. Weakening of Patents Assigned to Google and Another New Patent Lawsuit Against Uber

    Project Loon patent canceled, Google's lawsuit against Uber gets 'diluted' by 75%, and Uber faces a new lawsuit in the Eastern District of Texas (capital of patent trolls)



  28. After the 'Fall' of Texas, Patent Trolls Struggle and Some Are on the Retreat

    Things are getting out of hand for patent trolls, which find themselves on the defensive (from challenges to all their patents) and try to escape the cases they started in order to dodge paying fees (to no avail)



  29. Immersion, FitBit, Jawbone, and Creative Chose to be a Pile of Patents Rather Than Real Companies

    FitBit is the latest company to be slapped by Immersion (having already driven Jawbone out of business) and there's news about Creative, which uses old patents to shake down Apple and Android OEMs



  30. Debate About Software Patentability in India Still Dominated by Patent Lawyers Rather Than Software Developers

    The warped debate in English-speaking media gives the impression that India should open the door to software patents even though it's perfectly clear that such patents would harm India's interests


CoPilotCo

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

CoPilotCo

Recent Posts