Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

NSA’s Encryption Algorithm in Linux Kernel is Creating Unease in the Community


  • Please log in to reply
22 replies to this topic

#1 NickAu

NickAu

    Bleepin' Fish Doctor


  • Moderator
  • 13,268 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:127.0.0.1 Australia
  • Local time:05:47 AM

Posted 04 August 2018 - 05:21 PM

 

Linux Kernel 4.17 saw the inclusion of NSA’s ‘controversial’ encryption algorithm Speck. Linux Kernel 4.18 will see Speck being available as a supported algorithm with fscrypt and not everyone is happy about it.

Before you panic or form wrong conclusions, you should know that Speck is not a backdoor. It’s just a not-so-strong encryption algorithm from American agency NSA and it’s available as a module in Linux Kernel.

https://itsfoss.com/nsas-encryption-algorithm-in-linux-kernel-is-creating-unease-in-the-community/

 

 

This should be interesting.


Arch Linux .
 
 Come join the fun, chat to Bleeping computer members and staff in real time on Discord.
 
The BleepingComputer Official Discord Chat Server!


BC AdBot (Login to Remove)

 


#2 JohnC_21

JohnC_21

  • Members
  • 24,041 posts
  • ONLINE
  •  
  • Gender:Male
  • Local time:03:47 PM

Posted 04 August 2018 - 05:31 PM

A not so strong encryption algorithm provided by the NSA. Why is that not surprising?

 

The ISO has decided not to approve two NSA-designed block encryption algorithms: Speck and Simon. It's because the NSA is not trusted to put security ahead of surveillance:

 

 

https://www.schneier.com/blog/archives/2017/09/iso_rejects_nsa.html


Edited by JohnC_21, 04 August 2018 - 05:32 PM.


#3 MadmanRB

MadmanRB

    Spoon!!!!


  • Members
  • 3,076 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:No time for that when there is evil afoot!
  • Local time:03:47 PM

Posted 04 August 2018 - 09:06 PM

While I understand why google contributed the code, I am more upset that this was accepted.
I mean why its not like the other kernel contributors (sans Microsoft) have NSA contracts, at least with google I know they have NSA contracts but why it passed I have no idea.
Googles code should have been made as a option as I am more upset that it passed scrutiny rather google itself


You know you want me baby!

Proud Linux user and dual booter.

Proud Vivaldi user.

 

ljxaqg-6.png


#4 Condobloke

Condobloke

    Outback Aussie @ 54.2101° N, 0.2906° W


  • Members
  • 5,968 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:47 AM

Posted 04 August 2018 - 09:29 PM

I find the bottom couple of paragraphs of interest...:

 

Lots of speculation in the Linux community over Speck

Alert Linux users spotted the inclusion of Speck in the Kernel 4.17 and since then it has become a debate topic in various Linux communities on the internet.

 

Arch Linux users already started discussions on blocking the Speck module from Kernel.

 

What’s interesting is that the Speck module has defaulted as off from kernel.org but Arch Linux has it turned on by default. Don’t ask me why.

 

How to disable Speck from Linux Kernel [Advanced users only]

If you are an average Linux user with Ubuntu, Mint, Fedora and other non-rolling release distributions, chances are that you are not even using Kernel 4.17.

 

I don’t recommend it for everyone but if you are an advanced user who is habitual of messing with the kernel, check the Linux kernel version and if it uses Kernel 4.17, you may blacklist the Speck kernel module.

 

If it doesn’t exist already, create /etc/modprobe.d/blacklist.conf file and add the following lines to it:

blacklist CONFIG_CRYPTO_SPECK
What do you think of Speck and its inclusion in Linux Kernel 4.17?

I’ll repeat that no one has proved that Speck has a backdoor. It’s just the ill reputation of NSA that is causing the speculations.

 

Should it not be disabled by default by all the distributions unless it is intended to be used on a device?


Condobloke ...Outback Australian  fed up with Windows antics...??....LINUX IS THE ANSWER....I USE LINUX MINT 18.3  EXCLUSIVELY.

“A man travels the world in search of what he needs and returns home to find it."

It has been said that time heals all wounds. I don't agree. The wounds remain. Time - the mind, protecting its sanity - covers them with some scar tissue and the pain lessens, but it is never gone. Rose Kennedy

 GcnI1aH.jpg

 

 


#5 JohnC_21

JohnC_21

  • Members
  • 24,041 posts
  • ONLINE
  •  
  • Gender:Male
  • Local time:03:47 PM

Posted 04 August 2018 - 09:43 PM

My question would be why even put it in the kernel in the first place. For what reason would you do it knowing it was rejected by ISO?


Edited by JohnC_21, 04 August 2018 - 09:44 PM.


#6 MadmanRB

MadmanRB

    Spoon!!!!


  • Members
  • 3,076 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:No time for that when there is evil afoot!
  • Local time:03:47 PM

Posted 04 August 2018 - 09:46 PM

Again probably because google has NSA contracts


You know you want me baby!

Proud Linux user and dual booter.

Proud Vivaldi user.

 

ljxaqg-6.png


#7 Condobloke

Condobloke

    Outback Aussie @ 54.2101° N, 0.2906° W


  • Members
  • 5,968 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:47 AM

Posted 04 August 2018 - 09:57 PM

""why even put it in the kernel in the first place."".....for the most valuable commodity of our time....

 

Information.


Condobloke ...Outback Australian  fed up with Windows antics...??....LINUX IS THE ANSWER....I USE LINUX MINT 18.3  EXCLUSIVELY.

“A man travels the world in search of what he needs and returns home to find it."

It has been said that time heals all wounds. I don't agree. The wounds remain. Time - the mind, protecting its sanity - covers them with some scar tissue and the pain lessens, but it is never gone. Rose Kennedy

 GcnI1aH.jpg

 

 


#8 NickAu

NickAu

    Bleepin' Fish Doctor

  • Topic Starter

  • Moderator
  • 13,268 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:127.0.0.1 Australia
  • Local time:05:47 AM

Posted 04 August 2018 - 10:07 PM

Its a " 3 letter govt security agency " they dont need a reason.

 

njashRq.jpg


Arch Linux .
 
 Come join the fun, chat to Bleeping computer members and staff in real time on Discord.
 
The BleepingComputer Official Discord Chat Server!


#9 66Batmobile

66Batmobile

  • Members
  • 325 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:State of Denial
  • Local time:03:47 PM

Posted 04 August 2018 - 10:33 PM

For some reason these Judas Priest lyrics popped into my head when I read the original post:

 

"You think you have private lives, think nothing of the kind/There is no true escape, I'm watching all the time"

~Electric Eye

 

It's not fair! It's Linux! It's not fair! :o


Edited by 66Batmobile, 04 August 2018 - 10:34 PM.

Gen. Barker - You haven't heard the last of this!!

Hawkeye Pierce - I wasn't listening to the first of it...


#10 Gary R

Gary R

    MRU Admin


  • Malware Response Team
  • 838 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:47 PM

Posted 05 August 2018 - 12:38 AM

And then they ask us why we act all paranoid. :crazy:

 

How can we not, when even the people we're supposed to be able to trust, are not to be trusted.  :nono: 



#11 Mike_Walsh

Mike_Walsh

    Bleepin' 'Puppy' nut..!!


  • Members
  • 1,353 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:King's Lynn, UK
  • Local time:08:47 PM

Posted 05 August 2018 - 05:46 AM

I wouldn't know about the NSA, but I know one thing. Our lot at GCHQ, Cheltenham are every bit as untrustworthy as your lot are; they have, after all, been in the US Govt's 'back-pocket' for long enough due to the long-standing 'special arrangement' that came into being after WWII....

 

And under our current PM (and ex-Home Secretary), Ms. May, they're becoming ever more devious, too. Witness the Bill passed last year that forces all ISPs to hand-over all data on their customers whenever requested to do so 'in the interests of national security'. And you and I and Joe Bloggs down the road have absolutely no say in the matter..... It's been described, by the Washington Post, that

 

".....the UK's ISP filtering systems have created "some of the strictest curbs on pornography in the Western world".[55] There is no public scrutiny of the filtering lists. This creates the potential for them to be expanded to stifle dissent for political ends, as has happened in some other countries."

 

 

(from Wikipedia)

 

What price 'freedom', eh? (It's all an illusion, anyway; just a way to keep the masses quiet.)  :rolleyes:

 

---------------------------------------

 

And then they ask us why we act all paranoid.  :crazy:

 

How can we not, when even the people we're supposed to be able to trust, are not to be trusted.   :nono:

 

 

Y'know, Gary, that 'says it all'. QED.

 

 

Mike.  :wink:


Edited by Mike_Walsh, 05 August 2018 - 10:53 AM.

Distros:- Multiple 'Puppies'..... and Anti-X 16.1

My Puppy BLOG ~~~  My Puppy PACKAGES

Compaq Presario SR1916UK; Athlon64 X2 3800+, 3 GB RAM, WD 500GB Caviar 'Blue', 32GB Kingspec PATA SSD, 3 TB Seagate 'Expansion' external HDD, ATI Radeon Xpress 200 graphics, Dell 15.1" pNp monitor (1024 x 768), TP-Link PCI-e USB 3.0 card, Logitech c920 HD Pro webcam, self-powered 7-port USB 2.0 hub

Dell Inspiron 1100; 2.6 GHz 400FSB P4, 1.5 GB RAM, 64GB KingSpec IDE SSD, Intel 'Extreme' graphics, 1 TB Seagate 'Expansion' external HDD, M$ HD-3000 'Lifecam'.

 

KXhaWqy.gifFQ8nrJ3.gif

 

 


#12 JohnC_21

JohnC_21

  • Members
  • 24,041 posts
  • ONLINE
  •  
  • Gender:Male
  • Local time:03:47 PM

Posted 05 August 2018 - 10:25 AM

“Arguing that you don't care about the right to privacy because you have nothing to hide is no different than saying you don't care about free speech because you have nothing to say.”

 

Edward Snowden


Edited by JohnC_21, 05 August 2018 - 10:26 AM.


#13 SuperSapien64

SuperSapien64

  • Members
  • 922 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:47 PM

Posted 05 August 2018 - 01:48 PM

“Arguing that you don't care about the right to privacy because you have nothing to hide is no different than saying you don't care about free speech because you have nothing to say.”

 

Edward Snowden

Excellent quote, I completely agree.



#14 66Batmobile

66Batmobile

  • Members
  • 325 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:State of Denial
  • Local time:03:47 PM

Posted 05 August 2018 - 06:17 PM

And then they ask us why we act all paranoid. :crazy:

Easy now, just because I had all my metal fillings removed, built a faraday cage around my house and wear the latest in tinfoil headware, doesn't mean I'm paranoid :blink: :P  :whistle:

 

In all seriousness, one of the reasons I moved to Linux in the first place was because this sort of thing was supposedly less of an issue :nono:

 

That and I got tired of messing with "the other".


Gen. Barker - You haven't heard the last of this!!

Hawkeye Pierce - I wasn't listening to the first of it...


#15 Gary R

Gary R

    MRU Admin


  • Malware Response Team
  • 838 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:47 PM

Posted 06 August 2018 - 12:23 AM

You and me both. Linux allowed me a level of control and privacy that M$ doesn't, and that's why I moved to it.

 

Shame that something like this come along.

 

Realistically though, it's not something I'm overly worried about, as I encrypt anything I want to keep secure with a 3rd party encryptor. 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users