The Bvp47 - a Top-tier Backdoor [sic] of US NSA Equation Group
pangulab.cnThe term "backdoor" in the title is misleading. What is described in the article are a series of what most here would describe as "rootkits". There is no evidence provided of any malicious modification of the Linux kernel or distributions before the user receives them. I don't think that anyone would think that Linux (or any other OS) would be safe after an attacker had obtained complete control of the system.
It doesn't matter what fancy word we are using -what matters is that our systems are compromised by an agency that can just steal our data without us even knowing.
Why should we even care about the academic definition of a backdoor? Is it less of a privacy problem if it is a "malware"?
Words mean things. The term backdoor has specific connotations and GP is right to call the title out as misleading. Your reaction, to immediately accuse them of being a lawyer for the NSA, is absurd, entirely emotionally driven, and makes me question what you think a lawyer working at the NSA would actually do.
> It doesn't matter what fancy word we are using
No, words have meaning and we should be using the correct terminology. A backdoor usually means that the product is delivered straight from the manufacturer with a way to bypass the authentication set up by the user. By rootkit we typically mean a program that is installed after the product has been deployed and then gives the possibility to bypass authentication.
Both are bad, but one is arguably worse than the other, because one sets every user at risk, the other is much more targeted.
> what matters is that our systems are compromised by an agency
Chinese systems were compromised by an American agency. That's pretty much their job description and business as usual for a spy agency in any country. You can be outraged at that, but if the NSA were putting backdoors in the Linux kernel, then they'd put the whole world including their own citizens at risk, which is arguably even worse.
A backdoor and a rootkit are fundamentally different things with different implications. Any OS can have rootkits written for it. Not all OSes have vulnerabilities that might allow the installation of those rootkits.
It's far less of a problem if it's malware, because malware has to be installed. If it's a real backdoor it's already present on every Linux machine.
We care for the same reason we care about someone calling their monitor "the CPU". If you don't know basic terminology you're probably clueless.
Because anyone that downloads Linux is fine. Someone has to take your computer and install this software into it before you become vulnerable.
99.999% of our systems are not compromised.
So yes they do cyber attacks but the scope and method is so very different between those two categories.
For self proclaimed "security researchers", this article is lacking in specifics. For example, what are the CVE's for this backdoor, installation method, processes affected, anything at all?
There is a link to a PDF with technical details right in the beginning.
I read it and didn't see answers to any of that.
Nor did I see any description of a backdoor in Linux, just a backdoor that runs on Linux.
In western infosec circles, the term C2 framework (command and control) would have been more appropriate.
So there is. I guess the backdoor is distributed through malicious PDF's.
It is striking that such a backdoor in seemingly safe OSs like Linux and FreeBSD, is nearly completely unknown one year after the revelation. No social media outcries, no mention on the TV, no debates, no comments from people like Torvalds and Stallman (though I by no means imply they were direcly involved).
The reason why is remains a "secret" is that the whole matter is deeply, deeply political.
We are amidst a new Cold War -this time between the US and China. The sole purpose of this backdoor could be exactly to spy on the Chinese government or corporations.
Yet we all know that the NSA would not limit the use of the backdoor to that.
No what is striking is that you don't understand what a "backdoor" is. The article does not describe what everybody agrees a "backdoor" is.
Linux is not a "safe" operating system by any stretch of imagination. The only saving grace is the fact Linux users are not profitable to malware authors due to very low market share. Still, I think it's naive to view it as a secure operating system/kernel because it is not designed nor built for that goal explicitly. OpenBSD on the other hand is a worthy contender against a determined adversary and is developed by skilled and highly paranoid people.
Having managed just about every OS I have learned to see it a little differently. Rather just about every OS can be hardened to the point of being secure but each OS and each iteration of said OS will have different default kernel compile options, admin configurable settings, kernel tuned settings that vary the amount of "friction" the end user is meant to experience. Even Windows NT had more security controls than Linux and BSD combined mostly pilfered from VMS but the defaults were opened up to minimize friction for businesses. Windows XP, Linux, MacOS reduced friction even further to improve adoption by developers and end users alike, to a fault. Not just security but also memory management behavior. Windows Linux and Mac allow over-committing memory by default to improve adoption by people early in their development career. So I guess what I am trying to say is that people have decided they will trade in friction for usability and thus has resulted in a myriad of gaping holes by design. Each OS have tools to harden them as far as one wishes to go. The BSD community have accepted that they will endure a little more friction by default and I can respect that.
I've read Richard's blog (his "political notes") and I come away with a feeling that his extreme politics at the very least clouds his thinking, if not directly influences it.
The end result is he carefully picks and chooses topics for which he is passionate about (in the context of computing and 'software freedom') nearly right up and down party lines.
Let me tell you a story about access
Once upon a time a basketball player had both a gambling addiction and a mistress addiction. No news reports on both issues due to the fact that said player controlled sports reporter access to him.
News not covered never ever has to do with politics no matter what side it has to do with access to the subject being controlled.
Aha Aha, I got the verbatim info from the sports reporter, he is now dead for over a decade, and the player I refer to is MJ of the Bulls.
A professional athlete likes to lie down with ladies? Say it isn't so.
> It is striking that such a backdoor in seemingly safe OSs like Linux and FreeBSD [...]
Not saying these are a 100% secure but you're plying this was _built_ into Linux (and other OSes). It was not. And the PDF makes no such claim either.
No, I don't think anything is safe from a determined adversary with near-infinite resources, especially if they are specifically targeting you. This is a basic tenet of infosec.
Don't editorialize titles. Original: The Bvp47 - a Top-tier Backdoor of US NSA Equation Group
Also, (2022)
Is this the reason why it got flagged?
So for the record the current title is: So you think Linux is safe from the NSA? You couldn't be more wrong
Personally, I flagged it because that's very misleading and it's not a backdoor.
If anything, the original title should have been edited in the opposite direction, to not use the word "backdoor". Or to add [sic]. But "a backdoor" without "in Linux" is not super egregious.
I changed it to the original title of the post. Is it ok? If not I am adding [sic] as you suggest -but I've never seen it in other posts here
I'm not really sure what's optimal but I removed my flag.
It is still flagged
I flagged it because your silly clickbait title is a misinterpretation of both the contents of the article and narrates a enormous jump to a ridiculous conclusion. Its fake tiktok gosh-wow horseshit and does not belong on hacker news.
there are some discussions online: https://www.reddit.com/r/linux/comments/umk24z/linux_backdoo...
Aren't the popular Linux distros, with default configuration, much less secure than the other OS like macOS, Windows and surely Android and iOS?
I thought this was the working assumption.
I would be interested in knowing which threat model we'd be considering to draw this conclusion.
No, popular Linux distros, with default configuration, is considerably more secure than Windows, and probably more secure than MacOS. This is universally accepted and basic infosec ken. You thought very wrong, fix your ken.
Don't the others OS have varying levels of app sandboxing while Linux has basically none?
'app sandboxing' is one part, of a small part, of a subsection of a general thread model, why would you pick that when you talk about 'secure'? And LOL no, Linux has SELinux, apparmor, firejail, flatpak, snap, docker, lxc, and various hypervisors for 'app sandboxing', Linux does not have 'basically none', it has arguably to many.
Still talking about default config here
AFAIK the default config on Windows to install a program is still downloading an executable installer on Windows.
On Linux, the default config is you install most programs from the "trusted" distribution's repositories. Flatpaks and Snaps are increasingly used for apps that are not in the repository. They are not perfect, but they are improving.
I don't know how it works for macOS. You'd download a program image but I don't know what the program can do and if there's a sandbox.
Interesting. I believe the opposite, especially with respect to Windows.