Skip to main content


The new CEO of #docker comes from an #nsa company (NSA vets and NSA projects), #hortonworks

RIP, Docker.
Rob Bearden to replace Steve Singh as Docker CEO

Apart from the fact, that Docker had no life to loose yet, SeLinux was made officially with collaboration of the NSA and its quite alive and not so bad at all.

SeLinux is a paradox. If the NSA is using it, it must be secure, yet it cannot be too secure...

SeLinux was made officially with collaboration of the NSA and its quite alive and not so bad at all.
Said the one who sells "closed free software" in the Third World Countries in violation of the GPL license and withholds information:
https://diasp.org/posts/12258107#49191627-40ed-48b5-903a-1cf22a03c663
It is not surprising that in this case, he promotes backdoors from Western intelligence agencies.

Only backdoors to your computers, @ivan zlax

BTW: may be you feel inclined to explain the sweet little monkey here, what "inhouse software" means @tomgrz ?

Well, I have more questions than explanations: If SeLinux is indeed used "in-house" in the NSA, and if there are any back-doors, the existence of those back doors would weaken their own in-house software security, either directly and/or indirectly. On the other hand, can the NSA really afford to release seriously secure systems software?

Ahh, there is some misunderstanding here. I do inhouse software for african projects that of course and as usual will not be disclosed to anyone but the users. The latter of course can do what they see fit with it and the full source codes we deliver.

And yes, I would find it astounding, if the NSA would not use Linux/SeLinux inhouse, we cannot know though, because: secrecy.

Regarding seriously secure: its open source with a free license and its but the lock, not the keys or better: not even thze lock but a blueprint for a lock. So: it would not be very wise, to install and run a binary delivered by the NSA but SeLinux binaries built from properly audited source codes is another story....

it would not be very wise, to install and run a binary delivered by the NSA but SeLinux binaries built from properly audited source codes is another story…

Yes, of course. But my question remains: can the NSA really afford to release seriously secure systems software (sourcecode)?

In the end SeLinux is not much more that a tool to restrict access under Linux

Yes, good point. A "seriously" secure system would need to be engineered from the start with security as a priority, hardened and tested to ridiculous extremes. Why don't they have that?

@tomgrz because government pay them salaries for developing backdoors and spying on users, but not for closing vulnerabilities and blocking spying. It's simple.

@tomgrz agreed... to improve security on the softwareside in Linux is a job for low level devs improving already existing libs and the kernel. Shiny new stuff cannot add much to that....