The Linux Backdoor Attempt of 2003

Josh wrote recently about a serious security bug that appeared in Debian Linux back in 2006, and whether it was really a backdoor inserted by the NSA. (He concluded that it probably was not.)

Today I want to write about another incident, in 2003, in which someone tried to backdoor the Linux kernel. This one was definitely an attempt to insert a backdoor. But we don’t know who it was that made the attempt—and we probably never will.

Back in 2003 Linux used a system called BitKeeper to store the master copy of the Linux source code. If a developer wanted to propose a modification to the Linux code, they would submit their proposed change, and it would go through an organized approval process to decide whether the change would be accepted into the master code. Every change to the master code would come with a short explanation, which always included a pointer to the record of its approval.

— source | Ed Felten | Oct 9, 2013

Nullius in verba


NSA Asked Linus Torvalds To Install Backdoors Into GNU/Linux

The father of Linus Torvalds, Nils Torvalds, is a Member of the European Parliament for Finland. This week, Nils Torvalds took part in the European Parliament’s hearing on the ongoing mass surveillance, and brought a revelation: The United States security service NSA has contacted Linus Torvalds with a request to add backdoors into the free and open operating system GNU/Linux. The entire inquiry is available here on YouTube (uploaded by Hax).

When my oldest son [Linus Torvalds] was asked the same question: “Has he been approached by the NSA about backdoors?” he said “No”, but at the same time he nodded. Then he was sort of in the legal free. He had given the right answer, [but] everybody understood that the NSA had approached him.

— source | 2013-11-17

Nullius in verba