its difficult to keep these things in perspective, because if you try to take something hysterical and talk it down, you look like the bad guy.
im not a security expert, i do find these stories interesting (in practical terms, not just intellectually) and im NOT saying this is no cause for concern. it is definitely cause for concern! the only question is how much.
as mark shuttleworh disingenuously tried to say once: "dont trust us? we have root!" he was implying that canonical doesnt need a backdoor-- because they already have total control of the repositories.
if you want to be upset, be upset about the backdoors that intel builds right into your firmware-- which dont care what operating system you have. be upset that the linux kernel isnt as secure as bsd-- its not. we are 100% of the time (except those who use bsd) choosing the convenience of the linux kernel over the relative security of bsd.
because security is about choices. you can have the most secure laptop in the entire world, leave it in your hotel room-- theres no compromise like physical access. someone can slide a device right into one of your ports, and the best software in the world wont matter.
backdoors are bad, we should fight them. including this one.
writing a new operating system kernel every time a kernel gets compromised is silly for a few reasons. its going to be a long time (years) before most kernels can be vouched for in comparable security terms. dos doesnt need a backdoor, its completely open. windows doesnt need a backdoor, though i guess it probably has several for convenience-- microsoft has full write access to the system.
like shuttleworth they have root, and like shuttleworth they have abused it to the point where they should not be trusted again.
and the same goes for the person who wrote this kernel patch, this is why its good to keep track of security issues.
but a critical vulnerability and a backdoor are the same thing in practical terms, and critical vulnerabilities (and backdoors) need to be fixed.
but if youre going to give up on the kernel (and every distro that uses it) just to pick some random alternative (im not dissing hurd. ive never read its authors bragging about its robust security as-is) could be like moving from a house of sticks to a house of straw just because the sticks were blown down.
backdoor or not, the linux kernel remains one of the more secure kernels out there. because if the kernel has a backdoor... the solution is to simply "remove it."
the solution for most other kernels is not that simple-- we dont know a lot about the security of the hurd. (though now i am curious.)
most of you dont have the skill to remove a serious kernel flaw, and i dont either. but if youre actually serious about security, you find the people who can fix it and you get the fixed version, and avoid the compromised version.
there are very few kernels that even have that option. hurd gets fixed and maintained less than the linux kernel. i seriously, seriously, seriously doubt that using hurd will give you better security.
and im pro-other-kernels, it irritates me that systemd only cares about linux. i tried kfreebsd when systemd came in. i decided i wanted better hardware support. thats why we choose linux over bsd mostly-- linux has got better hardware support.
switch to bsd if you want, its a truly fantastic kernel, its security is way better than linux. youll probably be disappointed that a lot of its development was funded by the us department of defense. which doesnt mean its not a good kernel-- its almost certainly better with better security. backdoors? couldnt tell you. im going to guess it has fewer vulnerabilities, better design.
security is a higher priority for bsd. but i use gnu+linux, where security is-- whats the security-related phrase we all know: "pretty good."
should you think i dont take this seriously, the first thing i did (before i typed the 8th paragraph) is run uname -a:
Linux [hostname] 4.12.13_1 # 1 SMP PREEMPT [clock needs to be set] i686 GNU/Linux
am i concerned? of course. its just about how much concern is the right amount. you can have just as much concern as you want, i want to try to turn my concern into a practical response.
kernel hopping could be that response for some people, if they choose that i hope they make a choice based on secure design, as well as good developer intentions-- not just good intentions and unrealistic expectations.
backdoors are bad, but a mountain of vulnerabilities provides a pretty good backdoor too.
jean-michel wroteOk, last news.
Patches are done, everything about speck has been removed in my linux-nospeck-4.17 kernel.
Time to use the patches in PKGBUILD, build the kernel and make a test inside my VM.
awesome, good work. whether thats for you or for the official obarun build, you just became (or already were) one more person that can help. compiling kernels is still something that i dont mess with. distro modification is something i didnt bother with until 2 years ago.