Safety of Linux vs. NSA

Hans-Georg v.Zezschwitz (support@science-products.com)
Thu, 25 Apr 1996 02:18:34 +0200 (MET DST)


Hi everybody,

this night on the second German TV-channel (ZDF) there was a very interesting
report about the PROMIS-software and other aspects of safety.

In short, the ZDF had several interviews with guys working formerly for
the NSA (National Security Agency) and several German and American
computer scientists.

The most interesting point was the PROMIS software, being a software to
junk several items you can get from different dbases to a personal profile
of a person. Mainly banks, the police and secret services are customers
of this software.

The main idea behind this report was, that the NSA in some way "stole"
the PROMIS-software from its original authors (can't remember the name
of the (American) company), and modified it in a way that some software
(combined with hardware tricks) emitted radio frequency regulary sending
out the content of the hard disks in a way you can receive those informa-
tions (probably even by satelite).

The promis software was propagated by a child company of the Maxwell-
"empire" (yes, the guy with the newspapers) and spread first to two
African states, later on even to the KGB-successors.

I know this sounds really strange, and probably on the other hand
some of you know even more about this.

There was - according to the report - an inquiry of the congress about
these affairs (and the strange suicide of a former NSA-programmer who
wanted to meet a reporter the next day, but died in his hotel). Within
this inquiry, Microsoft complained about pressure from the NSA for
including back entrances to Windows 95 for the NSA to enter
the harddisk content as well. (Moreover about Lotus Notes 4 who had
to reveal 24 bits of the security key for eMail to the NSA).

As an American prof. said in the interview - "the most dangerious thing
about this is that nobody will buy American software if it should
be proven that it has may have severe backentrances for "untrusted
persons".

Well, I know, for some of you this sound incredible, for others I'm
telling what everybody knows. But what I want to point out:
Another argument for Linux might be, that any backentrance that
involves the change of the OS should be found by the community within
several days, and Linux in some ways is probably the only real OS that
can be claimed free of the influence of any national interests.

For somebody who want's to run MS Word and write a letter to his friend
this might be of minor interest, but if you personally hear about the
PROMIS-case in your trusted media (ZDF is something like "state-television"
and rather conservative - so every negative things about NSA I consider to be
trusted when brought by the ZDF) and have any argues about Linux and
Safety, keep this advantage in mind and the complain of MS to the congress
that even MS was pressured to introduce safety holes in their software
(though they aren't need there :-) ).

P.S.: Did any Germans save this report to video tape? I'm very interested
in getting a copy.

Bye,

Georg