NSA funds work to thicken Linux armor

The National Security Agency enlists computer security company Network Associates to help create a version of Linux that's less vulnerable to attack.

Stephen Shankland principal writer
Stephen Shankland has been a reporter at CNET since 1998 and writes about processors, digital photography, AI, quantum computing, computer science, materials science, supercomputers, drones, browsers, 3D printing, USB, and new computing technology in general. He has a soft spot in his heart for standards groups and I/O interfaces. His first big scoop was about radioactive cat poop.
Expertise processors, semiconductors, web browsers, quantum computing, supercomputers, AI, 3D printing, drones, computer science, physics, programming, materials science, USB, UWB, Android, digital photography, science Credentials
  • I've been covering the technology industry for 24 years and was a science writer for five years before that. I've got deep expertise in microprocessors, digital photography, computer hardware and software, internet standards, web technology, and other dee
Stephen Shankland
2 min read
The National Security Agency, the electronic snooping arm of the U.S. government, has enlisted computer security company Network Associates to help create a version of Linux that's less vulnerable to attack.

The NSA awarded the two-year, $1.2 million contract to the PGP Security division of the Santa Clara, Calif.-based company, Network Associates announced Monday. The company will add more security features into a version of Linux the NSA already has paid for called "Security-Enhanced Linux" (SELinux).

Network Associates also will help present the changes to the community of programmers who collectively produce Linux under the open-source method.

The NSA is interested in a version of Linux that is kept more secure by restraining programs so they have only the bare minimum of privileges required to do their jobs. That would make it harder for attackers to take advantage of "buffer overrun" or "format string" vulnerabilities.

The NSA already has worked with Secure Computing to develop SELinux. It's also working with VMWare to create software that will divide a single computer into partitions so, for example, one person working on unclassified work couldn't get access to another's top-secret work.

Network Associates will modify Linux so it can be used to accommodate different security policies, the company said.

The changes will be released to the open-source community, Network Associates said. The General Public License that governs Linux requires that anyone who distributes changes to the heart of the operating system must publish those changes.

Since 1991 when Linus Torvalds began work creating Linux, a clone of the Unix operating system, it has gained in popularity and now is a key part of newer businesses such as Red Hat and behemoths such as IBM.

Because Linux may be freely obtained and modified, it's become a popular foundation for experimentation, from trying out new Internet standards to creating cheap supercomputers.