The NSA gives you SE Android

[Bateluer]

http://selinuxproject.org/page/SEAndroid

Some distinctive features of our SE Android reference implementation in comparison to prior efforts of which we are aware include:
Per-file security labeling support for yaffs2,
Filesystem images (yaffs2 and ext4) labeled at build time,
Kernel permission checks controlling Binder IPC,
Labeling of service sockets and socket files created by init,
Labeling of device nodes created by ueventd,
Flexible, configurable labeling of apps and app data directories,
Userspace permission checks controlling use of the Zygote socket commands,
Minimal port of SELinux userspace,
SELinux support for the Android toolbox,
Small TE policy written from scratch for Android,
Confined domains for system services and apps,
Use of MLS categories to isolate apps.

Not sure if there's an NSA back door though. 😛

 

[Brian Stirling]

I don't think you can sell anything in the USA if it is difficult for the NSA to get into it. The main telecom submarine truck lines coming from Asia are routed through an NSA system so they can listen in whenever they want.

But, if the government is bad business is worse if only for different reasons. Uncle Sam wants to know if you're breaking the law or are up to no good (there determination) but business wants to know everything about you so they can better sell you stuff.

Sadly, business and government are mutually parasitic so government will let business spy on you as much as they want so long as government can get access to that info as well. Similarly, business will provide easy access to government because that means government will continue to let business do as they please...

George Orwell wasn't even close...


Brian