What would happen if the linus allowed backdoors in Linux: 1. Someone would find it 2. They would fix it and push it back to the official repository 3. If Linus refuses, then someone would just fork linux and fix the bug and then we would have the Linux kernel and some other forked kernel like LibreLinux of SafeLinux, or some other stupid shit. Basically it's in nobody's interest except the NSA's.

"Open source is less secure because everyone can see it" Ah, but you see, that is exactly what makes it more secure. Windows vulnerabilities get discovered when a new attack is launched. Linux vulnerabilities get discovered by inspection, patched and then blogged about to share expertise

Windows doesn't have a backdoor, it has a loading dock.

When Microsft closes a backdoor, they open a Window

Windows 8 and 10 are two greatest things that happened to the computer world in last decade. It made so many developers turn away in disgust and pushed so many people to switch to Linux.

"There is no back door, but if there was and I wasn't allowed to tell you I wouldn't tell you". How very reassuring.

Luckily Linus Torvalds is as paranoid and honorable as I want him to be not to let any malicious code influence his lifetime work and at the same time tell us indirectly that there are people wo want him to. I love Linux =)

how did the nsa expect to get a backdoor into linux without the community noticing..? lol

Translation of Microsoft Executive: "If you have no proof we are conspiring with the NSA, then we're not".

"Linus Torvalds was approached by NSA for backdoor in Linux" Oh, ok, so the NSA has no idea what opensource software is. That's like saying "go hide in that glass house"

LMAO!!! Backdoor in linux? That would be like sending 50 Cent to infiltrate the KKK.

The idea that open source is less secure than proprietary is very misinformed... classic Microsoft

The Snowden documents shows that Microsoft was one of the first tech companies to agree to NSAs backdoors... It is impossible to trust closed software. Obviously, any closed software provider will fervently deny that their software contains backdoors, even when it's obvious it is so. In fact, you have to assume that there are backdoors in all closed software of any importance, it's simply too important to ignore for an organisation like the NSA. Open source software isn't exactly easy to review or trust either but at least it's possible.

5:35 ok so closed source software is better becaus "security through obscurity" , it is a rediculous argument

Why am i not surprised the MS women is claiming open soure is less secure than closed source. And no one can tell me MS has no "NSA backdoors" in Windows.

The idea that FOSS software is vulnerable compared to closed source software is genuine FUD! If a backdoor was found in open sourced software it would be fixed by the community and it would be sent upstream so everyone can benefit from the added security.

I love that he actually understands what he's talking about. He did not forget what everyone else seems to forget - that bugs have huge potential to become backdoors as well.

2:08 Nils Torvalds, father of Linux founder Linus Torvalds speaking about his son Linus: Some guy asked Linus "Have you been approached by the NSA about backdoors?" Linus answered "no", but at the same time he nodded.

Only the European Union talks about this. good thing this inquires happened

Linux is not a os that owned by a company linux belongs to all people and they contribute to develop a cool opensource os

Wait ... WHAT? Listen at the part of her answer at 6:06 ... she says "If there was one (NSA backdoor), then I assume that I am not allowed to be told because it's part of the secret rules which I have to apply not to talk ... but I tell you that there is no backdoors." So basically she says that if there were an NSA backdoor she would either not know or would not be allowed to talk about it - but then states that there are no such backdoors!?

Thank God for the whistle blowers.

If NSA makes backdoor then cybercrime should be legal

Microsoft representatives are manipulating the meaning of the word backdoor. They are exclusively stating that backdoors are program bugs meaning that if you actually deliberately program a backdoor then it effectively is not a backdoor but a feature. Clever play on words.

"bug backdoors" are entirely false - microsoft designed their backdoors to look like bugs. they were just as well documented as the most well-written API.

What is most interesting about this is that Microsoft just admitted to having backdoors in their products. They claimed that they don't give governments access to those backdoors unless they deem it necessary or they don't have a choice, but they have those backdoors nonetheless.

6:16 , that woman raising her head is just comedy gold... "i would not be allowed to tell you but I tell you there is none"

The NSA has also been installing backdoors in popular hardware chips since at least the 1990s.

Let's give an analogy: What if Linux Foundation and Microsoft were construction companies instead of IT-firms and an intelligence agency asked for a physical secret door to every building they construct. Microsoft could do it because their business-model gives their customers a pre-built building. Linux-foundation only gives the blue-prints on how to make the building and anyone with any construction skills can see the design-flaws that's left there

I'm impressed at the politicians[?] understanding of technology. We could only hope for this kind of conversation in the US

Microsoft admitted they had back doors. They spent a great deal of time explaining how they comply with legal requests, court orders, to access customer information. We still don't know if they're accessing our data without our knowledge.

Last week Microsoft closed a -backdoor- bug enabling anyone to take control of any Exchange server. And it was used by nefarious foreign hacker groups. Let's get serious: any backdoor for NSA will be used by other actors on the long run, this should stop. Kudos for Linus and his father.

1 dislike from me, That's not Linus Torvalds, this is not NSA and They are discussing Windows not Linux!

NSA: "Hey Linus, we need you to put backdoors in Linux" Linus: * *uncontrolled laughter* * NSA: "What's so funny?" Linus: * *Hands over "Open-Source For Dummies" book* * New Linux Kernel Source: /** * NAS Dack Boor Section **/

The irony is that Security Enhanced Linux is written by the NSA, but still source-code eyeballed and tested by people around the world so not much chance of any backdoor going undetected.

"There's no backdoors" If a subpoena can get private user information via compliance by MS, then the software is insecure even if it isn't explicitly backdoored.

They have simply bypassed all kernels and gone straight for UEFI and Hypervisors. As well, the residential gateways, DSL(siemens especially), Cable, Fiber are all, no doubt, comprised.

If "closed source" were the solution, we would not have any security issues, on windows. But every admin know that story better.

There should be more discussion upon the ethics of hardware level intrusion by Intel and AMD. Libreboot should be the norm. The potential for abuse is too high, absolute power corrupts absolutely.

It's amazing how adamantly Microsoft's rep is saying that they're not doing everything on a long list of things that they were actually doing.

Best use TempleOS just to be safe 👀

Like father, like son. I appreciated his intervention. Kudos to that man!

Now I see where Linus gets his sense of humour. :)

Microsoft wants US to trust Them! LMFAO! By the way, the fact that open source IS open source negates ANY backdoors from being put in place.

Bit of a description about what we're seeing here would have been nice.

"what is a backdoor?" You can't be seriously insinuating it's not clear enough. It's a way to bypass system security that is placed there by the author of the software (intentionally or unintentionally).

I'm not sure the story is true that the NSA approached Linus for a backdoor into Linux. Here is why: Linus has the oversight of the main line kernel. Nothing more. The kernel is open software with a developer hierarchy that is transparent. Anybody at all times can see the patches made to the kernel. Most people use popular distributions of Linux which derive their Kernels (but modify) from the Linus's kernel. (but they are also open source). This means if one wants to install a backdoor, thousands of developers will need to turn a blind eye. This is impossible. The NSA knows this (it is that obvious). It's much easier to approach KDE or Gnome developers, as less people will view their software. But it's also open software. So also not a good group to ask. The best group of people to ask for a backdoor is the guys that build distributions. But that is also open source for most distributions and there are signature keys to check if binaries (executables) match the source code. Lastly, the NSA can try to ask Nvidia if they are willing to add a backdoor. But that is unlikely because many people watch what these drivers do. Backdoors are only useful in combination with networking. So as a conclusion: dedicated backdoors (and involving people to do so) into Linux is very, very, very unlikely. It's much easier to exploit bad code and it's bugs. Everybody (should) in security knows this.

Fight NSA and others keep Linux clean and Beautiful keep Evil Out.

Even if the Windows didn't had a backdoors which they do It would be pointless One critical backdoor is built into Intel CPUs and AMDs motherboards since 2008

"Did you know of any program that behaves like that?" "We had no part in ..." *clarifies question multiple times* "I think you should be asking..." So... they knew about it? I'm not exactly sure what this is about, but why don't they just lie? They dance around the truth and give themselves away, why don't they lie?

When someone goes on a tirade after a simple question then you know they're hiding something

"Open source is a security risk, and closed source is better, where everything is based on trust." - my as*

Lol! she says that open source software might be more vulnerable than propriety software. Nmap Microsoft servers for OS guess and see how they are NOT using windows, curious.

"it's all about trust" according to Microsoft. That's a relief because Microsoft is of course completely trustworthy. for instance they promised for three versions of Windows that there was preemptive multitasking at the heart of windows and everybody in the audience that I was in who heard that claim, laughed.

Linus and his people are correct, open source is potentially more dangerous to be hacked. So, not allowing a back door or limiting access via their servers is paramount in protecting users. I suspect some government agencies and companies are trying to find a way to hack Linux systems, either for their own gain or to obtain information.

Surprised they have lights on in the room given how much these people glow in the dark.

I love the reaction at 6:18 , exactly how I would expect someone to react to those two statements.

learning x86-64 assembly makes everything open source :)

Linus' dad grilling #Microsoft about #NSA #backdoors - pure gold! #LinuxTorvald #Linux #OpenSource

2:55 this is the correct point. NSA does not implement a backdoor that says NsaBackdoorW32Run(arg). They introduce little bug that you can exploit and that are not obvious to other coders. Especially if you only ever have a handful of people look at the code because it's closed source. And even if you find that planted bug, it's just some coder who did a mistake.

NSA just went upstream for the backdoor. NSA has both Intel's ME and AMD's PSP and Acorn/ARM has belonged to the British government since it started in the 70's. Now they don't care what OS you run; they're on the silicon itself.

The correct response to any request for private user information should be "we can't give you any information." Not "we refuse" but "it's not possible for us to do so."

4:44 did i just hear somebody respond "that's intercourse"?

"You show some governments your source code, but they can't verify that THAT source code is the same that gets compiled into the distributed binary." Compile the source code and compare the resulting binary with the retail version?

The NSA would require a software company to neither confirm nor deny the existence of a backdoor. The fact that they are denying the accusation, as opposed to a 'no comment' or 'cannot disclose' says they are either truthful or lying uneccessarily.

What is this? I mean, the actual meeting, who are they kind of thing? I'd be dead interested in watching more of these conferences or whatever you'd call them.

I think NSA could commit an binary blob to the kernel as Netflix and such did with DRM. Linux has parts that are proprietary software, granted you can disable those modules

How is it OK for the NSA to request backdoors and not OK for Huawei to comply with the Chinese government requests?

Where is Linus Torvalds in this video??

i liked the guy who said i'm busy doing a status update telling that he is in the same room as Linus Torvalds's dad, seems like linus has some supporters(fans) in every corner of the world.

Theres obviously a backdoor if they are able to get access to your computer for legal reasons.lol lawyers are so good at bending the truth good lord

This reminds me of the knights and the knaves. She basically admitted to being a knave. Also, she's giving standard answers by saying that open source is more vulnerable. That is categorically untrue.

5:20 Completely False 5:35 Completely False (Closed source software is not inherantly safer than open source software) Example Compare the number of existing viruses for Windows closed source system vs. Linux open source system. Guess what the number of viruses for windows in the MILLIONS, over 7 digits and for Linux it's less than 100, ... only 2 digits The difference is huge!

You know, theres a clear difference between having some entity, that accesses data and changes it to where there could be a case of security breach between the user/client/software relationship and the user not being able to check him or herself who changed what and what was changed and where that change took place and who overlooked this change! Theres the difference between private entities taking private changes in private circles between private people to put it hyperboly!

SO when do we get the right to opt out of the NSA search unless they produce a warrant by a judge in good standing!

If there was a backdoor, I wouldn't be allowed to tell you, but there isn't one. How reassuring

LOL..."We are telling you the truth when we are". That is a direct quote, not out of context, does anyone else catch this?

These people have obviously never heard of IDA and reverse engineering… For all of the windows driver and the kernel there are PDBs available to make it even easier to reverse the files.

Looked up an article about "detecting lies" while listening that microsoft women... Well the article pretty much predicted what she actually did

It is possible to verify it. Surely, you could just read the instructions as they were loaded into ram and compare them with compiled byte code from the non-backdoor source

Outlook is designed to spread viruses, it ignores the file content of attachments, it allows scripting for automation. Its over powered for most users.

The tech industry is deeply embedded with with the US national security state.

Probably best to do a search on: Ken Thompson's "Reflections on Trusting Trust" To think Linux (even versions without systemD) don't already have multiple backdoors is very Naive.

Is there anything that allows direct and unfettered access? Yes, get in touch with the customer you're trying to get info on directly.

To everyone that keeps claiming that backdoors in Linux are impossible just because it's open source, absolutely not even close to true. Innocuous memory errors which can lead to severe exploits have gotten into the kernel on numerous occasions, and I don't imagine a skilled programmer would have a hard time disguising one in such a way that it just appears like a small mistake, if it's noticed at all. Someone with good knowledge of compiler optimizations could probably even design a piece of code that on the surface looks perfectly memory safe, but in reality is not after certain (legal) optimizations that rely on obscure UB are run.

asking linus torvalds to plant a backdoor on linux is like an owner of a swimming pool asking his own guests who are having fun in the pool "can i pee in here?"

the backdoor is built into your intel or amd chip at the hardware level with the the Intel Management Engine and the AMD Platform Security Processor so having totally secure software is irrelevant

How rude just asks a question then sits on her phone and doesnt even listen

The claims that "open source software is more vulnerable because anybody could easily develop exploits when the source is available" (or similar wording) really make me laugh. I wish everybody understood that there is no such thing as securiry from obscurity.

- I'm telling you there is no back-door. - But would you be able to tell us IF there was one? - No. Poggers - We never heard of Tempora, what is that? - We never parcipitated in Tempora like program. NSA backdoor confirmed. Also, they could get some security experts that under outh could check the source code for any backdoors. EZ. I mean, they must have employees that have signed some paperworks to not reveal trade secrets, right? What's the problem to have some security experts look through your stuff under the same legal binding and then report back whether they found out something suspecious?

Its SE-Linux, security enchanged linux. NSA uses this. It was introduced to kernel in 2000's

“Judicial authorization” or “lawful requisition” does not imply actual legality.

It is an intelligence test, lady. And you just failed. 5:37

There are backdoors in processors, the NSA already has what they want.

Just found out about Intel ME. Everything is vulnerable.

If you want to see backdoors , connected the host to an vpn network and lunch tcpdump on the gateway , it’s amazing what you will discover especially windows a lot calls back home

I'm a software engineer. The reason why proprietary software doesn't have back-doors is very simple, they're written so poorly that they don't need it. A toddler could've access to most proprietary software in mere minutes. Proprietary code is written by frustrated and stressed developers being micromanaged by a tech illiterate baboon. Open source code is written by relaxed developers, that want to write some honorable clean code. Open source is the way to go!

Backdoor aka "remote servicedesk from the internet"

"Going back to intercourse..." (1:38) Only words spoken by a government official I would recommend for everyone!

There are more back doors into your linux pc than there are in windows. Thanks fedora and system d for paving the way!