At this year’s LinuxCon held in New Orleans, Linus Torvalds and fellow kernel developers were asked whether they’d been approached by US security services to put a backdoor in Linux, thus compromising the operating system’s security, The Register reports.
Linus responded to the question by saying no whilst at the same time nodding his head, thus indicating that he had been approached. He then resumed by completely denying any approach had been made. This was followed by another developer saying that such things couldn’t be discussed. Linus’ reaction is reminiscent of the reserve Marissa Mayer, CEO of Yahoo, on the NSA‘s Prism programme because any mention of it could be “treason”.
Rumours of backdoors and other forms of hidden access routes in operating systems such as Microsoft Windows and security protection products have been in circulation for years. These rumours have been given a fresh lease of life following the recent revelations by NSA whistleblower Edward Snowden.
Linus’ and the other developers answers have not exactly cleared the air as to whether Linux is as secure an operating system as its users are likely to believe. As The Register article points out:
Worried netizens have become far more paranoid about the possibility of backdoors in the technology they use and this paranoia extends to both closed-source and open-source software.
However, it is pointed out by The Register that security service agents who are rebuffed by developers then tend to leave them alone.
Finally, there’s one point to consider: in open source anyone with the requisite skill is free to examine the code, modify and adapt it. On that principle, wouldn’t it therefore be more difficult to hide vulnerabilities and backdoors in open source products than closed, proprietary software?