It is striking that such a backdoor in seemingly safe OSs like Linux and FreeBSD, is nearly completely unknown one year after the revelation. No social media outcries, no mention on the TV, no debates, no comments from people like Torvalds and Stallman (though I by no means imply they were direcly involved).
The reason why is remains a "secret" is that the whole matter is deeply, deeply political.
We are amidst a new Cold War -this time between the US and China. The sole purpose of this backdoor could be exactly to spy on the Chinese government or corporations.
Yet we all know that the NSA would not limit the use of the backdoor to that.
Linux is not a "safe" operating system by any stretch of imagination. The only saving grace is the fact Linux users are not profitable to malware authors due to very low market share. Still, I think it's naive to view it as a secure operating system/kernel because it is not designed nor built for that goal explicitly. OpenBSD on the other hand is a worthy contender against a determined adversary and is developed by skilled and highly paranoid people.
Having managed just about every OS I have learned to see it a little differently. Rather just about every OS can be hardened to the point of being secure but each OS and each iteration of said OS will have different default kernel compile options, admin configurable settings, kernel tuned settings that vary the amount of "friction" the end user is meant to experience. Even Windows NT had more security controls than Linux and BSD combined mostly pilfered from VMS but the defaults were opened up to minimize friction for businesses. Windows XP, Linux, MacOS reduced friction even further to improve adoption by developers and end users alike, to a fault. Not just security but also memory management behavior. Windows Linux and Mac allow over-committing memory by default to improve adoption by people early in their development career. So I guess what I am trying to say is that people have decided they will trade in friction for usability and thus has resulted in a myriad of gaping holes by design. Each OS have tools to harden them as far as one wishes to go. The BSD community have accepted that they will endure a little more friction by default and I can respect that.
I've read Richard's blog (his "political notes") and I come away with a feeling that his extreme politics at the very least clouds his thinking, if not directly influences it.
The end result is he carefully picks and chooses topics for which he is passionate about (in the context of computing and 'software freedom') nearly right up and down party lines.
Once upon a time a basketball player had both a gambling addiction and
a mistress addiction. No news reports on both issues due to the
fact that said player controlled sports reporter access to him.
News not covered never ever has to do with politics no matter what side it has
to do with access to the subject being controlled.
Aha Aha, I got the verbatim info from the sports reporter, he is now dead for over a decade, and the player I refer to is MJ of the Bulls.
The reason why is remains a "secret" is that the whole matter is deeply, deeply political.
We are amidst a new Cold War -this time between the US and China. The sole purpose of this backdoor could be exactly to spy on the Chinese government or corporations.
Yet we all know that the NSA would not limit the use of the backdoor to that.