[consteval]

I would argue nobody needs to provide an example. IMO, we can assume an action to be taken if:

1. The mechanisms for its existence exist

2. There is motivation of a large enough scale

3. The scale of the actors is large enough

The Linux kernel is very large, and nation-states like Russia are also very large. There is a very high motivation for a backdoor to exist for the Russian government. And the mechanisms are certainly in place to create such a backdoor.

So, I conclude there would absolutely be a Russian backdoor planted, if it isn't already. For the same reasons I conclude Windows probably has multiple backdoors for US agencies.

As a side-note, the scale of the Linux Kernel matters here. It's over a billion lines of code. It's truly trivial to sneak in an exploit and have it never be discovered. You can't prove a negative here - just because we haven't seen an exploit doesn't mean they don't exist. Also, we have found MANY bugs in the Linux kernel. Are they exploits intentionally planted? Virtually impossible to tell. Some bugs have existed for decades before discovery.

You should assume your operating systems already contain many exploits. Thus, we have tools like encryption, firewalls, and trusted repos to protect us anyway.

Note this doesn't mean I support the move. Certainly, any other country could implant backdoors (and probably have already). However, the Linux kernel kind of sort of belongs to the West, and the West kind of sort of has an alliance. So it makes sense why Russia is singled out.

[whimsicalism]

The world is a chaotic and complicated place, you cannot deductively prove things about the world in the manner you are trying. I do not support further securitization based on this style of reasoning. I think we lose more than we gain. If I should assume my OS already contains many exploits, it seems like the risk from Russians is just that they read the source code carefully.

> the Linux kernel kind of sort of belongs to the West,

I don't agree.

[consteval]

I'm not proving anything, I'm assuming, and I think it's a reasonable assumption. My argument is that I don't need proof, so I won't even bother providing it. Based on what I've seen, I can be highly confident there exists backdoors in the Linux Kernel without explicitly having to find those backdoors.

For the same reason, I can be highly confident there is at least one person stealing office supplies at Amazon. And I can be highly confident there are some examples of data theft in automobiles. I just use the same principles as above.

> I don't agree.

Okay. How?

The vast majority of Kernel developers are from the West and live in the West. The kernel was created in the West. Management is in the West. And the majority of large tech companies are Western, so probably the majority of Kernel users are also in the West.

Therefore, the West has a majority control over the kernel, and they have a huge incentive to "protect" it to how they define that. That's that, and we can tell this is the case because it wasn't Russia banning western devs from kernel development, was it?

Also: on the topic of chaos, this is why the "motivation" bullet point exists. If there's no motivation, I can't be sure, due to chaos. Chaos means even things that should happen may not. Motivation, particularly of the financial variety, cuts through the chaos of humanity. I am very confident in asserting that and I think pretty much all of history supports that.