[simoncion]

> Can a person who does not trust the NSA trust products they paid for?

Remember a couple of things:

* The NSA relies on SELinux as a part of their internal computer security system. (However, as the NSA document leaks reveal, even the best system fails when poorly configured!)

* Both SELinux and Tor are open source software, developed in the open. It's not unthinkable that there's a problem with the design of the software of either project, but the commit history and mailing lists of both projects are available for public perusal and audit.

* Well regarded security researchers have looked at both Tor and SELinux and declared them to be reasonably well designed systems that do what they say on the tin.

Anyway. If the NSA involvement really squicks you out, there's always either Grsecurity and PaX [0] or AppArmor [1]. Grsecurity is primarily developed by Brad Spengler. PaX is developed by an anonymous cabal known as PaX Team. [2] AppArmor has been developed by Canonical (the Ubuntu guys) since ~2009.

[0] https://en.wikipedia.org/wiki/Grsecurity

[1] https://en.wikipedia.org/wiki/AppArmor

[2] AIUI, it is the PaX Team's refusal to identify themselves that prevents Grsecurity and PaX from ever being merged into mainline Linux.

[jlgaddis]

> The NSA relies on SELinux as a part of their internal computer security system.

And DISA STIGs (e.g., for RHEL) require SELinux to be enabled and enforcing.

[simoncion]

Man, those STIGs are both a blessing and a curse for defense contractors.

A blessing, 'cause if your system is configured as per the STIG, there's not a damn thing the auditors can say when they roll through.

A curse for many folks deploying a Linux system, 'cause if your particular variant of Linux doesn't have a STIG, -regardless of how similar it is to one that does- IME there's next to nothing you can do to get an auditor to approve the hardening work you've done.