NewsForge | Linux kernel to have NSA inside?

Later this month, when Linus Torvalds and the other movers and shakers gather for the Linux kernel summit to map out the development course for Linux kernel 2.5, they'll be hit with a proposed modification from an unlikely party -- the U.S. National Security Agency. There, Peter Loscocco, of NSA's Information and Assurance Research group, will propose a mandatory access control (MAC) architecture for the Linux kernel, a piece of code that could go a long way toward making the Penguin OS the obvious choice for security-minded businesses and government agencies.

But will normally open-minded Linux devotees accept code from America's premier spy agency?

This month, members of the Maryland Columbia Area Linux Users Group (CALUG) got a peek at Security-Enhanced Linux (SELinux), as the modified-by-NSA version of Linux is called. CALUG coordinator Randy Schrickel, who does some consulting for NSA himself, knew a bit about NSA's work. And because NSA's headquarters at Fort Meade is near Columbia, Schrickel called the agency to ask if someone would be willing to come to the group's meeting to talk about it.

Slashdot | NSA Inside? Newsforge has an article covering a talk given by two of the developers working on NSA's security-enhanced Linux. It seems the NSA has plans to offer kernel code to implement mandatory access controls, a level of system control which goes beyond the normal user-based permissions.

Eurorights.org. Eurorights can be described as a virtual organization. The purpose is to provide a resource where members of the public, organizations and interest groups can gather to share information and coordinate efforts to make sure that the public's interest is not forgotten in the current battle over copyright in the digital domain.

Slashdot | Eurorights Launched. "Eurorights is an european open community effort similar to OpenLaw. The main goal is to provide a central european resource to gather information and craft legal arguments to make sure that the upcoming copyright directive in EU does not become a new DMCA."

By Mike Godwin to the Cyberia-L mailing list - Treaty on Cybercrime Sounds Like A Great Idea, Until You Read The Fine Print . This message archived on cryptome.org

Maybe you trust the law-enforcement chiefs in D.C. to do the right thing. But here's the catch. The same new powers given to the United States will also handed over to Bulgaria, Romania, Azerbaijan, and other Council of Europe nations that-although officially democratic now-don't have a strong traditions of checks and balances on police power.

Do you want investigators rummaging around your clients' computer systems on warrants issued by former Soviet bloc nations?

That's the prospect that has pushed AT&T Corporation and other high-technology companies into feverishly trying to stop or at least soften the treaty. The U.S. Chamber of Commerce and Information Technology Association of America also oppose it.

Stewart Baker is one of the chief lobbyists for the treaty opponents. As a former general counsel of the National Security Agency and recipient of the Department of Defense Medal for Meritorious Civilian Service, he's got street cred on these issues in corporate America.

What worries Baker and his colleagues? Consider the following hypothetical: A Los Angeles screenwriter corresponds by e-mail with a neo-Nazi in Germany while researching a script. Shortly after, he finds federal agents examining the files on his home computer. The agents also visit America Online Inc. to retrieve records of the screenwriter's AOL usage.

The agents are fulfilling a warrant issued by German authorities allowing them to search for Nazi propaganda. Such material is unlawful in Germany but not in the U.S. They framed their warrant in terms of "suspected terrorist activity."

Slashdot | Your Rights Online: Reading the Fine Print on the Cybercrime Treaty. Mike Godwin, Former Counsel to the Electronic Frontier Foundation and author of Cyber Rights writes about a new international treaty on cybercrime known as the "Convention on Cybercrime."

CNN.com - Sci-Tech - U.S. security chief vows to fight cyberterrorism.

Agencies that have increased efforts to improve their security systems do so for one of two reasons, he said. "They've either been attacked badly by someone on the outside, or they've been attacked badly by the Congress."

Americans need to realize the importance of protecting government computers that hold personal information such as tax, criminal and military records, Clarke said.

"We have a positive obligation to protect the privacy of those records, and that means we have to have security," he said. "Without security, there is no privacy."

Political News from Wired News - Use a Spam, Go to Prison. A congressman wants to ban spam with concealed routing information. Also: A culture clash with Europe, VeriSign's signature problems, an intellectual property position, and medical privacy regs are faulty, all in Declan McCullagh's D.C. notebook.

[ ... ]

This time around, instead of making it a crime to spam, Goodlatte has decided to amend existing law to ban spamware, but since the bill is worded so broadly, it might imperil other programmers instead. That's not a surprise: Software is flexible stuff, and it's tricky to ban some applications without going too far. Other potential problems include that Goodlatte's bill can't remove spamware hosted overseas and could run afoul of the First Amendment.

Wired News Radio (mp3 audio) - When the Spam Hits the Fan. Spammers could be in for a whole heap of trouble if a new bill goes through, but the cost might be more restrictions on the Internet. Also: The ACLU and the American librarians head back to court to fight against new filtering technologies, as Declan McCullagh discusses the latest in privacy laws from New York City. Listen up: Today's MP3 file is 6:23 min.