Very interesting news about Linux kernel 4.17. It integrates NSA’s ‘controversial’ encryption algorithm Speck for IoT devices. Of course NSA reject any request about opening the code of Speck.
It is important to talk about this because it is possible to disable it, but for instance, Arch Linux turns on Speck module by default.
Question :
Is Purism aware about this module and what will be your decision ? Turn it on or off by default ? What about Simon, the other module that the NSA would like to push into Linux kernel ?
Even if it is enabled in our kernel, having it has absolutely no impact on kernel security - it is not used unless the user explicitly wants to use it for encryption. It’s only actually of use on low-power, low-specs devices, which you clearly don’t have if you run an amd64 CPU.
Sorry maybe I misunderstood, but your second answer suggests that Speck could be integrated into the kernel when the first message did not suggest it and was very reassuring.
Thanks to you, I understand that this kernel is used for IoT or low-spec devices but having a module enabled by default that I don’t need, and knowing that it comes from a very intrusive company worries me a bit.