Focusing on SELinux is irrelevant to most threat models anyways. Nobody cares about some random guy with a SecureBlue desktop used mainly for personal reasons.
For Americans: If you are NOT a foreign agent residing inside or outside the United States, you have less to worry about from the NSA. I argue that if you’re some random joe, the NSA will not target you and legally can’t under FISA. That law sets clear limits on what type of surveillance can occur. The mass bulk collection efforts conducted by the NSA at that time consisted of incidental collection of American data, which was clearly illegal and stopped. While we don’t know if similar programs remain, what we do know is that there is significantly more oversight over whether these data collection methods include the personal data of Americans since the Snowden leaks
Unless you have a threat model similar to Edward Snowden or Chelsea Manning, you are most definitely not a foreign agent. You are ironically safer from NSA surveillance being in the United States. Worry more about Google or the FBI.
It’s not. Sam Bent’s whole point is that NSA = Bad therefore anything made by them is bad.
SELinux did originate from the NSA, and was turned over to the open source community. At this point, we might as well stop using Tor and the Internet because they started as Department of Defense research projects.
Remember that the NSA is not exactly a “surveillance” organization but a signals intelligence organization (SIGINT). They are concerned with both acquiring foreign intelligence and protecting American intelligence. Hence why they developed the projects that would become SELinux, there wasn’t a common access control standard for Linux servers yet. They needed it during the 1990s and handed it over for everyone to develop it further. There is no evidence that SELinux is a backdoor.