3

The file speck.ko can be found in /lib/modules/4.18.1-041801-generic/kernel/crypto and it was built by the NSA (added since Linux Kernel 4.17).

I really want to remove this thing from my computer. If I see it in the /crypto folder, does it mean it is enabled by default and used somehow?

sunwarr10r
  • 1,395
  • 4
  • 16
  • 33
  • Blacklist that module to remove it, let find that article – George Udosen Aug 21 '18 at 08:02
  • 3
    I don't know how any privacy conscious open-source dev can think that NSA, world's biggest anti-encryption spy agency lets people use an encryption developed by them without any backdoor. It's sad that they succeeded including it in Linux, world's most famous open-source project used heavily by privacy advocates. – HattinGokbori87 Aug 21 '18 at 08:09
  • 2
    @HattinGokbori87 it baffles ones imagination how adding that module will help us, but I guess money has powers :-(! – George Udosen Aug 21 '18 at 08:17
  • 2
    Possible duplicate of [How to blacklist kernel modules?](https://askubuntu.com/questions/110341/how-to-blacklist-kernel-modules) – George Udosen Aug 21 '18 at 09:27

1 Answers1

3

This can be done in two ways:

  1. Via the /etc/modprobe.d/blacklist.conf file

    • Create that file (if it does not exist) and add the following line into it:

      blacklist CONFIG_CRYPTO_SPECK

    • Note: They might make it dependent on another module hence it will load regardless, so the workaround is to add the line in this way rather than how it is written above:

      install CONFIG_CRYPTO_SPECK /bin/false
      • This force the module to always fail loading and will effectively blacklist that module and any other that depends on it SO TAKE NOTE.

    • Then reboot.

  2. Via command line:

    • Simply add this to your bootloader's kernel line

      module_blacklist=modname1,modname2,modname3
# or
modprobe.blacklist=MODULE_NAME
      • NOTE: When you are blacklisting more than one module, note that they are separated by commas only. Spaces or anything else might presumably break the syntax.

    • Then boot as normal and the module should not be loaded.

  3. TIP:- From man modprobe I see the -b option which you can use after finding the name via lsmod:

    sudo lsmod
sudo modprobe -b <name_of_module>

Sources:

https://itsfoss.com/nsas-encryption-algorithm-in-linux-kernel-is-creating-unease-in-the-community/?utm_source=newsletter&utm_medium=email&utm_campaign=nsas_controversial_algorithm_video_player_and_other_linux_stuff&utm_term=2018-08-20

https://wiki.archlinux.org/index.php/Kernel_module#Blacklisting

George Udosen
  • 35,970
  • 13
  • 99
  • 121