OpenWrt vs Defense positions

[Hauke Mehrtens]

On 5/1/23 21:28, Peter Naulls wrote:
> 
> For those of you who track the small but very real OpenWrt job market, 
> you may have seen there's a creep into Defense/Clearance jobs. Here's 
> but one example:
> 
> https://careers-bluehalo.icims.com/jobs/3844/job
> 
> As a self-declared pacifist (and anyway, dual citizen which would limit my
> ability to get clearance), this is most certainly not for me, but I 
> thought it should be something you guys might want to be aware of.

I check from time to time which companies in the US are looking for 
OpenWrt experts [0] to get an overview who is using it. About 10% to 30% 
of these job offers require clearance. It looks like the US military and 
US intelligence community is using OpenWrt. Once I saw a job offer where 
someone was looking for a person who has experience in writing exploits 
for OpenWrt and DD-WRT in the Washington, D.C. area, this scared me a 
bit, normally I do not have the NSA in my thread model. Someone from BAE 
Systems (largest defence contractor in Europe) was also contacting us at 
OpenWrt some years ago with questions about the license.

I hope that these companies use OpenWrt mostly to provide Internet 
access for their soldiers and it is not part of any real weapon system.
As OpenWrt is now used by many vendors I think the intelligence agencies 
around the world are interested in exploits fro OpenWrt.

I heard a rumor some years ago that one of the biggest OpenWrt 
installation was at the fence between the US and Mexico, but I have no 
prove that this is true.

The GPL and the other licenses used by OpenWrt do not prevent the usage 
by any military or intelligence agency. OpenWrt does not do a background 
check on external contributors. We have contributions from people from 
many countries the US does not like.

Hauke

[0]: https://www.indeed.com/jobs?q=openwrt&l=