Rowan Thorpe

I will try to answer these, and hope someone corrects any potential innaccuracy:

what’s red?

There is a comment there saying “see deep-dive for details” so the red-highlight caveat is likely explained there.

what’s the globe icon?

My assumption is that icon just indicates Free/Open-Source projects which have no “owning company” (not “based” anywhere), just globally scattered contributors.

how come some products marked not majority EU owned have the EU flag?

My guess (merely a guess) is that those are run by EU-based companies, but which don’t have a solid policy guaranteeing “majority of shareholders are in the EU” (…?)

Having not heard of this one, I was curious so checked some sites about it, like:

https://www.reddit.com/r/linux4noobs/comments/kd0yml/does_the_nsa_have_a_backdoor_to_linux_this/

https://www.theregister.com/2022/02/23/chinese_nsa_linux/

https://www.bleepingcomputer.com/news/security/nsa-linked-bvp47-linux-backdoor-widely-undetected-for-10-years/

My quick impression from those seems to match what was said by some commenters on the FreeBSD forum - https://forums.freebsd.org/threads/nsa-linked-bvp47-linux-backdoor-widely-undetected-for-10-years.84258/

msplsh: This looks like an implant that opens a backdoor, not an intrinsic backdoor built into the OS.

and:

sko: From el reg: To us it seems whoever created the code would compromise or infect a selected Linux system and then install the backdoor on it. So if someone already gained privileges to install anything on one of your machines, it doesn’t matter what it is - this host is compromised and has to be nuked from orbit.

So, unless I’m missing something this is not really about “the Linux kernel devs being compromised by NSA” as much as the endless list of Windows-targetting malware is not about “the NT kernel devs being compromised by NSA”.

For those who might skip this video thinking it will be in French which they don’t speak, it is actually in English.

…and you just gzipped it.