Jeremy wrote: ] The moral is obvious. You can't trust code that you ] did not totally create yourself. If any discussion about secure computing platforms goes on long enough, this paper will come up. Its a flavor of Goodwin's law. Goodwindows law? Heh.. Good topic to spin into a pre-Interz0ne rant. I agree with you in your bold, in that having code is not the end-all be all of trustworthy computing bases or anything like that. Some interesting things have been done with polluted compilers as well.. A long time ago, this was my motivation for knowing how to bootstrap a compiler and base OS. I guess that places a fair amount of trust in GNU, OpenBSD, or others, and many eyes making the difference. I attempted to make sure I understood the chain of dependencies necessary to make basic server type functions happen. On a personal computing level, I suck. I own an Apple. For the record, that's giving in, not selling out. I don't care to take the time rolling my own of anything most of the time.. I just want it to work. However, if I ever found proof of my personal privacy trust being compromised by deliberate holes in my hardware or software, I would find myself very, very, very angry about it. Matters of physical security in relation to software/hardware are another matter. Its just as easy, and more likely, to have your hardware compromised physically by any powers who would be powerful enough to pull the strings on deliberate pre placed software holes from vendors like Apple, RedHat, Sun, or Microsoft. The "mad rogue coder with silver bullet" risk is less likely in the public (read: open source) sector by virtue of more review. I'd think so anyway. On the other end of things, you know the feds look over what they use. If an intelligence agency such as the NSA found a serious deliberate hole in a piece of open code, I'd like to think that efforts to see it removed from the mainline branches would be taken, and an investigation started by other agencies to figure out how it got there. The source of such things would be a major concern, in the most general of ways. In that context I'd think that national security would have a larger focus. Keeping a hole secret would only make sense if you were the only one holding the secret, or knew definitively who the other holders were. I'd like to think that our government would not be behind placing deliberate holes as well, but I'm also naive for breakfast. They were fans of key escrow type schemes in the past. Someone _is_ keeping all the major distribution folks on their toes. I think I've seen a news story about "attempted breakins" on just about every major open OS's source distribution site, as well at other key pieces of code. People are aware of and do think about these type of code compromises.. From the perspective of joe hacker. When it comes to trade craft, knowing is half the battle. The other half, ... [ Read More (0.6k in body) ] |