[arch-general] Package signing (was: Arch Linux security is still poor)
Linas
linas_fi at ymail.com
Thu Mar 18 22:17:45 CET 2010
Myra Nelson wrote:
> There is one last problem with trust that no one can cure. You either
> trust
> the devs or you don't. This is illustrated by a classic quote from Ken
> Thompson
>
> "The moral is obvious. You can't trust code that you did not totally create
> yourself. (Especially code from companies that employ people like me.) No
> amount of source-level verification or scrutiny will protect you from using
> untrusted code. In demonstrating the possibility of this kind of attack, I
> picked on the C compiler. I could have picked on any program-handling
> program such as an assembler, a loader, or even hardware microcode. As the
> level of program gets lower, these bugs will be harder and harder to detect.
> A well installed microcode bug will be almost impossible to detect." From
> this article http://cm.bell-labs.com/who/ken/trust.html
> .<http://cm.bell-labs.com/who/ken/trust.html>
>
> Myra Nelson
>
Right.
That's what I referred to when I began the mail with
>First off, there's an implicit level of trust on the package software,
>nomatter which OS you use...
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
More information about the arch-general
mailing list