[GLLUG] Am I over-reacting to this?
Nix
nix at esperi.org.uk
Fri Jan 17 00:54:01 UTC 2014
On 15 Jan 2014, John Edwards uttered the following:
> On Wed, Jan 15, 2014 at 09:12:29PM +0000, James Courtier-Dutton wrote:
> <snip>
>> Also, Canonical have root access to all Ubuntu Linux installs. After
>> all, who compiles all the binaries, when you install Ubuntu Linux.
>
> Why pick on Canonical? The same holds true for any binary distributed
> operating system.
True enough.
> Even compiling from source does not give you 100% safety, because you
> then need to trust the C compiler (see Ken Thompson).
You can reduce the degree of trust arbitrarily far by using more than
one compiler, ideally but not necessarily with distinct development
histories: <http://arxiv.org/pdf/1004.5548.pdf>.
> Bruce Schneier is currently cataloging the various backdoors used by
> the NSA on his blog at https://www.schneier.com/
They hvae fabulous names. SOUFFLETROUGH! JETPLOW! DEITYBOUNCE!
--
NULL && (void)
More information about the GLLUG
mailing list