[CentOS] Can we trust RedHAt encryption tools?
m.roth at 5-cent.us
m.roth at 5-cent.us
Tue Jan 7 14:04:51 UTC 2014
John Doe wrote:
> After all the news about backdoors, "planted" bugs or weakened standards
> in apps, in routers, hardware firmwares, etc... these days, can we trust
> anything?
> Can we trust the bios?
>
> Can we trust the compiler not to stealthily inject a backdoor in the
> compiled version of a clean code?Given that most entries from the The
> International Obfuscated C Code Contest (http://www.ioccc.org/)
One thing on the positive side: the last few months, I think a *lot* of
folks are eyeballing this stuff, specifically looking for issues, and
probably some are going back to things that they said "I dunno... but I'll
come back to look at this someday". I *suspect* that within about six
months, it'll be as relatively safe as it was maybe 10 years ago.
Of course, we'll need some wakeup call to look at it all again in 10
years. In the meantime, I think things are getting safer, relatively.
Hmmmm, speaking of BIOS, wonder if this will impact the push for UEFI....
mark
More information about the CentOS
mailing list