[CentOS] Can we trust RedHAt encryption tools?

Eero Volotinen eero.volotinen at iki.fi
Tue Jan 7 15:47:15 UTC 2014


Just audit the source code...
7.1.2014 16.42 kirjoitti "Steve Clark" <sclark at netwolves.com>:

> What about selinux - wasn't that originally done by the NSA?
>
> On 01/07/2014 09:04 AM, m.roth at 5-cent.us wrote:
> > John Doe wrote:
> >> After all the news about backdoors, "planted" bugs or weakened standards
> >> in apps, in routers, hardware firmwares, etc... these days, can we trust
> >> anything?
> >> Can we trust the bios?
> >>
> >> Can we trust the compiler not to stealthily inject a backdoor in the
> >> compiled version of a clean code?Given that most entries from the The
> >> International Obfuscated C Code Contest (http://www.ioccc.org/)
> > One thing on the positive side: the last few months, I think a *lot* of
> > folks are eyeballing this stuff, specifically looking for issues, and
> > probably some are going back to things that they said "I dunno... but
> I'll
> > come back to look at this someday". I *suspect* that within about six
> > months, it'll be as relatively safe as it was maybe 10 years ago.
> >
> > Of course, we'll need some wakeup call to look at it all again in 10
> > years. In the meantime, I think things are getting safer, relatively.
> >
> > Hmmmm, speaking of BIOS, wonder if this will impact the push for UEFI....
> >
> >            mark
> >
> > _______________________________________________
> > CentOS mailing list
> > CentOS at centos.org
> > http://lists.centos.org/mailman/listinfo/centos
> >
>
>
> --
> Stephen Clark
> *NetWolves*
> Director of Technology
> Phone: 813-579-3200
> Fax: 813-882-0209
> Email: steve.clark at netwolves.com
> http://www.netwolves.com
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
>



More information about the CentOS mailing list