On 01/07/2014 09:04 AM, m.roth@5-cent.us wrote:
John Doe wrote:
After all the news about backdoors, "planted" bugs or weakened standards in apps, in routers, hardware firmwares, etc... these days, can we trust anything? Can we trust the bios?
Can we trust the compiler not to stealthily inject a backdoor in the compiled version of a clean code?Given that most entries from the The International Obfuscated C Code Contest (http://www.ioccc.org/)
Yeah didn't Dennis Richie modify the C compiler to insert a backdoor for him when ever the compiler saw login.c was being programmed?
One thing on the positive side: the last few months, I think a *lot* of folks are eyeballing this stuff, specifically looking for issues, and probably some are going back to things that they said "I dunno... but I'll come back to look at this someday". I *suspect* that within about six months, it'll be as relatively safe as it was maybe 10 years ago.
Of course, we'll need some wakeup call to look at it all again in 10 years. In the meantime, I think things are getting safer, relatively.
Hmmmm, speaking of BIOS, wonder if this will impact the push for UEFI....
mark
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos