[CentOS] Can we trust RedHAt encryption tools?
John R Pierce
pierce at hogranch.com
Thu Jan 9 21:55:35 UTC 2014
On 1/9/2014 1:27 PM, Kanwar Ranbir Sandhu wrote:
> I think everyone should assume the entire ecosystem is compromised and
> shouldn't trust anything. Code should be reviewed and bugs/weaknesses
> removed IMMEDIATELY. The problem is obviously not everyone is a
> programmer and not everyone will have the knowledge to understand how to
> fix/improve the security issues. Of course, some software is still
> good, but who's going to verify that and when? If you don't use free
> software, you're a goner because now you have no ability whatsoever to
> audit the code!
I've programmed for 40 years, and I don't understand encryption
algorithms nor can I evaluate their strengths and weaknesses. I know
very few programmers who can. None personally, in fact.
--
john r pierce 37N 122W
somewhere on the middle of the left coast
More information about the CentOS
mailing list