[CentOS] C5 : Firefox 38 bug

Fri Jun 12 21:16:16 UTC 2015
jd1008 <jd1008 at gmail.com>


On 06/12/2015 03:05 PM, Valeri Galtsev wrote:
> On Fri, June 12, 2015 3:54 pm, jd1008 wrote:
>>
>> On 06/12/2015 02:32 PM, Valeri Galtsev wrote:
>>> On Fri, June 12, 2015 3:20 pm, John R Pierce wrote:
>>>> On 6/12/2015 1:03 PM, Valeri Galtsev wrote:
>>>>> But the bottom line is the same: in both cases you are executing
>>>>> somebody's else code on your computer.
>>>> your computer is *ALWAYS* executing someone elses code, unless you
>>>> wrote
>>>> every line of code in it, including the BIOS and the firmware of all
>>>> the
>>>> attached devices.
>>>>
>>> Indeed. What was never mentioned in this thread is a chain of trust. The
>>> level of trust to what you get from your system vendor, software vendors
>>> (be they open source or proprietary) may be quite different from the
>>> level
>>> of trust to what you get when clicking on some web link inside some
>>> search
>>> page, or on some website (even if you visit the website often).
>>>
>>> So, it is all about whom and what do you trust, and to what level can
>>> you
>>> afford to trust, and whether you are able to track the software code to
>>> the code origin.
>>>
>>> This all was what I implied when I said that short phrase which may look
>>> ridiculously if taken literally - exactly as you pointed out -, but may
>>> make sense if you take into account the chains of trust involved.
>>>
>>> Valeri
>>>
>> The more you know, the less you trust :) :)
>> Read the article:
>> http://www.kaspersky.com
> Please, don't advertize Kaspersky here, especially when we are talking
> about trust. He is KGB guy (is, not was; the only way they retire from
> KGB, CIA, MI-5, and others is dead, feet first dead).
>
> Valeri
I am not advertising, so please do not accuse anyone of this!
Just citing evidence that infiltration of spyware and malware
is far more sophisticated than anyone knew.