Re: Secure Transactions

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 01.09.2014, jd1008 wrote: 

> As I said, the caveat of all add-on is that they are just as mysterious
> with respect to their actual content as FF itself - and for that matter,
> Windows and Linux and Unix/variants, are just as mysterious. I say this
> because even with open source software, does anyone really have the
> time (AND THE KNOW-HOW) to identify malware in opensotource?

It's all about trust and your thread model. There are no guarantees,
as you just explained why. You can review the suspicious code
yourself, and if you're not able to do so, you have to trust others.
There is no 100% security.

> Tens or perhaps hundreds of millions of lines of code (including all
> the apps and libraries). Who is going to do this kind of sanitization??

The community which develops the respective piece of software. Most
open source software is not a solo-project, especially not the big
ones. Look at the kernel itself: there are thousands of volunteers
which contribute, and every piece of code is posted on a mailing list
in order to be reviewed by others. This is no guarantee either,
but an actual review of the code.

> I posit that if there is an honest to truth company that can do this
> (sanitize all open source SW of Linux), would and could charge arms
> and legs for such a product.

Please repeat with me: "there is no 100% security"  ;-)

-- 
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org




[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux