Re: Can we trust RedHAt encryption tools?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

On 1/9/2014 1:27 PM, Kanwar Ranbir Sandhu wrote:
> I think everyone should assume the entire ecosystem is compromised and
> shouldn't trust anything.  Code should be reviewed and bugs/weaknesses
> removed IMMEDIATELY.  The problem is obviously not everyone is a
> programmer and not everyone will have the knowledge to understand how to
> fix/improve the security issues.  Of course, some software is still
> good, but who's going to verify that and when?  If you don't use free
> software, you're a goner because now you have no ability whatsoever to
> audit the code!

I've programmed for 40 years, and I don't understand encryption 
algorithms nor can I evaluate their strengths and weaknesses.   I know 
very few programmers who can.  None personally, in fact.







-- 
john r pierce                                      37N 122W
somewhere on the middle of the left coast

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux