Rahul Sundaram wrote:
Are you seriously trying to imply that the NSA, of all
organizations, never backdoors anything?
They would have to pretty stupid to try to do something like that
with free and open source software.
Was that the straight line for a joke?
No.
There has to be one somewhere, but the point is that we can't possibly
know if they would try something stupid or not - and I usually guess
the worst.
It's not merely a question of belief. The long standing best defense
against trojan horses are open implementations which PGP or SELinux is.
If there is a risk, the risk is definitely higher for proprietary software.
But the NSA would be at least as capable of introducing a hack that you
could examine but not see as Ken Thompson:
http://www.everything2.com/index.pl?node=Reflections%20On%20Trusting%20Trust
I'd expect them to even be able to conspire with the CPU vendors to have
certain undocumented opcode sequences do magical things.
I don't see any reason to trust proprietary software either.
--
Les Mikesell
lesmikesell@xxxxxxxxx
--
fedora-devel-list mailing list
fedora-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-devel-list
