"All he wants to know is that he's putting potentially buggy,
late-night-coffee-build, eat-your-data-alive packages on his computer
BUT that if he loses data it will be to a devel problem and not some
cracker."
Mmm....I do this all the time with Windows software.
They still crack Windows with perfectly signed packages from Microsoft.
I do not see signatures as such a big deal, therefore as they have not
really impacted code security of Microsoft products.
In FACT, I do not see how signing binaries helps really in dealing with
secure code for end users.
I get perfectly crackable code, with authentic Microsoft PGP keys in
every service pak update for Windows 2000 for example...and XP.
Signed by Microsoft and of course, Doesn't Mean Jack. The best a
signed package can do is tell you where it is from. But, it doesn't
make your code any less crackable or any more secure.
If you believe that, then your a fool. Code should be suspicious by
default, and if you can't look at it, don't install it.
Works everytime for myself anyway. By looks I mean of course a
procedure that allows you to look which usually is running said code
first on a secured platform, watching what it does on the net while it
is running and of course, doing a profile and looking at what code it
spends the majority of its time executing.
Unfortunately, I am sorry to say, by end user I do not mean Mary in
Accounting. I mean hired Systems and Network Admins.
In the US, the typical admin or network guy doesn't know jack about
code. A sorry state of affairs that I am sure out sourcing will fix
quickly in the next 3-4 years, thank goodness. Then we will have only
the die hards left with initmate code knowledge in IT departments that
can properly deploy software for end users like Mary in accounting.
I assume we will push Windows out to the edge along with other
propritary binaries so that IT departments run on core open source
code. Right now that is a dream....but it will be a reality very
shortly after we conquor the desktop.
The only thing that I know of that can make a difference in code
security is actually being able to look at it, understand it and fix
it. If we take for a given, that software development is buggy with
either closed or open source products then we have a basis for improving
the situation by giving the source code and build tools away with the
application so users can perform there own security checks if they wish,
according to their own exhaulted standards.
That is the promise of Open Source Software. That is where the REAL
security begins, with the SOURCE CODE.
Which is why closed proprietary binary software will NEVER be as secure
as Open Source Software.
So I do not think signed keys are all that important given the history
of signed packages transporting crackable code all over the place. If
people would use practical deployment procedures, we wouldn't need
signed packages for Linux in the first place.
Not something many would like to hear, but I think security in general
has not improved in computing because we have all of these not required
methods that make us THINK the code is safe (i.e. Oooo...the package is
digitally signed so its OK....), but in reality do not address the
primary issues of why executables are a risk....lack of source code.
IMHO.
-gc
Rodolfo J. Paiz wrote:
On Mon, 2004-10-25 at 14:46 -0400, Ricardo Veguilla wrote:
I can't believe you are making this argument.*You* "forced" yourself
when *you* decided to use an unsupported beta.
For the love of Pete, people, chill a little. You're arguing against
something that Mat� NEVER SAID, damn it.
All the guy said is that he's happy to use a test version, fully
understands his risks and has taken appropriate precautions, BUT feels
that not signing the Rawhide RPM packages exposes him to the small, but
greater than zero, risk of someone tampering with a package hosted on a
mirror somewhere. He seems to feel that this is a small but unnecessary
risk that could easily be avoided by simple additional security measures
which would improve the status quo and which have not been taken.
All he wants to know is that he's putting potentially buggy, late-night-
coffee-build, eat-your-data-alive packages on his computer BUT that if
he loses data it will be to a devel problem and not some cracker.
Beating the hell out of him for using test versions isn't doing *ANYONE*
any good... reread his post on what he does to keep his data safe, how
he runs his systems, and how long he's been running beta OS releases,
and he *clearly* is doing this will full knowledge and acceptance of the
risks involved.
Read the posts carefully. Argue intelligently and coherently. Or be
quiet. Not just Ricardo, either... there were a couple other "you're not
fit to run Rawhide" posts which were no more intelligent.
Sheesh.