[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Revival of the signed debs discussion

Henning Makholm <henning@makholm.net> writes:

> Scripsit Goswin von Brederlow <brederlo@informatik.uni-tuebingen.de>
> > There is no security as strong as many people reading the source over
> > and over. You can't hack their brains to skip over the backdoor code
> > and you can only obfuscate a backdoor so much.
> I refer you to Ken Thompson's Turing award lecture. If someone who
> really means business manages to compromise binary toolchain debs, all
> the hackers in the world reading source over and over will not find
> the backdoor.
> (And "toolchain" here includes all code that is even marginally
> involved in the process leading to itself being recompiled. Libc,
> kernel images, lilo, dpkg, debhelper, perl, etc etc).

But their source is already secured by the same means.

One can maintain and update a debian system from source alone so one
only has to trust the peer reviewing of sources. Compromised binary
deb archives can be avoided.


Reply to: