Re: Revival of the signed debs discussion

To: debian-devel@lists.debian.org
Subject: Re: Revival of the signed debs discussion
From: Henning Makholm <henning@makholm.net>
Date: 02 Dec 2003 15:25:22 +0000
Message-id: <[🔎] 87znebxmvx.fsf@kreon.lan.henning.makholm.net>
In-reply-to: <[🔎] 87iskzices.fsf@mrvn.homelinux.org>
References: <[🔎] 8765h0mzk1.fsf@mrvn.homelinux.org> <[🔎] 20031201235436.GC2936@kitenet.net> <[🔎] 20031202100753.GB3756@mails.so.argh.org> <[🔎] 20031202103643.GA7852@comcast.net> <[🔎] 87n0abifbd.fsf@mrvn.homelinux.org> <[🔎] 20031202123824.GA9340@comcast.net> <[🔎] 87iskzices.fsf@mrvn.homelinux.org>

Scripsit Goswin von Brederlow <brederlo@informatik.uni-tuebingen.de>

> There is no security as strong as many people reading the source over
> and over. You can't hack their brains to skip over the backdoor code
> and you can only obfuscate a backdoor so much.

I refer you to Ken Thompson's Turing award lecture. If someone who
really means business manages to compromise binary toolchain debs, all
the hackers in the world reading source over and over will not find
the backdoor.

(And "toolchain" here includes all code that is even marginally
involved in the process leading to itself being recompiled. Libc,
kernel images, lilo, dpkg, debhelper, perl, etc etc).

-- 
Henning Makholm                                   "No one seems to know what
                                       distinguishes a bell from a whistle."

Reply to:

Follow-Ups:
- Re: Revival of the signed debs discussion
  - From: Goswin von Brederlow <brederlo@informatik.uni-tuebingen.de>

References:
- Revival of the signed debs discussion
  - From: Goswin von Brederlow <brederlo@informatik.uni-tuebingen.de>
- Re: Revival of the signed debs discussion
  - From: Joey Hess <joeyh@debian.org>
- Re: Revival of the signed debs discussion
  - From: Andreas Barth <aba@not.so.argh.org>
- Re: Revival of the signed debs discussion
  - From: Tom <tb.31123.nospam@comcast.net>
- Re: Revival of the signed debs discussion
  - From: Goswin von Brederlow <brederlo@informatik.uni-tuebingen.de>
- Re: Revival of the signed debs discussion
  - From: Tom <tb.31123.nospam@comcast.net>
- Re: Revival of the signed debs discussion
  - From: Goswin von Brederlow <brederlo@informatik.uni-tuebingen.de>

Prev by Date: Re: Backport of the integer overflow in the brk system call
Next by Date: ITP: konversation -- User friendly Internet Relay Chat client for KDE (fwd)
Previous by thread: Re: Revival of the signed debs discussion
Next by thread: Re: Revival of the signed debs discussion
Index(es):
- Date
- Thread