[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: MIT discovered issue with gcc

On Sat, Nov 23, 2013 at 6:18 AM, Michael Tautschnig <mt@debian.org> wrote:

> This looks very serious indeed, but a quick search of Debian mailing
> lists didn't show anything being acknowledged for this issue.... should
> Debian users be concerned?

Probably not more than before, but as much as always: you are using code that
hasn't be proved to be correct. But with open-source software at least you know
what code you are using, and which bugs are being found.

What I have told people in presentations is that "the only truly secure computer is one that is turned off, unplugged, packed in concrete, and fired into the sun." Any program at a level not very much above Hello World in the language of your choice is likely to have bugs. I mean, you would have to swear off all software, turn off your computers, get rid of your cell phone, etc. At this point, I'm not quite willing to go that far. As Michael said, it's something to be aware of, but not something to keep you awake at night worrying.


Reply to: