On Fri, Jun 15, 2007 at 06:34:22AM +0100, William Pursell wrote: > Douglas Allan Tutty wrote: > >On Thu, Jun 14, 2007 at 03:22:11PM -0600, Telly Williams wrote: > >> I was going to use an SE Linux mailing list for this, but, figured I'd ask on this list first, figuring that I may have a better chance of > >>not getting a biased answer. > >> > >> I've heard all of this "talk" about how secure SE Linux is. However, how secure can this thing be if it has been developed by the NSA? I > >>mean, wouldn't THEY know how to get into your computer? And, it's the NSA! If this question sounds elementary, it's because I'm still > >>learning how to secure my computer(s). I'm not a nihilist, just a little skeptical of how secure SEL is in reality (and the NSA). Thanks. > >A reasonable question. Unless you write your whole OS yourself, you have to trust someone. > > Even if you write the OS, you have to trust the hardware > manufacturers. If you construct your own hardware, you'll > need to make sure that you are personally attaching > every component to each card. You'll also have to design > the chips, verify the firmware, etc, etc, ad nauseum. You > have to rely on people you don't know. There's > no way around it. Also, with FLOSS just like Nixon said "trust but verify". FLOSS folks just don't take anyones word for it, the have the source and thus can verify what it does. And what if some "J. random hacker " made it? Would it be any more or less trustworthy? -- | .''`. == Debian GNU/Linux == | my web site: | | : :' : The Universal |mysite.verizon.net/kevin.mark/| | `. `' Operating System | go to counter.li.org and | | `- http://www.debian.org/ | be counted! #238656 | | my keyserver: subkeys.pgp.net | my NPO: cfsg.org | |join the new debian-community.org to help Debian! | |_______ Unless I ask to be CCd, assume I am subscribed _______|
Attachment:
pgpc8DekYuUQj.pgp
Description: PGP signature