SELinux removed from desktop cd spin?
Les Mikesell
lesmikesell at gmail.com
Wed Jan 23 05:13:59 UTC 2008
Rahul Sundaram wrote:
>>>>>> Are you seriously trying to imply that the NSA, of all
>>>>>> organizations, never backdoors anything?
>>>>>
>>>>> They would have to pretty stupid to try to do something like that
>>>>> with free and open source software.
>>>>
>>>> Was that the straight line for a joke?
>>>
>>> No.
>>
>> There has to be one somewhere, but the point is that we can't possibly
>> know if they would try something stupid or not - and I usually guess
>> the worst.
>
> It's not merely a question of belief. The long standing best defense
> against trojan horses are open implementations which PGP or SELinux is.
> If there is a risk, the risk is definitely higher for proprietary software.
But the NSA would be at least as capable of introducing a hack that you
could examine but not see as Ken Thompson:
http://www.everything2.com/index.pl?node=Reflections%20On%20Trusting%20Trust
I'd expect them to even be able to conspire with the CPU vendors to have
certain undocumented opcode sequences do magical things.
I don't see any reason to trust proprietary software either.
--
Les Mikesell
lesmikesell at gmail.com
More information about the fedora-devel-list
mailing list