[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[ale] China chooses FreeBSD as basis for secure OS
On Wed, Oct 13, 2010 at 11:57 AM, Charles Shapiro
<hooterpincher at gmail.com> wrote:
> Sure. All you need is source to the compiler they're using, and you
> only need that once. ?Ken Thompson described it first.
This is an important and under-appreciated point. If you don't audit
every single line of source in the entire system and build everything
from a compiler you wrote yourself by keying it into a front panel,
there are no absolute guarantees of security. Even hardware could
potentially be corrupted in the manner described -- although that
would be really difficult, it's not impossible. And initiatives like
the "Trusted Computing Base" would make it a lot easier.
As an aside, y'all've read Cory Doctorow's "Little Brother", right?
http://craphound.com/littlebrother/
-- JK