On TechRepublic: Linux desktops have tanked: Get over it
BNET Business Network:
BNET
TechRepublic
ZDNet
TalkBack 7 of 70:
Next »
« Previous
"not" Trusting trust is the starting point for security
"Further he implies that all the professionals in the military and defense industry would blindly use it for mission-critical programs without addressing security concerns! His reference to Ken Thompson?s backdoor in Unix ignores the difference between a binary versus source."
-- Dr. Inder Singh, CEO of Lynuxworks

The whole point of Thompson's scenario was that the backdoor was included into the OS without it being included in the source. It was ultimately the compiler that was attacked to inline the exploit when the source file was compiled without requiring the exploit's source to be listed.

The point of the example was that you really need to think through exactly what you can trust. The NSA and DISA knows this and would start with a trusted compiler to compile the reviewed OS source. Less than that and you get what you get ... a single needle in the haystack of object code can be there without your knowlege. MS has the same problem in their OS, remeber hackers were in their Source code control system for the better part of a year ... GNU too!
Posted by: oldskool   Posted on: 05/09/04 You are currently: a Guest | Members login | Terms of Use
Reply to Story No further replies to this post will be accepted.

Alert moderator to an offensive message

Subscribe to this discussion via Email or RSS

LET THE PUBLIC FLOGGING BEGIN!!!  Valis Keogh | 05/08/04
slap on the wrist  stephen732@... | 05/08/04
Slap him somewhere else!  StorageGuru | 05/08/04
Restitution? Where's the restitution from Redmond for such shoddy software?  Plain Logic | 05/09/04
OH REALLY... GET THE FACTS: http://www.ghs.com/news/20040503_retrofit.html  Da-Man | 05/09/04
BAD example.  doe_z | 05/09/04
"not" Trusting trust is the starting point for security  oldskool | 05/09/04
And it should  StorageGuru | 05/09/04
Lesson: Don't Use A Toy OS  claytonmuhler | 05/09/04
Well, well, well... Seems some folks are having crow for supper.  No_Ax_to_Grind | 05/08/04
I'll take mine COLD  Jeff Spicoli | 05/08/04
Who said it?  No_Ax_to_Grind | 05/08/04
Uh-oh. Better watch out what you say!  Linux_Developer | 05/09/04
Posting  samp_z | 05/10/04
More of "Whoi said it".  No_Ax_to_Grind | 05/08/04
More of "Who said it".  No_Ax_to_Grind | 05/08/04
what, ax, you got some kinda database  V Sanders | 05/09/04
Naw, just a good memory.  No_Ax_to_Grind | 05/09/04
Remember MS announced they log every post on the net  oldskool | 05/09/04
But this makes Microsoft look like the village idiot.  DonnieBoy | 05/09/04
Go to bed  trojanhorse | 05/09/04
Why don't they set up a  michael-t | 05/08/04
Fear  in-DUH-vidual | 05/08/04
It's just a huge  michael-t | 05/08/04
Jealous???  No_Ax_to_Grind | 05/08/04
Hardly  in-DUH-vidual | 05/09/04
Because... having many individuals contribute to a product ...  Plain Logic | 05/08/04
Leads to barely "good enough".  No_Ax_to_Grind | 05/08/04
But that's MS's mantra  Rick_K | 05/09/04
The truth is,,, can you handle it?  No_Ax_to_Grind | 05/08/04
I think a much better question: CAN YOU??  Jeff Spicoli | 05/09/04
Do us both a favor...  No_Ax_to_Grind | 05/09/04
That would be much easier..  Jeff Spicoli | 05/10/04
You don't know what the he11 you are talking about.  trojanhorse | 05/09/04
OH REALLY, another ****** without the FACTS!  Da-Man | 05/08/04
Thought it was about MS security........  pj-xmesh | 05/09/04
Message has been deleted.  Da-Man | 05/09/04
Message has been deleted.  pj-xmesh | 05/09/04
The "facts"  Linux_Developer | 05/09/04
FACTS? Where are they?  Richard Flude | 05/09/04
Woo hoo hoo!  Linux_Developer | 05/08/04
Remember kids, the first rule of virus/worm club is....  Spin_Masterz | 05/08/04
Going to the 'Big House'  Enterprise Analyst | 05/08/04
(NT) So how many job offers will the kid get ???  Plain Logic | 05/08/04
"Bubba" will make an offer he can't refuse.  No_Ax_to_Grind | 05/08/04
zero  V Sanders | 05/09/04
The kid already sold the book/movie rights. A millionaire has been born.  Plain Logic | 05/08/04
Hmmm, money in prison. I don't think so.  No_Ax_to_Grind | 05/08/04
Hey, He was a minor at the time - will likely 'walk'.  Plain Logic | 05/09/04
I bet he does more time  V Sanders | 05/09/04
Why not commit another $5 million  bidemytime | 05/08/04
wow - that could work  V Sanders | 05/09/04
Message has been deleted.  Da-Man | 05/08/04
interesting  toadlife | 05/09/04
I call BS  Linux User 147560 | 05/10/04
Oh, boy...  Martin Marvinski | 05/09/04
Sorry, but probation & 'community service' more likely.  Plain Logic | 05/09/04
recognised development  pj-xmesh | 05/09/04
Plea bargaining  Anton Philidor | 05/09/04
people bust people...  V Sanders | 05/09/04
Which Zdnet poster was it?  FilledOut | 05/09/04
Computers Seized...  Da-Man | 05/09/04
Microsoft investigators?  bjbrock | 05/09/04
This is not a competition. MS endangered...  bjbrock | 05/09/04
How do I become an IT professional?  owenus33 | 05/09/04
How to become an IT professional  ejhonda | 05/09/04
lol  eLurker | 05/10/04
Money to be made in virus writing...  km4hr@... | 05/10/04
Is windows an Attractive Nuisance?  msalomon | 05/11/04
Look2me, zestyfind, and coolwebsearch are more dangerous  msalomon | 05/11/04

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

advertisement
advertisement
  • Smart Tech Expert advice on innovations in healthcare and the green technologies that make it happen. Find out more
  • Smart Business Discussion and advice on management issues that revolve around making your world smarter and more useful. More Smart Advice
  • Smart People The best and worst moves in the management and strategy trenches. Learn More