Merit argument: the real issue. 1529

https:--www.fsf.org-news-freebios.html

Got Linux to boot
Ok, I finally got Linux to boot on my system. Had to find a third party...

But, actually, it doesn't. People have attempted to insert trojans into the Linux source code, and they've failed. (I know, a successful insertion would, by definition, remain undetected. But by the same logic, we don't know of a *any* failed trojan attempts with, say, Windows XP.)

There are degrees and principles involved. Even if *you* don't know anything about automobile maintenance, buying a car that you can open the hood on means you *can* service it yourself if you want to learn, or at the very least you can take it to someone besides the dealer to service it.

It's not black-and-white like you imply. It's not 'software is either malicious or totally trusted'. It's actually just common sense. Which is more likely to be trustable - a system where you have the source code, or one where you don't?

I know, Ken Thompson showed that you could create a malicious compiler that had hidden security problems not seen in the code. How fortunate that there's more than one compiler available. Intel has one, there's even Open Watcom, tcc, etc. In this as in other areas of security, diversity breeds strength.

-- Sincerely,

Ray Ingles (313) 227-2317

"Character is taught at home, but not by a purple dinosaur or a big yellow bird." - Jacob White

Linux | Previous | Next

Got Linux to boot

Linux Advocacy from Newsgroups

The #1 Usenet Provider on the Internet

Merit argument: the real issue. 1528

PLEX86 x86- Virtual Machine (VM) Program


	CVS \| Mailing List \| Download \| Newsgroups

		Merit argument: the real issue. 1529 https:--www.fsf.org-news-freebios.html Got Linux to boot Ok, I finally got Linux to boot on my system. Had to find a third party... But, actually, it doesn't. People have attempted to insert trojans into the Linux source code, and they've failed. (I know, a successful insertion would, by definition, remain undetected. But by the same logic, we don't know of a any failed trojan attempts with, say, Windows XP.) There are degrees and principles involved. Even if you don't know anything about automobile maintenance, buying a car that you can open the hood on means you can service it yourself if you want to learn, or at the very least you can take it to someone besides the dealer to service it. It's not black-and-white like you imply. It's not 'software is either malicious or totally trusted'. It's actually just common sense. Which is more likely to be trustable - a system where you have the source code, or one where you don't? I know, Ken Thompson showed that you could create a malicious compiler that had hidden security problems not seen in the code. How fortunate that there's more than one compiler available. Intel has one, there's even Open Watcom, tcc, etc. In this as in other areas of security, diversity breeds strength. -- Sincerely, Ray Ingles (313) 227-2317 "Character is taught at home, but not by a purple dinosaur or a big yellow bird." - Jacob White Linux \| Previous \| Next



		Got Linux to boot Linux Advocacy from Newsgroups The #1 Usenet Provider on the Internet Merit argument: the real issue. 1528