Re: Announcing Bellcore's Trusted Software Integrity (Betsi) System
- provide accountability by linking the author of a program to a real person whose identity is verified off-line
This is unnecessary, and I would claim undesirable. A unique anonymous ID is just as good as a "real" one -- since you're relying upon PGP anyway, the mapping from signature to a known identity is one-to-one.
The only reason I can see to require this "real human" mapping is to try to prosecute people for bugs in their code or some contamination that seeps into their release.
That's not an aspect of the world I want to live in.
Or to warn potential virus "authors" that *their* anonymity is no longer assured - not a bad thing. Not enough to justify the rest of it, IMHO, but certainly not Evil Incarnate (not to be flinging misinterpretations or aspersions :-) Dave Merriman - - - - - - - - - - - - - - - - - - - - - - - - - - Finger merriman@metronet.com for PGP/RIPEM public keys and fingerprints. Unencrypted Email may be ignored without notice to sender. PGP preferred. Remember: It is not enough to _obey_ Big Brother; you must also learn to *love* Big Brother.
brains@male.org writes:
Or to warn potential virus "authors" that *their* anonymity is no longer assured - not a bad thing. Not enough to justify the rest of it, IMHO, but certainly not Evil Incarnate (not to be flinging misinterpretations or aspersions :-)
Certainly not enough to justify the rest: Can you name one example of an author of a package including some virus? Not someone putting one post-production (individual signing will prevent that), but the original author? It's a straw man. -- L. Todd Masco | "Which part of 'shall not be infringed' didn't cactus@bb.com | you understand?"
"L. Todd Masco" <cactus@bibliob.slip.netcom.com> writes: Certainly not enough to justify the rest: Can you name one example of an author of a package including some virus? Not someone putting one
Yes.
post-production (individual signing will prevent that), but the original author?
Mark Ludwig wrote KOH, an on-the-fly disk encryption program that is also a virus. It was posted recently to alt.security.pgp. Ludwig is the author of a number of other viruses that don't claim to be useful.
It's a straw man.
OK. For the record, I think it's a Good Thing to have as much confidence in lots of different frequent-version programs as I do in (say) PGP with its signed-file protocols. Jim Gillogly Hevensday, 7 Halimath S.R. 1994, 22:32
Jim Gillogly writes:
Mark Ludwig wrote KOH, an on-the-fly disk encryption program that is also a virus. It was posted recently to alt.security.pgp. Ludwig is the author of a number of other viruses that don't claim to be useful.
I stand corrected; However, my point (overstated as it was) is that this is insignificant to the total number of programs distributed: the whole mass of ftp.uu.net, wuarchive.wustl.edu,...
OK. For the record, I think it's a Good Thing to have as much confidence in lots of different frequent-version programs as I do in (say) PGP with its signed-file protocols.
Oh, I certainly agree. I just don't believe that Betsi does anything constructive towards this -- doing this through reputations of known agents is a much better method, IMO -- and not one that requires an agent <-> human mapping. -- L. Todd Masco | "Which part of 'shall not be infringed' didn't cactus@bb.com | you understand?"
Certainly not enough to justify the rest: Can you name one example of an author of a package including some virus? Not someone putting one post-production (individual signing will prevent that), but the original author?
Many Mac viruses that I've seen come straight from Microsoft neatly sealed in plastic on brand new disks. If they signed them it would not increase my confidence one iota. brad
Brad Huntting writes:
Many Mac viruses that I've seen come straight from Microsoft neatly sealed in plastic on brand new disks. If they signed them it would not increase my confidence one iota.
How would getting Betsi to sign them increase your confidence? Betsi doesn't seem to claim to do any testing of the software, they just verify that it was really Bill Gates' company (in this example) that shipped the Microsoft product. BFD -- they can buy their own ViaCrypt PGP. I think people are missing my point: that having a third party sign your software without any testing (Betsi is free, after all) adds *nothing* except for a human-to-name mapping, and increases the risk of the signature being compromised. Now, there probably is a market for somebody who tests the software first and then certifies it -- in fact, that will probably be a big business in the future, one I can easily see someone like Cygnus getting into. But that's not what Betsi claims to do, and I certainly don't want to contemplate the legal issues (do you get your ass sued off when you're wrong? Almost certainly) involved with anybody trying to do that. -- L. Todd Masco | "Which part of 'shall not be infringed' didn't cactus@bb.com | you understand?"
participants (4)
-
Brad Huntting -
brains@male.org -
Jim Gillogly -
L. Todd Masco