Re: Commercial PGP: Verifying Trustworthiness
In-Reply-To: <9308272026.AA17010@toad.com>
From: peter honeyman <honey@citi.umich.edu> trust? you could read the code, starting at about line 550 of crypto.c. of course, you have to trust your eyes, your editor (if you use one), and your operating system not to deceive you. (i think i've carried this too far.)
I dunno. The early versions of UNIX had a back door in the login program put in by the designer. The compiler also watched for the login source code to be recompiled and added the back door. The compiler also watched for the compiler source code to be recompiled and inserted the login code modification code _and the compiler modification code. You can never be to careful.
I dunno. The early versions of UNIX had a back door in the login program put in by the designer. The compiler also watched for the login source code to be recompiled and added the back door. The compiler also watched for the compiler source code to be recompiled and inserted the login code modification code _and the compiler modification code. You can never be to careful.
I've let a lot of stupid comments go by, but I have to respond to this one. It is true that Dennis Ritchie (I believe, if not him, one of the other original UNIX authors) proposed such a login/compiler virus. But it wasn't in any early version of UNIX. Marc
participants (2)
-
bbyer@BIX.com -
Marc Horowitz