"a skilled backdoor-writer can defeat skilled auditors"?
rysiek
rysiek at hackerspace.pl
Wed Jun 4 05:39:54 PDT 2014
Dnia wtorek, 3 czerwca 2014 18:32:52 piszesz:
> On Wed, Jun 04, 2014 at 03:06:43AM +0200, tpb-crypto at laposte.net wrote:
> > Your proposal would cause 99% of software currently in use to be
> > rejected
>
> That seems like a feature...
>
> (note that I don't think most software should be audited as security
> critical. We can reduce the Trusted Computing Base and audit only those
> bits.)
>
> > and make the development costs increase as astronomically as
> > to be compared to medical research.
>
> I like to compare our current situation to the Steam Age. There was an
> enormous amount of innovation in steam power, heating, etc in the 1800s.
> There was a concomitant lack of standardized safety measures, and
> occasionally boilers exploded taking entire apartment buildings with
> them.
>
> Over time the rate of innovation decreased, standardization set in,
> safety measures were instituted, and now we have boring steam radiators
> in apartment buildings rather than exciting steam-powered Difference
> Engines in our pockets.
I love that analoy. I was usually using "one of the reasons bridges are safe
today is because we have safety standards and not everybody can build one",
but yours is much better.
--
Pozdr
rysiek
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 316 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.cpunks.org/pipermail/cypherpunks/attachments/20140604/4bd0ab86/attachment-0002.sig>
More information about the cypherpunks
mailing list