[kwlug-disc] Stronger SSH keys and SSL certificates

CrankyOldBugger crankyoldbugger at gmail.com
Mon Apr 21 16:04:23 EDT 2014


Thanks, Giles, that's what I wanted to say but you expressed it much better
than I could.



On 21 April 2014 15:52, Giles Malet <gdmalet at gmail.com> wrote:

> On 04/21/2014 03:32 AM, unsolicited wrote:
>
>> the NSA CANNOT have a back door. It would
>> not survive in the code base.
>>
>
> That is not true, for the simple reason that you are assuming that the
> source is a direct representation of the executable produced. Please read
> this famous article and then reconsider what you said:
>
> http://cm.bell-labs.com/who/ken/trust.html
>
> Admittedly doing something like this would be tricky, but it's not beyond
> the realms of possibility. Just fiddling with say the GCC compiler would be
> enough for this to be a problem.
>
> g
>
>
> _______________________________________________
> kwlug-disc mailing list
> kwlug-disc at kwlug.org
> http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://kwlug.org/pipermail/kwlug-disc_kwlug.org/attachments/20140421/c5e35a44/attachment.html>


More information about the kwlug-disc mailing list