"Bill Page" <[EMAIL PROTECTED]> writes: ... > It must be the approaching Winter season or maybe it is this pain > in my back that wont go away anymore, but I seem to be disagreeing > with almost everyone here lately... :(
I don't think that's right. (Sorry.) > I believe that such an attack is technically possible, but I > disagree strongly that therefore there is a good reason to suspect > all binaries. Tainted binaries are rare, but they do exist. Trying to avoid them seems like common sense. (Tainted sources also exist, but they get spotted easier.) There's an old saying (Finlay Peter Dunne) Trust everyone, but cut the cards. Not relying on binaries is, if nothing else, cutting the cards. >> > Not in light of things like Ken Thompson's proposed attack. >> > Security people may be paranoid, but on the internet paranoia >> > is a virtue. > > No. Paranoia is a disease, like depression. It is a social/medical > condition that needs to be treated. ... >> For a sysadmin, the absence of paranoia is called professional >> incompetence. > > I think your colleague does not have a clear understanding of > security. I think you're taking "paranoia" too literally. But you might disagree. (See above.) Jay _______________________________________________ Axiom-developer mailing list Axiom-developer@nongnu.org http://lists.nongnu.org/mailman/listinfo/axiom-developer
