On 07/09/2018 01:06 AM, Andrew McGlashan wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
On 09/07/18 17:51, KatolaZ wrote:
Literally anybody can get the sources of the Linux kernel and read
through it. So I guess your fears are somehow unjustified...
There were long standing problems with openssl -- the source code was
fully available, anybody could have found the problems, but they didn't.
The Linux Kernel is HUGE, the possibility to find something that
shouldn't be there would not be very easy. Binary blobs remain the
most "risky" components, but anything else can easily hide in plain sigh
t.
I'm old and trying to remember is not easy at times, I think what we
would be looking for could be a dbus-client, also another word mentioned
was about 3-4 letters long and the first letter was a 'k' but nothing to
do with kde, also mentioned was to check certificate files. This stuff
is over my head and I yeld to the experts, but all these things are
certainly worth checking out. Another way to corrupt a system is via
the firmware and has also been mentioned in my readings.
Thanks,
--
Jimmy Johnson
Devuan Jessie - KDE 4.14.2 - AMD A8-7600 - EXT4 at sda2
Registered Linux User #380263
_______________________________________________
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
