In message <[EMAIL PROTECTED]>, Valdis.Kletni [EMAIL PROTECTED] writes: > >--==_Exmh_1124330148_3161P >Content-Type: text/plain; charset=us-ascii > >> Requesting the source code and/or having access to it is really >> meaningless unless you have the skill and capabilities to compile it >> *and* use it. There is no sure way to know that the source code in your >> left hand is what was used to compile the binary in your right hand. > >Even if you compile your left hand into your right hand. See Ken Thompson's >"Reflections On Trusting Trust" (http://www.acm.org/classics/sep95/). To >complete the references, Reference 4 ("An unknown Air Force document") is >Karger & Schell's paper on a Multics pen-test, which is available at >http://www.acsac.org/2002/papers/classic-multics-orig.pdf > >Karger and Schell did a "30 years later" retrospective, also available at >http://www.acsac.org/2002/papers/classic-multics.pdf > >Between the India/Huawei thing and the MS05-039 mess, this is a good time for >everybody who hasn't read all 3 of them to read them - under 40 pages for all >3, >and the 24 pages of the first Karger&Schell you can probably skim.....) >
Also bear in mind how hard it is to find a cleverly-concealed back door. Think how hard it is for reviewers to find ordinary bugs, let alone one that someone tried to conceal. --Steven M. Bellovin, http://www.cs.columbia.edu/~smb