Re: Uncovering the secrets of SE Linux

[James Goldston <jgoldston () SSES NET>]

Hmmm.  I'm guessing Mr. Loeb is a writer and not a security practitioner,
because a practitioner wouldn't be so quick to vet the Agency's (or
anyone's) source code.  As Ken Thompson stated in "Reflections on Trusting
Trust," Communications of the ACM, Vol 27, No. 8, Aug 84, pp 761-763,

  "The moral is obvious.  You can't trust code that you
   did not totally create yourself.  (Especially code from
   companies that employ people like me.)  No amount of
   source-level verification or scrutiny will protect
   you from using untrusted code..."

The quote above is just as applicable then as now.  I am not saying I
recommend we not use external code.  Indeed, everyone is somewhat dependent
on externally-developed software.  However, proving the absence of
malicious software is beyond our capabilities except for the smallest code
fragments.

James


At 10:42 PM 3/8/01 -0600, InfoSec News wrote:
> But, they seem to mean it. The distribution .tgz file contains no
> secret Trojan horse that reads the data on your hard disk and then
> sends it all back to Fort Meade. There's no way to hide a trap door in
> code that all can comment upon and analyze.

ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".