I build my own stuff, no spyrmware in mine, lol. ;-D
-
-
Next time I'm at an airport, I'm going to open a bunch of console windows, cat the entire Linux source tree in each of them, and then walk away from the computer for while to observe people's reactions
Comment
-
You're going to end up like that damned security guard at the Atlanta Olympics. We'll be watching you on CNN Breaking News... "Hacker attempts to hijack and bring down Sea-Tac Airport. States it was a misunderstanding. Suspected ties with "Anonymous..."Originally posted by SteveRiley View PostNext time I'm at an airport, I'm going to open a bunch of console windows, cat the entire Linux source tree in each of them, and then walk away from the computer for while to observe people's reactionsI do not personally use Kubuntu, but I'm the tech support for my daughter who does.
Comment
-
Worst idea ever, unless you like being _thoroughly_ searched by security guards? LolOriginally posted by SteveRiley View PostNext time I'm at an airport, I'm going to open a bunch of console windows, cat the entire Linux source tree in each of them, and then walk away from the computer for while to observe people's reactionsComment
-
These people know something. I want full cavity searches. Everyone. Go deep on 'em.Comment
-
-
You wish.Originally posted by tek_heretik View Post
Ken Thompson described the debug code he wrote into the UNIX login code so that every time the code was compiled it would insert his secret login password. http://cm.bell-labs.com/who/ken/trust.html (Ken's paper is better described here.)
The next step is to take the bugged binary and compile a C compiler source that has the bug in it. Then take that compiled binary and recompile the C compiler, without the backdoor source code in it, to produce a C compiler that compiles a backdoor into every UNIX login utility even though the source of both the C compiler AND the login utlility show no trace of hacked login code.
There is a counter to that attack:http://www.acsa-admin.org/2005/abstracts/47.html
However, consider that not only can one write an invisible back door into a C compiler, the C compiler rides on an OS that rides on firmware microcode. The same kind of backdoor can be added to a C compiler via the microcode. Just add the code to the microcode assembly source, compile it, etc.....
Who has access to the microcode of the firmware and probably of the CPU microcode as well? Consider where most are made. I've come to the conclusion that there is no such thing as a secure computer, even IF you compile all software yourself from vetted code. But, while all computers have the same security risks below the OS lever, some operating systems are more secure than others at levels above the firmware. That's why I run Linux. Less likely to be hacked into by Joe Scriptkiddy.Last edited by GreyGeek; Dec 17, 2013, 03:39 PM."A nation that is afraid to let its people judge the truth and falsehood in an open market is a nation that is afraid of its people.”
– John F. Kennedy, February 26, 1962.Comment
-
Alas, I completely agree. We're all basically gambling on trust, to one degree or another.Originally posted by GreyGeek View PostComment
Comment