[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

"a skilled backdoor-writer can defeat skilled auditors"?



Dnia wtorek, 3 czerwca 2014 18:32:52 piszesz:
> On Wed, Jun 04, 2014 at 03:06:43AM +0200, [email protected] wrote:
> > Your proposal would cause 99% of software currently in use to be
> > rejected
> 
> That seems like a feature...
> 
> (note that I don't think most software should be audited as security
> critical.  We can reduce the Trusted Computing Base and audit only those
> bits.)
> 
> > and make the development costs increase as astronomically as
> > to be compared to medical research.
> 
> I like to compare our current situation to the Steam Age.  There was an
> enormous amount of innovation in steam power, heating, etc in the 1800s.
> There was a concomitant lack of standardized safety measures, and
> occasionally boilers exploded taking entire apartment buildings with
> them.
> 
> Over time the rate of innovation decreased, standardization set in,
> safety measures were instituted, and now we have boring steam radiators
> in apartment buildings rather than exciting steam-powered Difference
> Engines in our pockets.

I love that analoy. I was usually using "one of the reasons bridges are safe 
today is because we have safety standards and not everybody can build one", 
but yours is much better.

-- 
Pozdr
rysiek
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 316 bytes
Desc: This is a digitally signed message part.
URL: <http://cpunks.org/pipermail/cypherpunks/attachments/20140604/4bd0ab86/attachment.sig>