[TriLUG] Green Hills calls Linux 'insecure' for defense

Marty Ferguson marty at rtmx.net
Mon Apr 12 22:13:08 EDT 2004 

My [somewhat OT] opinion, for what it's worth...

Tinkering with things, down to the microcode level, becomes
cost effective and quite feasible when trillions of dollars
are at stake... for example, when rigging an election.

Think about these issues when considering the future of
electronic voting machines without any paper trail.
I, personally, would send in an absentee ballot under those
conditions.

I've pasted below the body of the email I sent out when I first
spotted the Green Hills item in Google News.

Marty

=============PASTED==================================
Here's the position paper...
http://www.tinotopia.com/log/archive/000186.html


Based on this "true story" about UNIX and Ken Thomson's c compiler hack
http://www.clueless.com/jargon3.0.0/back_door.html

Considering the enormous amounts of resouces that, over history, have
been invested in rigging elections, this becomes a very convicing argument
that the probablity of electronic voting systems becomming corrupt is
99.999999999999999%

Marty

============================================================


-----Original Message-----
From: trilug-bounces at trilug.org [mailto:trilug-bounces at trilug.org]On
Behalf Of Mike M
Sent: Monday, April 12, 2004 8:47 PM
To: Triangle Linux Users Group discussion list
Subject: Re: [TriLUG] Green Hills calls Linux 'insecure' for defense


On Mon, Apr 12, 2004 at 09:10:48PM -0400, Chris Knowles wrote:
> On Mon, 2004-04-12 at 20:49, Mike M wrote:
> > On Mon, Apr 12, 2004 at 06:54:20PM -0400, Rick DeNatale wrote:
> > > This is not at all an argument against open source, just a more
> > > sophisticated view of the role of source in security auditing.
> >
> > Requesting more clarity here please.  I can't tell what is open or
> > closed in your description: the compiler source, the source the compiler
> > is compiling, or both, or neither.
>
> <SNIP>
>
> Both are open.
>
> And he shouldn't have presented it as if this were theoretical wanking.
> Ken Thompson actually did this.
>
> http://www.catb.org/~esr/jargon/html/B/back-door.html

Thanks for the link.  That cleared up a lot.  In the description the
possibility of using yet another compiler was not raised.  The
dilemma arose from the lack of an alternative compiler that was
untainted. Maybe back in
kt's early days, yet another untainted compiler was not an easy
option.  Today, it is trivial.

Perusing the source would detect the evil and this is
recognized in link article.  Again, back when this evil scheme was
devised, the concept of world-wide code review was not in effect.  If
this sort of thing were detected today, the www and lists would be lively
with its presentation, analysis, and discussion.

The commercial concerns have a built in motivation to plant and/or find
evil in F/OSS.  They have not be terribly successful at it from what I
can tell.
>
> And yup, it's fiendish and really scary.  But I'm not convinced that OSS
> is more vulnerable to this than say certain proprietary network hardware
> OS's.  (*cough* CISCO *cough*)

Hmmm.  That's _closed_ source, right?  Nobody reviews it without
getting paid, right?  You can't profit by reviewing code, right? The
profit picture is not robust right now, right?  So there's probably
not a lot of code reviewing for the heck of it, right? OTH, people
review F/OSS for the glory of finding holes - wierd as it may sound.
I sleep better knowing such geeks exist though.
--
Mike

Moving forward in pushing back the envelope of the corporate paradigm.
--
TriLUG mailing list        : http://www.trilug.org/mailman/listinfo/trilug
TriLUG Organizational FAQ  : http://trilug.org/faq/
TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
TriLUG PGP Keyring         : http://trilug.org/~chrish/trilug.asc

More information about the TriLUG mailing list