BLU Discuss list archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Discuss] Good and Bad Crypto
- Subject: [Discuss] Good and Bad Crypto
- From: smallm at panix.com (Mike Small)
- Date: Tue, 22 Apr 2014 16:08:14 -0400
- In-reply-to: <5356BC26.6000904@gmail.com> (john saylor's message of "Tue, 22 Apr 2014 14:59:50 -0400")
- References: <14b5446b65314ece8402914040d7efb6@CO2PR04MB684.namprd04.prod.outlook.com> <5355DA7B.4070600@gmail.com> <f134eeeef944486ca75cd35da6f930e7@CO2PR04MB684.namprd04.prod.outlook.com> <20140422153609.GL3247@dragontoe.org> <1afcd60c08f54ca29e464853d8f18bb4@CO2PR04MB684.namprd04.prod.outlook.com> <5356BC26.6000904@gmail.com>
john saylor <js0000 at gmail.com> writes: > On 4/22/14, 14:37 , Edward Ned Harvey (blu) wrote: >> You're saying, that the only way anybody in the world can trust >> anything, is to literally download everything from source, *read* >> all the source, and compile it themselves. > > instead of just calling "bs" can you suggest some other means by which > you can trust crypto software? > > if you're not doing this work [source examination and local compile] > then what are you basing your trust upon? > > someone else's word? someone else's audit report? what other means are > available to you? There's always FIPS 140 certification: http://oss-institute.org/latest-news/248-openssl-announces-new-fips-140-2-validation- But it appears that the testing labs doing that insist that at least they themselves get to see the source code: http://www.albany.edu/acc/courses/ia/acc661/sp800-29.pdf I would agree that my studying all the source code I run isn't realistic. (Nonetheless it's nice to daydream about running a system simple enough where that's almost feasible -- minix? plan 9?) I've spent hours here and there this week just trying to read enough X source to figure out whether I'm right in thinking I need to do the following to use the security extension or if there's a more direct way and whether there's a way to mark XVideo as a secure extension. The documentation isn't very clear about what access you already need before running xauth generate. (trusted_user) $ xhost +si:localuser:untrusted_user (trusted_user) $ su -l untrusted_user -c xterm (untrusted_user) $ xauth generate :0 . timeout 10000 (trusted_user) $ xhost -si:localuser:untrusted_user (untrusted_user) $ firefox & mplayer & etc. Auditing everything I use would be too much time, and I don't have the skill. It's the wider world I'm counting on, but ideally, it would be a wider group than a single company's development department or that company plus a single government test lab.
- References:
- [Discuss] Good and Bad Crypto
- From: blu at nedharvey.com (Edward Ned Harvey (blu))
- [Discuss] Good and Bad Crypto
- From: tmetro+blu at gmail.com (Tom Metro)
- [Discuss] Good and Bad Crypto
- From: blu at nedharvey.com (Edward Ned Harvey (blu))
- [Discuss] Good and Bad Crypto
- From: invalid at pizzashack.org (Derek Martin)
- [Discuss] Good and Bad Crypto
- From: blu at nedharvey.com (Edward Ned Harvey (blu))
- [Discuss] Good and Bad Crypto
- From: js0000 at gmail.com (john saylor)
- [Discuss] Good and Bad Crypto
- Prev by Date: [Discuss] Good and Bad Crypto
- Next by Date: [Discuss] Good and Bad Crypto
- Previous by thread: [Discuss] Good and Bad Crypto
- Next by thread: [Discuss] Good and Bad Crypto
- Index(es):