[Discuss] NAS: encryption

[richard.pieri at gmail.com (Richard Pieri)]

On 7/8/2015 11:06 AM, Chuck Anderson wrote:
> I think this whole discussion revolves around choice.  With open
> source, I have a choice to audit the code if I so desire, or to hire
> someone to do so on my behalf.  With internal drive encryption, I have
> (almost) no choice but to trust someone else's judgement about the
> implementation, whether that be the manufacturer or the government or
> some industry body or nonprofit.  Their incentives and my incentives
> may not always be aligned.

You are not qualified to perform a security audit. Neither am I. Only a 
handful of people in the world have those chops and most of them work 
for the NSA and GQHQ and maybe the FSB. The rest charge a great deal of 
money for their time and expertise, money that you as an individual 
probably don't have.

You only have the illusion of choice.


> I say "almost" no choice, because I guess I could reverse engineer the
> device.  But this is much harder to do than if I had the source code
> in the first place.  Isn't that one of the major selling points of
> open source software?

If you are not qualified to audit the thing then you are not qualified 
to reimplement it. The license is irrelevant.


> Even if I do not exercise my choice to audit the code, the mere fact
> that anyone can chooose to do so at any time can be a deterrent to
> trying to "pull a fast one" and hide malicious code in there.

It didn't stop the NSA from compromising Dual_EC_DRBG. It didn't stop 
Intel from compromising RdRand (likely at the NSA's prompting). It 
didn't prevent the ProFTPD sources from being compromised. It didn't 
prevent the OpenSSH sources from being compromised.

-- 
Rich P.