[clug] Anti-Virus Software

Paul Wayper paulway at mabula.net
Thu Jun 24 20:24:41 MDT 2010 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 06/25/2010 10:14 AM, Alex Satrapa wrote:
> On 25/06/2010, at 08:55 , steve jenkin wrote:
>> Apple iPhone could be fundamentally broken, and not even Apple would know.
> 
> SELinux could be fundamentally broken, and noone would ever know.

I'll just take issue with that there, thanks.

You're saying "fundamentally broken", meaning that you're not just talking
about some random bit of policy that doesn't quite protect what it should -
you're talking about something that allows a specific user or command to
bypass all security and execute malicious code.

That, my friend, is pure grade A wrong.

The source code is there.  If there was a fundamental break in the code it
would be patently obvious to the huge number of security researchers that have
pored over that code for the last ten years.  The policies are open and
checked - it would be easier to slip in a malicious policy than break SELinux,
and no-one's yet managed to have a policy that was more wrong than allowing
the possibility of something not working as intended.  The openness of the
code and the policy and the development process behind it ensures that
fundamental breaks cannot occur.

However, iPhones could be secretly telling Apple your entire contact list and
we would only know because people watched packet captures or SMS logs.  You
can't go to Apple and get their source code.  Major governments might, but
then again they might get the specially sanitised version of the code.  You
have no way of knowing, because you can't take the code they give you, compile
it, and verify that it's the same as what's running on the iPhone.  The
potential for fundamental brokenness is implicit in one company compiling the
source and keeping it to itself.

Ultimately we're trusting someone - unless you actually read the code or sniff
your iPhone's transmissions yourself, you're trusting someone else to review
it.  But I'll take review of the source code over review of the packet trace
any day.  And I'll take a thousand experts from all over the world reviewing
the code over one company saying "no, no problems here, nothing to see, move
along, the sales counter is just over there"...

Have fun,

Paul
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.14 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/

iEYEARECAAYFAkwkE2kACgkQu7W0U8VsXYJ3rwCeMdgvDxWsnQUeN61YYt630B6n
DWQAn3hozCig0YRD1S6ZTRR92IzKwLQQ
=iBNo
-----END PGP SIGNATURE-----

More information about the linux mailing list