[clug] Anti-Virus Software

Paul Wayper paulway at mabula.net
Sat Jun 26 18:52:48 MDT 2010 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 06/25/2010 01:16 PM, Kevin Pulo wrote:
> On Fri, Jun 25, 2010 at 12:24:41PM +1000, Paul Wayper wrote:
> 
>> The source code is there.
> 
> The point of Steve's post was that you are still trusting that the
> compiler is generating machine code which corresponds to the source
> code you gave it.  Malicious compilers aren't usually part of the
> threat model.

Sure.  There's three parts to that though.  Firstly, the old 'compiler with
hidden extras' trick is now fairly closely watched, and it would be
exceptional[*] for someone to sneak a backdoor into SELinux via the compiler
and no-one notice anything unusual.  Secondly, the policy is the far easier
thing to put a backdoor in, and yet that's the thing which again has been
scrutinised fairly intensely.  And thirdly, even if those two are considered
to be possibilities you are _exactly_where_proprietary_software_sits_ with
respect to security.

[*] because the compiler hack would have had to be compiled in in the first
versions of gcc, back in the days when SELinux hadn't been invented.

Yes, there's a whole bunch of hacks around - everything from the old login
hack to CPUs that leak data to routers that send packets to the Chinese
government, er, hackers.  And these are part of the process of full auditing
of a platform - reverse engineering the machine code, building air gaps and
Tempest boxes, watching packets and so forth.  But that's true for everything.

Open Source Software makes an additional assertion: that everyone can inspect
it freely.  This has proven to reduce the chance of really obvious backdoors
slipping into the code, and increases the quality of the code because more
people see different problems and because shoddy code is exposed quicker.
Proprietary software can never make this claim.

So firstly Steve's original example, while well made, is irrelevant to my
point.  And secondly FOSS still has better security because of its exposure.

Have fun,

Paul

P.S. Sorry I wasn't able to make the last meeting - I hope everything went
well.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.14 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/

iEYEARECAAYFAkwmoOAACgkQu7W0U8VsXYIzrACg0TwXEUuh3rripnDn0zeMvEXf
ENMAn2tVOkBwetMnWG9arcD/Sd3TozyJ
=QOLg
-----END PGP SIGNATURE-----

More information about the linux mailing list