[kwlug-disc] Stronger SSH keys and SSL certificates
Giles Malet
gdmalet at gmail.com
Mon Apr 21 15:52:04 EDT 2014
On 04/21/2014 03:32 AM, unsolicited wrote:
> the NSA CANNOT have a back door. It would
> not survive in the code base.
That is not true, for the simple reason that you are assuming that the
source is a direct representation of the executable produced. Please
read this famous article and then reconsider what you said:
http://cm.bell-labs.com/who/ken/trust.html
Admittedly doing something like this would be tricky, but it's not
beyond the realms of possibility. Just fiddling with say the GCC
compiler would be enough for this to be a problem.
g
More information about the kwlug-disc
mailing list