[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Commercial PGP: Verifying Trustworthiness



In-Reply-To: <[email protected]>
> From: peter honeyman <[email protected]>
> trust?  you could read the code, starting at about line 550 of crypto.c.
> of course, you have to trust your eyes, your editor (if you use one),
> and your operating system not to deceive you.  (i think i've carried
> this too far.)

I dunno.  The early versions of UNIX had a back door in the login
program put in by the designer.  The compiler also watched for the
login source code to be recompiled and added the back door.  The
compiler also watched for the compiler source code to be recompiled
and inserted the login code modification code _and the compiler
modification code.  You can never be to careful.