[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Why I have a 512 bit PGP key

To: [email protected] (Eric Hughes)
Subject: Re: Why I have a 512 bit PGP key
From: Jeff Barber <[email protected]>
Date: Wed, 28 Dec 1994 08:44:03 -0500 (EST)
Cc: [email protected]
In-Reply-To: <[email protected]> from "Eric Hughes" at Dec 27, 94 11:13:03 pm
Sender: [email protected]

Eric Hughes writes:
> 
>    From: "Ian Farquhar" <[email protected]>
> 
>    > Recompile the binary from newly uploaded source each time.  MD5 source
>    > isn't more than about 10K long.  That's all of a few seconds of upload
>    > time.
> 
>    Irritating [...]
> 
> ???  An upload can be automated, just like anything other solution.

Then the automated part (script or whatever) simply becomes another piece
that needs to be protected.

> You can't go about protecting against the modification of binaries by
> relying upon one of your binaries being better protected than the
> rest.  There's an infinite regress involved here.  The solution is to
> go outside the regress.  Recreating the binary from scratch is one
> way.  I'm sure there are others.

No -- in the absence of other measures, recreating the binary from 
scratch is not such a way.  You've merely added the compiler and its
associated utilities to your regression list.  Nothing is gained --
other than additional irritation and delay.

-- Jeff

Follow-Ups:
- Re: Why I have a 512 bit PGP key
  - From: [email protected] (Eric Hughes)

References:
- Re: Why I have a 512 bit PGP key
  - From: [email protected] (Eric Hughes)

Prev by Date: Re: Why I have a 512 bit PGP key
Next by Date: Re: Why I have a 512 bit PGP key
Prev by thread: Re: Why I have a 512 bit PGP key
Next by thread: Re: Why I have a 512 bit PGP key
Index(es):
- Date
- Thread