[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Is Open Source safe? [Linux Weekly News]

To: Jim Choate <[email protected]>
Subject: Re: Is Open Source safe? [Linux Weekly News]
From: Vlad Stesin <[email protected]>
Date: Sun, 22 Nov 1998 23:35:52 -0500 (EST)
cc: Cypherpunks Distributed Remailer <[email protected]>
In-Reply-To: <[email protected]>
Sender: [email protected]


I don't quite understand the logic behind this. The fact that the
program's source is available is itself a proof that there are no
backdoors. Anyone can read the source code and make sure it's OK.

However, this argument does hold against non-OSS. It can even be used to
promote Linux (and other free open-source operating systems), since
someone could distribute some win32 trojans on download.com, tucows.com
and others.

Regards,
--
Vlad Stesin 
[email protected]

On Sun, 22 Nov 1998, Jim Choate wrote:

> 
> Forwarded message:
> 
> > X-within-URL: http://lwn.net/1998/1119/Trojan.html
> 
> >                                THE TROJAN HORSE
> >                                        
> >                                        
> >     Bruce Perens <[email protected]>
> >     
> >    
> >    There's a problem that could very badly effect the public perception
> >    of Linux and Open Source. I want people to think about this, and
> >    hopefully "head it off at the pass" before it happens.
> >    
> >    Perhaps it's already on your system today: a trojan-horse program. It
> >    might be a game, or more likely a system utility. It's author uploaded
> >    it to an FTP archive, where it was then picked up by your favorite
> >    Linux distribution, who wrote it onto the CD-ROM that you bought. It
> >    works just fine, but hidden away in the program is a special feature:
> >    a secret back-door past your system's security.
> >    
> >    Perhaps the author of this attack is tired of hearing about what great
> >    hackers we are, and wants to take us down a notch. He's patient - he
> >    will wait until his program is distributed to tens of thousands of
> >    Linux systems before he says a word. But say is what he'll do - he's
> >    not really interested in breaking into your system. What he wants is
> >    the publicity, bad publicity for us, and lots of it. We've left the
> >    gates open for this trojan horse. Let's talk about how to close them,
> >    and hope we have enough time to solve this problem before our
> >    reputation is hurt.
> 
> [mnoga tekct oodalyaty]
> 
> 
>     ____________________________________________________________________
>  
>              Technology cannot make us other than what we are.
> 
>                                            James P. Hogan
> 
>        The Armadillo Group       ,::////;::-.          James Choate
>        Austin, Tx               /:'///// ``::>/|/      [email protected]
>        www.ssz.com            .',  ||||    `/( e\      512-451-7087
>                            -====~~mm-'`-```-mm --'-
>     --------------------------------------------------------------------
> 
>

Follow-Ups:
- Re: Is Open Source safe? [Linux Weekly News]
  - From: "Frank O'Dwyer" <[email protected]>
- Re: Is Open Source safe? [Linux Weekly News]
  - From: Martin Minow <[email protected]>

References:
- Is Open Source safe? [Linux Weekly News]
  - From: Jim Choate <[email protected]>

Prev by Date: Wired: AOL selling E-Stamps
Next by Date: Re: PGP compromised?
Prev by thread: Is Open Source safe? [Linux Weekly News]
Next by thread: Re: Is Open Source safe? [Linux Weekly News]
Index(es):
- Date
- Thread