[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Is Open Source safe? [Linux Weekly News]




Vlad Stesin wrote:
> I don't quite understand the logic behind this. The fact that the
> program's source is available is itself a proof that there are no
> backdoors. Anyone can read the source code and make sure it's OK.

Anyone can, but does anyone? Also be aware that most people don't
compile from source--it would be easy to doctor the source, compile a
binary, and ship the trojan binary alongside the unmodified source.
 
> However, this argument does hold against non-OSS. 

Yes it does, but not quite in the same way. For example, I believe that
in days of yore some attackers managed to insert a back door into some
DEC OS by breaking into the coding environment (I don't recall the
details, does anyone else?). So in other words, not only _could_ this
happen with non-OSS, it _has_ happened, and no doubt it happens
reasonably often.

In short, this is a real problem, but it seems to be that the likes of
Linux ought to be able to leverage its decentralised and parallel
development model to address it in a more comprehensive manner than any
closed centralised model could ever hope to achieve. "Many eyes"
_should_ make for defence in depth against this--but it does look like
some process is needed, and the Linux folk will need some kind of
argument to convince people that it works. 

Perhaps a start would be for individuals to essentially certify software
that they had personally checked, offering repositories with detached
signatures for specific versions of software compiled in a certain way.
Software that hadn't yet been certified or which didn't match sufficient
independent signatures could then be referred to a human for checking,
and if it was OK then that version of the software could also be signed.
This would also serve as a highly visible "yes, we have checked this for
back doors" statement..."and here are 1,000s of signatures to prove it"
:)

Cheers,
Frank O'Dwyer.