[24562] in Cypherpunks
Re: Why I have a 512 bit PGP key
daemon@ATHENA.MIT.EDU (Jeff Barber)
Wed Dec 28 09:13:00 1994
From: Jeff Barber <jeffb@sware.com>
To: eric@remailer.net (Eric Hughes)
Date: Wed, 28 Dec 1994 08:44:03 -0500 (EST)
Cc: cypherpunks@toad.com
In-Reply-To: <199412280713.XAA02404@largo.remailer.net> from "Eric Hughes" at Dec 27, 94 11:13:03 pm
Eric Hughes writes:
>
> From: "Ian Farquhar" <ianf@sydney.sgi.com>
>
> > Recompile the binary from newly uploaded source each time. MD5 source
> > isn't more than about 10K long. That's all of a few seconds of upload
> > time.
>
> Irritating [...]
>
> ??? An upload can be automated, just like anything other solution.
Then the automated part (script or whatever) simply becomes another piece
that needs to be protected.
> You can't go about protecting against the modification of binaries by
> relying upon one of your binaries being better protected than the
> rest. There's an infinite regress involved here. The solution is to
> go outside the regress. Recreating the binary from scratch is one
> way. I'm sure there are others.
No -- in the absence of other measures, recreating the binary from
scratch is not such a way. You've merely added the compiler and its
associated utilities to your regression list. Nothing is gained --
other than additional irritation and delay.
-- Jeff
