[4927] in cryptography@c2.net mail archive
Re: Could Open Source Software Help Prevent Sabotage? (fwd)
daemon@ATHENA.MIT.EDU (Eugene Leitl)
Mon Jun 21 20:55:08 1999
From: Eugene Leitl <eugene.leitl@lrz.uni-muenchen.de>
Date: Mon, 21 Jun 1999 13:31:16 -0700 (PDT)
To: David Jablon <dpj@world.std.com>
Cc: pgut001@cs.auckland.ac.nz, cryptography@c2.net, isn@repsec.com
In-Reply-To: <3.0.5.32.19990621131952.007c1670@world.std.com>
David Jablon writes:
> Access to "the source code" may also give a false sense of security.
> "The source" might not be the full, complete, and exact code
> used to produce the commonly available object, and thus might not
> reveal the threating features.
People in the OpenSource movement tend to build their sofware from
source downloaded off the net. Of course most of them never read the
source, and the compiler might be rigged, but at least your local
binary and your local source would be in synch.
