[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] "Safeplug"



Yuri:
> How can one be sure that firmware that is running on the router is 
> built from this particular source code and not from some modified 
> version or different revision?

Hashes?

The ability to build it from sources?

If you search you can find a few other solutions.

> Also how can one be sure that one extra service wasn't added on top 
> of this open source?

Go for your own compile and see what's broken.

> I think the answer to both of these questions is "impossible".

You're a romantic.

> In addition, governments have the power to execute the secret order 
> on the company to secretly add such back door.

Of course. This is why you need GPL v3. No TiVoisation baby!

> Open source only makes sense when built and installed by the party 
> interested in security, or maybe when it is built by some trustworthy
> organization, like some trusted linux distro, and not just some
> random commercial company without any reputation.

Not really. How about the tor project? Trust comes precisely from this
open source, open review. In fact, Tor is one step above: it's Free
Software.

No offense, You reasoning sucks. Google did the Android. They are
nowhere close to «just some random commercial company without any
reputation». Step aside from the media
you are consuming. Give it a few months to cool. If you can trust me:
nothing important is going to happen even if you miss 10 years. Myself I
missed close to 10 and I feel like a century won't be enough. What the
media is calling shocking with NSA was done before by STASI. Than KGB
before them. NKVD before that. And so on a few millennia. Adolf Hitler
had two extra features over Alexander the Great and Muhhamad the crazy
prophet that is so ugly nobody wants to pain. One was the closeness. AH
is so much closer to us than the others. But still, if you get close to
white power groups you can see the hagiography coming to life. Second
was the technological advance. That same magic makes NSA so impressive.
Still no sign of the excesses of their homologues in Eastern Europe.

Some times I think what kind of morons CIA and the gang are employing. I
mean from Windows '95 they needed about a decade to figure it out.
Naughty-naughty! On TV they say it's the age of information, that speed
is the key and other sweet slogans.

Back to your issue, check out TBB 3.0. The people involved are about to
fix this issue right under your nose.

-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk