lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
From: DaveHowe at cmn.sharp-uk.co.uk (Dave Howe)
Subject: Re: Popular Net anonymity service back-doored

Bernhard Kuemel wrote:
> And surely you would apply your opinion to any kind of
> cryptography like pgp, ssl, etc. There are millions of users out
> there who do not have the skills (programming, mathematics) to
> verify such code. Calling them beyond stupid for that is
> inappropriate. Blindly relying on software may be foolish, but if
> you keep an open eye for warnings from those that have the skills
> and do verify the code of popular software it is ok.
Agreed strongly.
I am a (perhaps) adequate programmer, and I can use crypto toolkits and/or
impliment algos I find in books/online
I freely admit I don't have a hope in hell of finding a flaw in the crypto
itself - that is why I stick to peer-reviewed algos and, where possible,
crypto libraries that other programmer/cryptographers have peer-reviewed
(yes, I try to carry out my own source-code reviews. no, I don't have the
time or resources to evaluate a big project like pgp 6.x; I certainly
compile my own ckt builds, but I have reviewed less than 5% of the code,
which is probably a lot more than most skilled programmers would even
bother to do - and even then, mostly in modules that are concerned with
memory locking (as I am more interested in how pgp does this than the
crypto itself)

> And - who guarantees that the code that is published is the same
> that is used on the servers?
well, I would - I wouldn't dream of running a server whose code I hadn't
compiled myself; I would also zip up source, zip up binaries and
detached-sign both to form a final archive available for download from my
server. However, how far can I take that? assuming that I run linux and
compile my own kernel and ssl/ssh/etc - how much *can* I compile by myself
and not spend my entire life checking for (for example) K&R style self
replicating patchers in the compiler? There is a line beyond which a
healthy paranoia about security becomes a unhealthy obsession which
paralyses the user from ever performing ANY actions.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ