if you can't trust a cpu server don't use it. applies to carbon based life-forms too.
On 25 February 2013 00:29, <a...@9srv.net> wrote: > Cinap mostly covered this, but yeah: if you don't trust the > system you're connecting to, cpu isn't really safe[1]. But > then, neither is anything else: even the simplest service > (say, telnet) can be trivially bugged with things like key > loggers if the remote side's untrustworthy. > > If you've not read it, you (and everyone else in CS) should > read "Reflections on Trusting"[1], by Ken Thompson, > describing how he bugged the login program and then > made it roughly undetectable. Things like cpu's -P can > help in a sense, but at some point it comes down to > trusting the humans on the remote end. > > [1] http://cm.bell-labs.com/who/ken/trust.html > > >
