On Mon, Jul 09, 2018 at 06:06:12PM +1000, Andrew McGlashan wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > > > On 09/07/18 17:51, KatolaZ wrote: > > Literally anybody can get the sources of the Linux kernel and read > > through it. So I guess your fears are somehow unjustified... > > There were long standing problems with openssl -- the source code was > fully available, anybody could have found the problems, but they didn't. > > The Linux Kernel is HUGE, the possibility to find something that > shouldn't be there would not be very easy. Binary blobs remain the > most "risky" components, but anything else can easily hide in plain sigh > t. >
Yeah, so what should we do? Stop working on Devuan and get a couple of years off just to check that the kernels provided in the already-released packages does not have any NSA backdoor? o_O -- [ ~.,_ Enzo Nicosia aka KatolaZ - Devuan -- Freaknet Medialab ] [ "+. katolaz [at] freaknet.org --- katolaz [at] yahoo.it ] [ @) http://kalos.mine.nu --- Devuan GNU + Linux User ] [ @@) http://maths.qmul.ac.uk/~vnicosia -- GPG: 0B5F062F ] [ (@@@) Twitter: @KatolaZ - skype: katolaz -- github: KatolaZ ]
signature.asc
Description: PGP signature
_______________________________________________ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
