-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Robert J. Hansen wrote:
| Insert mandatory "reflections on trusting trust" reference here. | | The sentiment of "I must build it from source if I'm going to trust it" | is great, but then you have to ask questions about your compiler, your | system libraries, etc., until you're left hand-hacking Assembly | instructions for a low transistor count CPU you've personally | lithographed yourself from your own personal design. | Let's say I did all that. But do I trust the guy who looked over my shoulder to be sure I did not make a mistake in my own personal design? And if I believe, in principle, in automatically proving programs (or hardware, their equivalent) correct, do I trust the program that does that? And the rules given that program that the program to be verified is to meet? We get into the very problem Rene Descartes was stuck in until he came up with "Cogito, ergo sum." Which I do not think was a solution at all. - -- ~ .~. Jean-David Beyer Registered Linux User 85642. ~ /V\ PGP-Key: 9A2FC99A Registered Machine 241939. ~ /( )\ Shrewsbury, New Jersey http://counter.li.org ~ ^^-^^ 08:50:01 up 69 days, 15:04, 3 users, load average: 4.06, 4.24, 4.31 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with CentOS - http://enigmail.mozdev.org iD8DBQFKJSFOPtu2XpovyZoRAmheAKC7PlUg4LWQsz9HdbP09cXdu/mIHwCcDrYG X15Zb0CWZ1SbmpgFl+JibYs= =NdyX -----END PGP SIGNATURE----- _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users