Why trust any software?

Mark H. Wood mwood at IUPUI.Edu
Tue Aug 6 14:56:50 CEST 2013


On Mon, Aug 05, 2013 at 12:31:13PM +0200, kardan wrote:
[snip]
> Also many linux users look strange at me if I say I do compile parts
> of my debian system.

Heh, but then Gentoo Linux users will look at you strangely if you say
that you *don't* compile parts of your system. :-)

> Fri, 26 Jul 2013 09:22:32 -0400
> "Mark H. Wood" <mwood at IUPUI.Edu> wrote:
> 
> > Well, Windows users who aren't programmers, who switch to e.g. Linux,
> > will then be Linux users who aren't programmers, so this alone changes
> > little for the individual.  He is still dependent on others in the
> > community.  That is quite alright -- an important part of PKC is for
> > people to find out for themselves who is reliable and form open-eyed
> > trust relationships.
> 
> Can you please explain what you mean by PKC in this context?

Sorry -- public key cryptography.

> Do you know of signing mechanisms for developers to
>  A have special keys for signing code changes
>  B sign each others keys to approve they are knowledged enough to
>  understand and check the code reliably.
>  C sign a piece of software/patch/commit with it

I don't see how this is different from a community building trust
relationships for email.

> ? Also it is interesting to differ between source and binaries -
> tracking source changes and builds separatedly or even confirm a
> trust chain with a combination of both.

I suppose that you could rig a compiler to compute signatures over the
sources it reads and incorporate these signatures into the binary.
Likewise the linker.  The whole toolchain would have to be carefully
considered and modified to suit.  I haven't heard of anyone doing
that.  (Someone will now point out that we would be reposing even more
trust in the toolchain, making its verification more important.  Yes.)

-- 
Mark H. Wood, Lead System Programmer   mwood at IUPUI.Edu
Machines should not be friendly.  Machines should be obedient.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: </pipermail/attachments/20130806/6d3a4548/attachment.sig>


More information about the Gnupg-users mailing list