Why trust any software?

Jay Sulzberger jays at panix.com
Tue Aug 6 16:40:05 CEST 2013

On Tue, 6 Aug 2013, Mark H. Wood <mwood at IUPUI.Edu> wrote:

> On Mon, Aug 05, 2013 at 12:31:13PM +0200, kardan wrote:
> [snip]
>> Also many linux users look strange at me if I say I do compile parts
>> of my debian system.
> Heh, but then Gentoo Linux users will look at you strangely if you say
> that you *don't* compile parts of your system. :-)
>> Fri, 26 Jul 2013 09:22:32 -0400
>> "Mark H. Wood" <mwood at IUPUI.Edu> wrote:
>>> Well, Windows users who aren't programmers, who switch to e.g. Linux,
>>> will then be Linux users who aren't programmers, so this alone changes
>>> little for the individual.  He is still dependent on others in the
>>> community.  That is quite alright -- an important part of PKC is for
>>> people to find out for themselves who is reliable and form open-eyed
>>> trust relationships.
>> Can you please explain what you mean by PKC in this context?
> Sorry -- public key cryptography.
>> Do you know of signing mechanisms for developers to
>>  A have special keys for signing code changes
>>  B sign each others keys to approve they are knowledged enough to
>>  understand and check the code reliably.
>>  C sign a piece of software/patch/commit with it
> I don't see how this is different from a community building trust
> relationships for email.
>> ? Also it is interesting to differ between source and binaries -
>> tracking source changes and builds separatedly or even confirm a
>> trust chain with a combination of both.
> I suppose that you could rig a compiler to compute signatures over the
> sources it reads and incorporate these signatures into the binary.
> Likewise the linker.  The whole toolchain would have to be carefully
> considered and modified to suit.  I haven't heard of anyone doing
> that.  (Someone will now point out that we would be reposing even more
> trust in the toolchain, making its verification more important.  Yes.)
> -- 
> Mark H. Wood, Lead System Programmer   mwood at IUPUI.Edu
> Machines should not be friendly.  Machines should be obedient.

Here is one recent effort along this line of defense:



More information about the Gnupg-users mailing list