Secure Transactions
Tod Merley
todbot88 at gmail.com
Mon Sep 1 06:07:18 UTC 2014
Thanks for the spoof response Heinz!
So lets say I do see a wrong fingerprint. As in "ghost busting" who am I
gonna call!?
On Sun, Aug 31, 2014 at 10:53 PM, Heinz Diehl <htd+ml at fritha.org> wrote:
> On 01.09.2014, jd1008 wrote:
>
> > As I said, the caveat of all add-on is that they are just as mysterious
> > with respect to their actual content as FF itself - and for that matter,
> > Windows and Linux and Unix/variants, are just as mysterious. I say this
> > because even with open source software, does anyone really have the
> > time (AND THE KNOW-HOW) to identify malware in opensotource?
>
> It's all about trust and your thread model. There are no guarantees,
> as you just explained why. You can review the suspicious code
> yourself, and if you're not able to do so, you have to trust others.
> There is no 100% security.
>
> > Tens or perhaps hundreds of millions of lines of code (including all
> > the apps and libraries). Who is going to do this kind of sanitization??
>
> The community which develops the respective piece of software. Most
> open source software is not a solo-project, especially not the big
> ones. Look at the kernel itself: there are thousands of volunteers
> which contribute, and every piece of code is posted on a mailing list
> in order to be reviewed by others. This is no guarantee either,
> but an actual review of the code.
>
> > I posit that if there is an honest to truth company that can do this
> > (sanitize all open source SW of Linux), would and could charge arms
> > and legs for such a product.
>
> Please repeat with me: "there is no 100% security" ;-)
>
> --
> users mailing list
> users at lists.fedoraproject.org
> To unsubscribe or change subscription options:
> https://admin.fedoraproject.org/mailman/listinfo/users
> Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
> Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
> Have a question? Ask away: http://ask.fedoraproject.org
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/users/attachments/20140831/635ff4ae/attachment-0001.html>
More information about the users
mailing list