Path: utzoo!utgpu!jarvis.csri.toronto.edu!rutgers!sun-barr!cs.utexas.edu!uunet!mcvax!kth!draken!tut!santra!kampi.hut.fi!alo
From: alo@kampi.hut.fi (Antti Louko)
Newsgroups: comp.unix.wizards
Subject: Re: UNIX and viruses
Message-ID: <22709@santra.UUCP>
Date: 10 Jun 89 13:18:50 GMT
References: <19930@adm.BRL.MIL> <4457@ficc.uu.net> <16655@rpp386.Dallas.TX.US>
Sender: news@santra.UUCP
Reply-To: alo@kampi.hut.fi (Antti Louko)
Organization: Helsinki University of Technology, Finland
Lines: 33

In article <16655@rpp386.Dallas.TX.US> jfh@rpp386.cactus.org (John F. Haugh II) writes:

>Anyone interested in a really good paper on trojan horses and trust
>should read Ken Thompson's Turing Award presentation.

>Ken creates a scenario in which the C compiler and login are in
>cahoots to create this security hole which only he [ and dmr ;-) ]
>are aware of.

>It ends with some very sound advice - eventually a secure OS comes
>down to trusting the people who wrote the code.  I don't think GNU
>will ever produce a trusted OS for exactly this reason - who is
>going to trust people such as Stallman who believes security is
>something big companies use to steal from the average Joe?

Actually it comes down to trusting the people who COMPILED the code.
If you don't use bootstrapping binaries coming with sources you are
much safer.

Can we trust any of those big companies either? Or that they have
never had any saboteur programmers working with the OS you are buying.
Besides, big companies usually don't give you the source code for
their systems. At least some of the pieces are missing. With GNU you
can compile everything from sources.  First you compile the GCC with a
different compiler, of course. With GNU you will have sources without
any license agreements. You don't even have to tell anyone that you
desperately NEED the sources!

I believe many high security facilities will find GNU more suitable
than proprietary systems.

	Antti Louko (alo@hut.fi)
	Helsinki University of Technology