At 12:12 AM 8/27/04 -0700, Ed Gerck wrote: > >David Honig wrote: >> "Applications can't be any more secure than their >> operating system." -Bram Cohen > >That sounds cute but I believe it is incorrect. Example: error- >correcting codes. The theory of error-correcting codes allows >information to be coded so that it can be recovered even after >significant corruption.
Yes. But what makes you think the implementation you are using is not subverted? What makes you trust your md5 (or whatever) calculator, which is how/why you trust your downloaded code? And, summarizing a Turing award lecture, what makes you trust your compiler, much less "ps" or other OS monitors? >What this means is that the search for the "perfect" operating >system as the solution to security is backwards. What it means is that the weakest link will break first. Humans, generally. Also the infrastructure under your tools, ie OS. And the tools used to build your tools, ie compilers or interpreters. Its not a "search for a perfect" anything; its a recognition that trust in a system relies on trusting a great number of things; if any one is toast, the system is toast. Ask Niko Scarfo... used great crypto, but a $10 keylogger got him. He might have run the most secure MULTICs around, but the weakest link was his keyboard, and a black-bag job. ================================================= 36 Laurelwood Dr Irvine CA 92620-1299 VOX: (714) 544-9727 (home) mnemonic: P1G JIG WRAP ICBM: -117.7621, 33.7275 HTTP: http://68.5.216.23:81 (back up, but not 99.999% reliable) PGP PUBLIC KEY: by arrangement Send plain ASCII text not HTML lest ye be misquoted ------ "Don't 'sir' me, young man, you have no idea who you're dealing with" Tommy Lee Jones, MIB ---- No, you're not 'tripping', that is an emu ---Hank R. Hill --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
