On Friday, 15 March 2019 12:04:33 AEDT Robert Brockway wrote: > Free and open source software (FOSS) can be properly audited before use in > sensitive areas. Proprietary software can too under an NDA. Quite a few > organisations have access to the source code of Microsoft Windows for example. > > This gets a bit more complicated when talking about firmware in an access > point but methods exist to verify the binary.
All true, especially re FOSS and firmware. But releases of FOSS or Windows almost certainly contain vulnerabilities, and in any case innocent employees can bring a cute game to work on their memory stick which disguises malware such as Stuxnet. I suppose X-windows terminals and closely-managed hosts would be better. In any case it's a bit ingenuous of Jeremy Mitchell to defend Huawei given the level of Chinese spying on their own citizens via their Social Credit system, which is hardly a model of Renaissance values. Cheers, DL _______________________________________________ Link mailing list [email protected] http://mailman.anu.edu.au/mailman/listinfo/link
