On Wed, 2015-03-18 at 10:59 -0400, R. Russell Reiter wrote: > Compiling trusted code in a trusted > >environment > >and then signing it and using secure boot to validate the signed binary > >and running it does make sense, but compiling multiple times does not. > > I dislike the term secure and prefer trust myself however the demands of > enterprise are different than my own. The number of compiles is related to > the number of boots again IMHO, this is far less of a problem than you would > make it out to be.
Ken Thompson's classic Turing Award lecture: <http://cm.bell-labs.com/who/ken/trust.html> Trust is not cheap. If it looks cheap it may just be gullibility. Mel. --- Talk Mailing List [email protected] http://gtalug.org/mailman/listinfo/talk
