[Linux-aus] Google Linux OS coming..

Daniel Pittman daniel at rimspace.net
Wed Jul 15 11:08:21 EST 2009


Aníbal Monsalve Salazar <anibal at debian.org> writes:
> On Sat, Jul 11, 2009 at 06:59:44PM +0930, Barry Williams wrote:
>
>>I severely doubt that google will include malware in its OS which it
>>claims they will release completely open source which would require the
>>source code for supposed malware be released which I am sure will be
>>scrutinised by many a hacker as there will be great interest in the
>>Google OS and there are many worried about Google's monopoly. I also
>>assume there is a way to test that the source code you scrutinise
>>compiles and provides exactly the same as the binaries you download or
>>the image that may be released on netbooks to come
>
> A similar scenario to the one described above happened before google and
> it went unnoticed for some time.
>
> http://orkinos.cmpe.boun.edu.tr/~kosar/ken/index.html
>
> You probably haven't read "Reflections on Trusting Trust" by Ken Thompson,
> one of the original designers of UNIX. The trojan he talks about in his
> article was actually in the UNIX C compiler.

Hypothetically in the UNIX C compiler; this was a gedankenexperiment rather
than a practical exploitation of a vulnerability.

You might find the airforce assessment of Multics, and their experience with
embedding a designed vulnerability into the code, a more educational example,
not least because Multics is *still* more secure by design that most modern
operating systems:

http://www.airpower.maxwell.af.mil/airchronicles/aureview/1979/jan-feb/schell.html

Regards,
        Daniel

-- 
✣ Daniel Pittman            ✉ daniel at rimspace.net            ☎ +61 401 155 707
               ♽ made with 100 percent post-consumer electrons



More information about the linux-aus mailing list