[Cryptography] how reliably do audits spot backdoors?

Benjamin Kreuter brk7bx at virginia.edu
Tue Dec 24 20:48:14 EST 2013 

On Wed, 25 Dec 2013 11:34:42 +1000
"James A. Donald" <jamesd at echeque.com> wrote:

> > So the fact that it is possible for the sum of two positive
> > integers to be a negative number is idiomatic?
> 
> To me that is totally intuitive and natural,

1. You just referred to *undefined behavior* as "intuitive."

2. For that to be intuitive, you must have un-learned the first N years
   of your mathematics education.

> and I have written code 
> that takes advantage of this effect (sliding window code)  It just 
> seemed natural to do it that way.

I would have called such code *hard to read*.  I understand that in C
such things are common, but I would much rather write code in a
language that forced me to explicitly declare the fact that I am using
modular arithmetic (and what modulus).

> > Nonsense.  The UCC entries win points for not be obfuscated or
> > uglified or complicated.
> 
> Yet they would have instantly failed any code review in which I have 
> participated.  I would not have found the bug, because I would have 
> tossed back the code on sight.

Great!  Now you just need to convince all those other developers in the
world, whose code you are not directly overseeing, to do the same.

> Whenever you attempt to do a project in "high level code", the
> project becomes ninety percent complete in much less time than when
> you do it in C++, and then remains ninety percent complete forever.

I think this is demonstrably false, given the numerous feature-complete
projects written in high-level languages.
 
> You get the higher level language problem that the libraries are 
> slightly different on each machine, which results in nightmare 
> installations.

Are you claiming that the situation is worse than it is in C?

>  Doubtless you can audit your code faster, but can you 
> audit all those installations and libraries?

How is C any different in this regard?  You still need to audit all
those libraries that your C code depends on.

> If you have one high level program using a library, and another high 
> level program using that same library, there is, with remarkable 
> frequency, a way for the one high level program to screw over the
> other high level program.

I am not even sure what it is that you are referring to here.

-- Ben



-- 
Benjamin R Kreuter
KK4FJZ

--

"If large numbers of people are interested in freedom of speech, there
will be freedom of speech, even if the law forbids it; if public
opinion is sluggish, inconvenient minorities will be persecuted, even
if laws exist to protect them." - George Orwell
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: not available
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20131224/59adbada/attachment.pgp>

More information about the cryptography mailing list