[Cryptography] how reliably do audits spot backdoors?

[Phillip Hallam-Baker]

Stability of installation packages is a lot more important than many
developers imagine.

Mosaic was not the first Web browser. It wasn't even one of the first
dozen. What set it apart was that it worked without the need for the
installer to spend hours fixing it first. Today that is reasonably common
but in 1992 it was revolutionary.

I recently tried to install the IETF tool for writing in their stupid
documentation format and found that the code would not run because it
needed another package. Python suffers from the same dll hell idiocy as
Windows used to before people started to get a clue and realize that shared
object libraries are not your friend.


If a program links to 3 packages that each have three versions then you
have 27 variations of the package to regression test. Setting up a machine
so that it could do the tests is a major undertaking that is error prone in
itself.

This is why I don't like plug-ins. Nobody is going to test the interactions
between them all. Besides which, UI code is nearly impossible to automate
testing on.


The way I avoid these issues is that I always static link to non-platform
code, always. The idea that shared object is useful on a machine with 4Gb
of memory is just stupid. And the machine would have a lot more memory if
it was not due for replacement and the motherboard won't actually accept
any more (waiting for the next Intel release).

.NET addresses the problem with strong assemblies. You can link against a
very specific version of the code.

Which is why I plan to eventually spend some time cutting OpenSSL down to
only provide the algorithms I actually use and support. The only symmetric
algorithms I plan to use are AES and 3DES so the rest all go. I don't plan
to use ECC so that goes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20131226/0d68d3e7/attachment.html>