[Cryptography] how reliably do audits spot backdoors?

Jerry Leichter leichter at lrw.com
Thu Dec 26 14:50:52 EST 2013


On Dec 26, 2013, at 10:12 AM, Phillip Hallam-Baker <hallam at gmail.com> wrote:
> Stability of installation packages is a lot more important than many developers imagine.
> 
> Mosaic was not the first Web browser. It wasn't even one of the first dozen. What set it apart was that it worked without the need for the installer to spend hours fixing it first. Today that is reasonably common but in 1992 it was revolutionary. 
> 
> I recently tried to install the IETF tool for writing in their stupid documentation format and found that the code would not run because it needed another package. Python suffers from the same dll hell idiocy as Windows used to before people started to get a clue and realize that shared object libraries are not your friend....
The solution to this problem in large parts of the commercial world these days is the virtual appliance.  Why screw around getting the user's copy of Windows or Linux configured just as you need it?  Give him a VM image all properly configured and have him just boot it.

MacOS has done this in a weak way through its application bundles for years.  Mac applications never have dependencies you have to resolve - what you see as foo.app is actually a (hidden, unless you choose to unhide it) directory within which live the executable and all the libraries and config files and basic data - e.g., message files in multiple languages.  Sure, you end up with tons of copies of some common pre-requisite libraries, probably in multiple versions; the Sparkle automatic updating framework probably lives in half the third party application bundles on a Mac user's disk.  But who cares?  Relative to code sizes, disk space is free these days, and the developer then knows you're running against exactly the libraries he built against.

For a consumer OS, this is "good enough" isolation - and a hell of a lot better than the DLL hell of Windows or any of the Linux package managers.  It's not, of course, nearly as complete a solution as the virtual appliance.

Virtual appliances *typically* come as closed-source solutions, but there's no reason you couldn't package up the sources, and even the full build environment, inside the appliance.
                                                        -- Jerry

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4813 bytes
Desc: not available
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20131226/5f252d0b/attachment.bin>


More information about the cryptography mailing list