[Cryptography] GHCQ Penetration of Belgacom

Phillip Hallam-Baker phill at hallambaker.com
Wed Dec 17 12:09:04 EST 2014

On Tue, Dec 16, 2014 at 12:34 AM, Christian Huitema <huitema at huitema.net>
> > China has it, why wouldn't the NSA?
> >
> >
> http://news.cnet.com/China-to-view-Windows-code/2100-1007_3-990526.html
> I bet you they also have access to the Linux source code.

Ah but does China have access to the same source as the NSA?

Not suggesting that they don't. But establishing a means to prove that they
do could be an interesting challenge. And given the reported impact of
Snowden on Cisco's sales, possibly one that is commercially important. In
the post-PRISM age, every vendor is having to prove that it is not peddling
wares with backdoors for their local spy agency.

You would need to either provide a build chain that allows them to confirm
the executables they run were generated from the source provided or you
would need some Certificate Transparency log type solution, or maybe both.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20141217/5e0d895d/attachment.html>

More information about the cryptography mailing list