[Cryptography] EFF amicus brief in support of Apple

John-Mark Gurney jmg at funkthat.com
Sun Mar 6 17:44:27 EST 2016


Perry E. Metzger wrote this message on Sun, Mar 06, 2016 at 10:33 -0500:
> On Sat, 5 Mar 2016 15:23:18 -0500 grarpamp <grarpamp at gmail.com> wrote:
> > You compute hardware should be completely open.
> > You compute software should be completely open.
> > You should fuse your own keys into your own hardware
> > for software builds you reproducibly build sign and install
> > yourself from distributed opensource software.
> 
> There's no way the average person can build their own software from
> source, and if they could, it still wouldn't say anything interesting
> about the security of the overall system. Indeed, it likely would
> *reduce* the security of the average system that still existed, though
> of course in practice security would rise since no one would be
> performing attacks for money any more since only one in every 5000
> people would have a computer.

The more interesting thing here is reproducable builds... If you get
people you trust to replicate the exact build you've received, you
can build trust that the build hasn't been compromised, but it still
is difficult..

-- 
  John-Mark Gurney				Voice: +1 415 225 5579

     "All that I will do, has been done, All that I have, has not."


More information about the cryptography mailing list