[Cryptography] USB firewall/condom HW/SW

Thierry Moreau thierry.moreau at connotech.com
Mon Mar 13 14:49:31 EDT 2017


On 13/03/17 01:32 PM, Dave Horsfall wrote:
> On Sun, 12 Mar 2017, Henry Baker wrote:
>
> [...]
>
>> Any thoughts?
>
> Only the meta-question of why should we trust it in turn...
>
> Having the source code is no guarantee; look at Ken Thompson's famous
> paper "Reflections on trusting trust" some time.  It's a seminal paper
> that really ought to be mentioned again and again.
>

This paper dates 1984 ...

Well, one might read it the reverse in these days where programmable 
bugs are present everywhere (e.g. try to buy a system board without a 
microphone and network interface microcontroller off-loading the CPU).

So, devices reduced to a single microprocessor implementing an 
elementary security function has a greater potential to be trusted 
merely because it has been programmed by fewer developers.

I did not look at the specifics here. However from the stated mandate, 
it seems to fall in the category I just described.

- Thierry Moreau


More information about the cryptography mailing list