[Cryptography] USB firewall/condom HW/SW
Thierry Moreau
thierry.moreau at connotech.com
Mon Mar 13 14:49:31 EDT 2017
On 13/03/17 01:32 PM, Dave Horsfall wrote:
> On Sun, 12 Mar 2017, Henry Baker wrote:
>
> [...]
>
>> Any thoughts?
>
> Only the meta-question of why should we trust it in turn...
>
> Having the source code is no guarantee; look at Ken Thompson's famous
> paper "Reflections on trusting trust" some time. It's a seminal paper
> that really ought to be mentioned again and again.
>
This paper dates 1984 ...
Well, one might read it the reverse in these days where programmable
bugs are present everywhere (e.g. try to buy a system board without a
microphone and network interface microcontroller off-loading the CPU).
So, devices reduced to a single microprocessor implementing an
elementary security function has a greater potential to be trusted
merely because it has been programmed by fewer developers.
I did not look at the specifics here. However from the stated mandate,
it seems to fall in the category I just described.
- Thierry Moreau
More information about the cryptography
mailing list