On Tuesday 25 February 2003 19:54, Paul Cooke wrote:
On Tuesday 25 February 2003 00:41, zentara wrote:
If they do try it, they will probably do a very good job of it, since they aren't hackers, they can afford the best programmers.
Hm, well :)
So things would be well hidden, and you would have to be very smart to detect it. Probably alot of assembly level stuff, writing invisible files to empty disk space, and reading it off when you go online. Hmm, sounds like WindowsXP, :-).
Question... how could they do this and still get away with it... they have to provide the source code and it would only take someone to compile the source code and get different code to that supplied in the precompiled binary rpm for the gaff to be blown...
Ken Thompson revealed that he introduced a backdoor into the standard unix login program. This was when unix was open source, before AT&T decided they could make money from selling it. Check out his confession at http://www.acm.org/classics/sep95/ If you have the compiler, and you're good enough, there's nearly nothing you can't do In the end you just have to decide to trust somebody. In my case I have decided to trust SuSE, not because I know them (I don't) but because if I can't trust a reputable company like them, I might as well give up, sell my computers and go live in a cave. Note that this doesn't mean their code is necessarily safe. All code has bugs, and backdoors could be introduced upstream. There's just no way SuSE, or anyone else, could go through every line of code in all their thousands of rpms. But I want to believe that they wouldn't do anything voluntarily, and that they are "on my side" and are struggling to keep their code clean. Anders