From: Vlad Stesin <rmiles@Generation.NET>
To: Jim Choate <ravage@einstein.ssz.com>
Message Hash: 98c3f5ca8ac5c514d0adf6f4090a73e90a560d7601b9aa60889d6cb1db0d3d77
Message ID: <Pine.SOL.3.96.981122232742.12779A-100000@sparkle>
Reply To: <199811230327.VAA20072@einstein.ssz.com>
UTC Datetime: 1998-11-23 05:08:13 UTC
Raw Date: Mon, 23 Nov 1998 13:08:13 +0800
From: Vlad Stesin <rmiles@Generation.NET>
Date: Mon, 23 Nov 1998 13:08:13 +0800
To: Jim Choate <ravage@einstein.ssz.com>
Subject: Re: Is Open Source safe? [Linux Weekly News]
In-Reply-To: <199811230327.VAA20072@einstein.ssz.com>
Message-ID: <Pine.SOL.3.96.981122232742.12779A-100000@sparkle>
MIME-Version: 1.0
Content-Type: text/plain
I don't quite understand the logic behind this. The fact that the
program's source is available is itself a proof that there are no
backdoors. Anyone can read the source code and make sure it's OK.
However, this argument does hold against non-OSS. It can even be used to
promote Linux (and other free open-source operating systems), since
someone could distribute some win32 trojans on download.com, tucows.com
and others.
Regards,
--
Vlad Stesin
vstesin@cs.mcgill.ca
On Sun, 22 Nov 1998, Jim Choate wrote:
>
> Forwarded message:
>
> > X-within-URL: http://lwn.net/1998/1119/Trojan.html
>
> > THE TROJAN HORSE
> >
> >
> > Bruce Perens <bruce@hams.com>
> >
> >
> > There's a problem that could very badly effect the public perception
> > of Linux and Open Source. I want people to think about this, and
> > hopefully "head it off at the pass" before it happens.
> >
> > Perhaps it's already on your system today: a trojan-horse program. It
> > might be a game, or more likely a system utility. It's author uploaded
> > it to an FTP archive, where it was then picked up by your favorite
> > Linux distribution, who wrote it onto the CD-ROM that you bought. It
> > works just fine, but hidden away in the program is a special feature:
> > a secret back-door past your system's security.
> >
> > Perhaps the author of this attack is tired of hearing about what great
> > hackers we are, and wants to take us down a notch. He's patient - he
> > will wait until his program is distributed to tens of thousands of
> > Linux systems before he says a word. But say is what he'll do - he's
> > not really interested in breaking into your system. What he wants is
> > the publicity, bad publicity for us, and lots of it. We've left the
> > gates open for this trojan horse. Let's talk about how to close them,
> > and hope we have enough time to solve this problem before our
> > reputation is hurt.
>
> [mnoga tekct oodalyaty]
>
>
> ____________________________________________________________________
>
> Technology cannot make us other than what we are.
>
> James P. Hogan
>
> The Armadillo Group ,::////;::-. James Choate
> Austin, Tx /:'///// ``::>/|/ ravage@ssz.com
> www.ssz.com .', |||| `/( e\ 512-451-7087
> -====~~mm-'`-```-mm --'-
> --------------------------------------------------------------------
>
>
Return to November 1998
Return to “Vlad Stesin <rmiles@Generation.NET>”