Become a fan of Slashdot on Facebook


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 Internet speed test! ×

Comment Re:Ken Thompson, Anyone? (Score 1) 472

A quick and dirty fix to such compiler attacks could be to have proper network watchdogs setup, and paying attention to the logs they generate.

For example, init and login should not be accessing the network! Of course one can go one step deeper and inspect all file-handles opened by all the process. As a process can write stuff to a hidden log (and indeed memory!), and then some ok-looking process can fire up and do the actual net transfer. etc

Of course, this would have to be a hardened kernel level module.

So a little extra vigilance can take care of such attacks. But the crypto-weakening attacks don't seems to be so straight forward to manage. imho.

Comment Re:At this point (Score 1) 4

My point is not to compare FOSS with the rest of the closed source stuff. FOSS definitely has an advantage with the "many eyes" effect etc. But that still does not guarantee that the 'control freaks' wont be able to sneak in something sinister into a benign looking app in an major Linux distro. Question is whether the FOSS community would go through some sort of SOP yet again for 'driving out these demons'.

Submission + - Linux health given the reveletion of NSA crypto-subverting attacks? 4

deepdive writes: I have a basic question. What is the privacy/security health of the Linux kernel (and indeed other FOSS OS's) given all the recent stories about the NSA going in and deliberately subverting various parts of the privacy/security sub-systems. Basically, can one still sleep soundly thinking that the most recent latest/greatest ubuntu/opensuse/what-have-you distro she/he downloaded is still pretty safe. Or do people need to get a little worried and start burning some extra night oil over this?

Slashdot Top Deals

Economists can certainly disappoint you. One said that the economy would turn up by the last quarter. Well, I'm down to mine and it hasn't. -- Robert Orben