Guaranteeing running code is signed

Jerry James loganjerry at gmail.com
Tue May 12 20:04:49 UTC 2009


On Tue, May 12, 2009 at 1:54 PM, Matthew Woehlke
<mw_triad at users.sourceforge.net> wrote:
> Indeed. (I've read stuff about military testing microchips to verify that
> the circuitry is correct. Forget flash, eeprom, even rom; do you trust the
> fab plant that built your CPU?)

I highly recommend reading Ken Thompson's scenario:

http://cm.bell-labs.com/who/ken/trust.html
-- 
Jerry James
http://www.jamezone.org/




More information about the fedora-devel-list mailing list