1 |
As the line in that favorite song goes "Paranoia strikes deep"... |
2 |
|
3 |
<NOTE> |
4 |
I am NOT trying to start ANY political discussion here. I hope no one will |
5 |
go too far down that path, at least here on this list. There are better |
6 |
places to do that. |
7 |
|
8 |
I am also NOT suggesting anything like what I ask next has happened, either |
9 |
here or elsewhere. It's just a question. |
10 |
|
11 |
Thanks in advance. |
12 |
</NOTE> |
13 |
|
14 |
I'm currently reading a new book by Glen Greenwald called "No Place To |
15 |
Hide" which is about Greenwald's introduction to Edward Snowden and the |
16 |
release of all of the confidential NSA documents Snowden acquired. This got |
17 |
me wondering about Gentoo, or even just Linux in general. If the underlying |
18 |
issue in all of that Snowden stuff is that the NSA has the ability to |
19 |
intercept and hack into whatever they please, then how do I know that the |
20 |
source code I build on my Gentoo machines hasn't been modified by someone |
21 |
to provide access to my machine, networks, etc.? |
22 |
|
23 |
Essentially, what is the security model for all this source code and how do |
24 |
I verify that it hasn't been tampered with in some manner? |
25 |
|
26 |
1) That the code I build is exactly as written and accepted by the OS |
27 |
community? |
28 |
|
29 |
2) That the compilers and interpreters don't do anything except build the |
30 |
code? |
31 |
|
32 |
There's certainly lots of other issues about security, like protecting |
33 |
passwords, protecting physical access to the network and machines, root |
34 |
kits and the like, etc., but assuming none of that is in question (I don't |
35 |
have any reason to think the NSA has been in my home!) ;-) I'm looking for |
36 |
info on how the code is protected from the time it's signed off until it's |
37 |
built and running here. |
38 |
|
39 |
If someone knows of a good web site to read on this subject let me know. |
40 |
I've gone through my Linux life more or less like most everyone went |
41 |
through life 20 years ago, but paranoia strikes deep. |
42 |
|
43 |
Thanks in advance, |
44 |
Mark |