1 |
With you having to compile thousands of stuffs if you build from stage 1, I |
2 |
doubt that you will be able to verify every single thing you compile and |
3 |
detect if something is actually doing sneaky stuff AND still have the time |
4 |
to enjoy your system. Also, even if you build from stage 1 and manage to |
5 |
verify all the source code, you still need to download a precompiled |
6 |
compiler which could possibly inject the malicious code into the programs |
7 |
it compiles, and which can also inject itself if you try to compile another |
8 |
compiler from source. If there is a single software that is worth a gold |
9 |
mine to inject with malware to gain illicit access to all Linux system, |
10 |
then it would be gcc. Once you infect a compiler, you're invincible. |
11 |
|
12 |
Also, did you apply the same level of scrutiny to your hardware? |
13 |
|
14 |
For the truly paranoid, I recommend unplugging. |