:: Re: [DNG] 1,000(?) eyes security Re…
Góra strony
Delete this message
Reply to this message
Autor: Hendrik Boom
Data:  
Dla: dng
Temat: Re: [DNG] 1,000(?) eyes security Re: A Devuan kernel?
On Tue, Jul 10, 2018 at 01:12:58AM +1000, terryc wrote:
> On Mon, 9 Jul 2018 16:48:34 +0200
> Alessandro Selli <alessandroselli@???> wrote:
>
>
> > "Since the beginning of the git era (the 2.6.11 release in 2005), a
> > total of 15,637 developers have contributed to the Linux kernel;
> > those developers worked for a minimum of 1,513 companies."
> >
> > And this lists only those developers and companies who contributed
> > to the official code; it does not list security auditors or
> > developers/companies who work on custom versions of the kernel.
>
> The statement that started the claim was first made by ESR.
> The rebuttal is all the security holes that have been found in the code
> in various applications through out the Linux Epoch.


I'm not at all convince that the security holes constitute a rebuttal.
Methings they could equally be evidence that having all those eyes on
the kernel source code is weeding out such security holes. After all,
do we know how many security holes are detected by no one reading kernel
code?

-- hendrik

>
> However, In support , it beggars disbelief that with all the people
> involved in system/network/whatever security and their monitoring
> software, that AFAIK no one has made or reported any backdoor in the
> linux kernel.
>
> KISS says that it just isn't feasible that all that FOSS software has
> been hacked to prevent the detection of a backdoor.
>
> _______________________________________________
> Dng mailing list
> Dng@???
> https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng