Linked by Thom Holwerda on Sat 4th Mar 2006 17:27 UTC, submitted by Tyr.
Windows A Microsoft developer and cryptographer responded in his blog to a news story by the BBC about the problems strong encryption built into Vista might cause for law enforcement. "Over my dead body," he said, regarding the possibilty of including a law-enforced backdoor in Vista.
Permalink for comment 101488
To read all comments associated with this story, please click here.
RE[5]: Lame
by Deviate_X on Sun 5th Mar 2006 09:49 UTC in reply to "RE[4]: Lame"
Member since:

rayiner: "The ability to compile the code (with a trusted compiler) is a requirement for being able to verify that the binaries you deploy match byte for byte the code produced by compiling"

(1) Rayiner you obviously don't understand what you are talking about - two different compilers will invariably produce two different binaries - this is because different compilers use different compilation strategies - this is obvious to any software developer.

If you then use the same compiler(s) as microsoft how will you know that the compiler hasn't inserted bad code?

If both use GCC, then you won't be comparing against the original binary.

If you use GCC, you binaries will be different because the compilers are different and how do you know the compiler didnít insert bad code anyway?

The GNU project servers were compromised for 4 months undetected.,39026594,20277728,00.htm

Truly the only way to verify a binary is to decompile and debug.

(2) Quote: "The kernel code is written primarily in C, with assembly code reserved for those tasks that require the fastest possible code or that really heavily on the capabilities of the processor" - Inside NT Kernel Architecture

Edited 2006-03-05 09:54

Reply Parent Score: 2