[ale] China chooses FreeBSD as basis for secure OS

[Joe Knapka]

On Wed, Oct 13, 2010 at 11:57 AM, Charles Shapiro
<hooterpincher at gmail.com> wrote:
> Sure. All you need is source to the compiler they're using, and you
> only need that once.  Ken Thompson described it first.


This is an important and under-appreciated point.  If you don't audit
every single line of source in the entire system and build everything
from a compiler you wrote yourself by keying it into a front panel,
there are no absolute guarantees of security.  Even hardware could
potentially be corrupted in the manner described -- although that
would be really difficult, it's not impossible.  And initiatives like
the "Trusted Computing Base" would make it a lot easier.

As an aside, y'all've read Cory Doctorow's "Little Brother", right?

http://craphound.com/littlebrother/

-- JK