zlacker

[parent] [thread] 6 comments
1. shawnz+(OP)[view] [source] 2020-06-05 03:05:55
How do you know the compiler actually compiles the source code to the binary you expect without injecting backdoors? How do you know that the hardware actually follows the instructions in the binary as they are specified?

How do you know you're not living in a computer simulation in which the operators can access your data without any backdoors whatsoever?

replies(6): >>gentry+J >>ta1771+13 >>gfosco+F3 >>drdrey+u5 >>dwheel+g6 >>bawolf+o6
2. gentry+J[view] [source] 2020-06-05 03:11:30
>>shawnz+(OP)
See Reflections on Trusting Trust [1]

[1]: https://www.cs.cmu.edu/~rdriley/487/papers/Thompson_1984_Ref...

3. ta1771+13[view] [source] 2020-06-05 03:34:28
>>shawnz+(OP)
Build it yourself.
4. gfosco+F3[view] [source] 2020-06-05 03:43:37
>>shawnz+(OP)
To make an apple pie from scratch, first you must create the universe. :)
5. drdrey+u5[view] [source] 2020-06-05 04:10:42
>>shawnz+(OP)
That's my point, you can't establish trust by checking everything yourself. So you delegate to other things as an approximation. In this case, Signal seems to be reputable, have competent developers and afaik no history of leaks or malevolence so I would rely on that rather than a half-assed source code review.
6. dwheel+g6[view] [source] 2020-06-05 04:20:52
>>shawnz+(OP)
For countering subverted compilers you can use diverse double-compiling (DDC), see https://dwheeler.com/trusting-trust/
7. bawolf+o6[view] [source] 2020-06-05 04:21:25
>>shawnz+(OP)
With electron microscopes of course!

Cartesian doubt becomes pointless at some point. If you're worried that the deep state has implanted microchips in your brain to prevent you from analyzing signal, it probably doesn't matter because at that point they wouldn't need to hack signal to get to you.

A less snarky and more realistic answer is: threat models and risk assesment. (Non-divine) adversaries generally have limited resources. The limit may be high, but its still there. You can realistically worry about a government coercing a service to hand over keys, because that's easily within their power. On the other hand, having a giant conspiracy-trusting trust style-where every compiler & microchip has a backdoor that is inserted into every tool ever compiled, is a bit unrealistic. It would take thousands of people to be in on it to pull it off, spread across many countries (who hate each other) over at least 50 years. Having that many people, especially academics, keep that type of secret for that long is basically impossible. If they could do that, it would be child's play to have most of the protestors be gov agents, so if you think this is realistic, worry about that first. Anyways, in my judgement governments don't have that kind of power, so its probably not something to worry about.

So, to conclude, estimate the level of power and influence you think your enemies have, and then take steps to rule out the possibilities that your enemies have done the things that are theoretically in their power to do. Start with the possibilities that are most likely multiplied by how bad it would be for you (liklihood*severity = risk)

[go to top]