[hipl-dev] Re: binary packaging
- From: Diego Biurrun <diego@xxxxxxxxxx>
- To: hipl-dev@xxxxxxxxxxxxx
- Date: Wed, 10 Nov 2010 18:35:25 +0100
On Sat, Nov 06, 2010 at 03:15:58PM +0200, Miika Komu wrote:
>
> On 11/05/2010 07:17 PM, Diego Biurrun wrote:
>> On Fri, Nov 05, 2010 at 07:01:32PM +0200, Miika Komu wrote:
>>>
>>> please elaborate? What is wrong with the crypto in HIPL?
>>
>> Hopefully nothing, but I would not bet :)
>
> while I think it would nice to have e.g. a static analysis on HIPL code,
> I would suggest to keep such remarks to yourself until you have
> something solid to point at. You have bad habit of seeing the devil
> everywhere you go >)
I disagree completely. Software in general should not be trusted without
a thorough review and/or audit, crypto routines doubly so. This applies
to any sort of security measure. Banks don't assume that their security
is sufficient until somebody breaks in, they have experts check.
This not only applies to software, it's the same in e.g. construction.
The statics calculations for complex buildings are not trusted, they are
doublechecked by independent experts.
Nothing of the sort has ever happened with HIPL, so trusting it to handle
security-relevant things is foolish.
I'll also note that this semi-rant comes after discussions on the subject
with Stefan, who found numerous issues in HIPL at a quick glance. There
is no indication that we will run out of such opportunities for bug
discovery any time soon.
If you disagree, we can make a HIPL bug hunt challenge and give prizes
out for discovering bugs, could be a lot of fun :)
Diego
Other related posts:
