On Fri, Dec 17, 2010 at 12:02:59PM -0500, David Liguori wrote: > Isn't a major argument for open-source that any "back-door" would in > principle be visible for all to see--at least all who understand the > code and are willing to test it? In practice it may not be that easy to > find, ... *Shrug*. I've not perused the code, but remember that you have to be looking to find problems; if nobody's doubted the implementation, few have probably examined it in detail . It's certainly not going to be labeled /* Backdoor Here */ It may be as subtle as actually modifying the calculation to have a designed weakness, meaning it wouldn't just be code analysis but cryptanalysis of the encryption--reversing the code to the equation and analyzing *that*. Cheers, -- Dave Ihnat dihnat@xxxxxxxxxx -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
