From mboxrd@z Thu Jan  1 00:00:00 1970
MIME-Version: 1.0
In-Reply-To: <941cc240e9368544f7edceaee74294f4@9srv.net>
References: <CABB-WO9gegFWirXjQhAK0g9vNHn=W2+vwC+bTvRcRDw7xs096g@mail.gmail.c>
	<941cc240e9368544f7edceaee74294f4@9srv.net>
Date: Mon, 25 Feb 2013 19:49:36 +1100
Message-ID: <CAJQxxwmxSgfOiKsbkcNmB2Lt79ZW804SF6fGFEMxS0O1J1g5SA@mail.gmail.com>
From: Bruce Ellis <bruce.ellis@gmail.com>
To: Fans of the OS Plan 9 from Bell Labs <9fans@9fans.net>
Content-Type: multipart/alternative; boundary=089e010d867ae5345b04d6889e26
Subject: Re: [9fans] What's up with $home? And a security question.
Topicbox-Message-UUID: 1eacd042-ead8-11e9-9d60-3106f5b1d025

--089e010d867ae5345b04d6889e26
Content-Type: text/plain; charset=UTF-8

if you can't trust a cpu server don't use it. applies to carbon based
life-forms too.


On 25 February 2013 00:29, <a@9srv.net> wrote:

> Cinap mostly covered this, but yeah: if you don't trust the
> system you're connecting to, cpu isn't really safe[1]. But
> then, neither is anything else: even the simplest service
> (say, telnet) can be trivially bugged with things like key
> loggers if the remote side's untrustworthy.
>
> If you've not read it, you (and everyone else in CS) should
> read "Reflections on Trusting"[1], by Ken Thompson,
> describing how he bugged the login program and then
> made it roughly undetectable. Things like cpu's -P can
> help in a sense, but at some point it comes down to
> trusting the humans on the remote end.
>
> [1]     http://cm.bell-labs.com/who/ken/trust.html
>
>
>

--089e010d867ae5345b04d6889e26
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr">if you can&#39;t trust a cpu server don&#39;t use it. appl=
ies to carbon based life-forms too.</div><div class=3D"gmail_extra"><br><br=
><div class=3D"gmail_quote">On 25 February 2013 00:29,  <span dir=3D"ltr">&=
lt;<a href=3D"mailto:a@9srv.net" target=3D"_blank">a@9srv.net</a>&gt;</span=
> wrote:<br>
<blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1p=
x #ccc solid;padding-left:1ex">Cinap mostly covered this, but yeah: if you =
don&#39;t trust the<br>
system you&#39;re connecting to, cpu isn&#39;t really safe[1]. But<br>
then, neither is anything else: even the simplest service<br>
(say, telnet) can be trivially bugged with things like key<br>
loggers if the remote side&#39;s untrustworthy.<br>
<br>
If you&#39;ve not read it, you (and everyone else in CS) should<br>
read &quot;Reflections on Trusting&quot;[1], by Ken Thompson,<br>
describing how he bugged the login program and then<br>
made it roughly undetectable. Things like cpu&#39;s -P can<br>
help in a sense, but at some point it comes down to<br>
trusting the humans on the remote end.<br>
<br>
[1] =C2=A0 =C2=A0 <a href=3D"http://cm.bell-labs.com/who/ken/trust.html" ta=
rget=3D"_blank">http://cm.bell-labs.com/who/ken/trust.html</a><br>
<br>
<br>
</blockquote></div><br></div>

--089e010d867ae5345b04d6889e26--