Can I trust downloading Python?
Michael Torrie
torriem at gmail.com
Mon Sep 9 12:44:33 EDT 2013
On 09/09/2013 10:40 AM, William Ray Wing wrote:
> I think that is pretty far fetched. It requires recognition that a
> compiler is being compiled. I'd be REALLY surprised if there were a
> unique sequence of hardware instructions that was common across every
> possible compiler (current and future) and which wouldn't (couldn't)
> exist in arbitrary non-compiller execution, which could be used to
> trigger insertion of a backdoor.
Agreed. Most of the damage done by the NSA is in the realm of social
engineering more than technical. IE they compromise companies more than
the algorithms themselves. The end points always are the weak things.
And yes, Free software that is open source is more resistant to such
tampering.
More information about the Python-list
mailing list