[10298] in cryptography@c2.net mail archive
Re: A risk with using MD5 for software package fingerprinting
daemon@ATHENA.MIT.EDU (Ben Laurie)
Mon Jan 28 12:43:55 2002
Message-ID: <3C5545C9.E93615BD@algroup.co.uk>
Date: Mon, 28 Jan 2002 12:36:25 +0000
From: Ben Laurie <ben@algroup.co.uk>
MIME-Version: 1.0
To: David Honig <dahonig@home.com>
Cc: "Arnold G. Reinhold" <reinhold@world.std.com>,
cryptography@wasabisystems.com
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
David Honig wrote:
>
> At 12:07 PM 1/27/02 -0500, Arnold G. Reinhold wrote:
> > if
> >an attacker had an agent working inside the organization that
> >produced the package, the agent could simply insert the Trojan
> >software patch in the original package. However such an insertion is
> >very risky. A sophisticated software company would likely have code
> >reviews that would make introduction of the Trojan code difficult.
>
> Um, right. A good company would have *design* reviews, but would it really
> spend time having skilled engineers review *all* the actual codelines
One of the duties of a person with commit access to an Apache Software
Foundation project is, indeed, to review _all_ commits to that package.
Admittedly any particular individual will sometimes only glance at the
commit, but bugs are picked up at this stage with such regularity that I
am confident that the vast majority of commits are, in fact, reviewed.
I believe this practice is pretty common in free software.
Oh, I should note that commits are emailed to all committers, so it does
not require the committers to actively seek out commits to review.
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html http://www.thebunker.net/
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
