[148687] in cryptography@c2.net mail archive
Re: [Cryptography] how reliably do audits spot backdoors?
daemon@ATHENA.MIT.EDU (Benjamin Kreuter)
Tue Dec 24 23:04:48 2013
X-Original-To: cryptography@metzdowd.com
Date: Tue, 24 Dec 2013 20:48:14 -0500
From: Benjamin Kreuter <brk7bx@virginia.edu>
To: jamesd@echeque.com
In-Reply-To: <52BA3632.7020702@echeque.com>
Cc: cryptography@metzdowd.com
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
--===============6060202588329487588==
Content-Type: multipart/signed; micalg=PGP-SHA512;
boundary="Sig_/2sq9zoCN+Pylm3WzZ7dR27C"; protocol="application/pgp-signature"
--Sig_/2sq9zoCN+Pylm3WzZ7dR27C
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: quoted-printable
On Wed, 25 Dec 2013 11:34:42 +1000
"James A. Donald" <jamesd@echeque.com> wrote:
> > So the fact that it is possible for the sum of two positive
> > integers to be a negative number is idiomatic?
>=20
> To me that is totally intuitive and natural,
1. You just referred to *undefined behavior* as "intuitive."
2. For that to be intuitive, you must have un-learned the first N years
of your mathematics education.
> and I have written code=20
> that takes advantage of this effect (sliding window code) It just=20
> seemed natural to do it that way.
I would have called such code *hard to read*. I understand that in C
such things are common, but I would much rather write code in a
language that forced me to explicitly declare the fact that I am using
modular arithmetic (and what modulus).
> > Nonsense. The UCC entries win points for not be obfuscated or
> > uglified or complicated.
>=20
> Yet they would have instantly failed any code review in which I have=20
> participated. I would not have found the bug, because I would have=20
> tossed back the code on sight.
Great! Now you just need to convince all those other developers in the
world, whose code you are not directly overseeing, to do the same.
> Whenever you attempt to do a project in "high level code", the
> project becomes ninety percent complete in much less time than when
> you do it in C++, and then remains ninety percent complete forever.
I think this is demonstrably false, given the numerous feature-complete
projects written in high-level languages.
=20
> You get the higher level language problem that the libraries are=20
> slightly different on each machine, which results in nightmare=20
> installations.
Are you claiming that the situation is worse than it is in C?
> Doubtless you can audit your code faster, but can you=20
> audit all those installations and libraries?
How is C any different in this regard? You still need to audit all
those libraries that your C code depends on.
> If you have one high level program using a library, and another high=20
> level program using that same library, there is, with remarkable=20
> frequency, a way for the one high level program to screw over the
> other high level program.
I am not even sure what it is that you are referring to here.
-- Ben
--=20
Benjamin R Kreuter
KK4FJZ
--
"If large numbers of people are interested in freedom of speech, there
will be freedom of speech, even if the law forbids it; if public
opinion is sluggish, inconvenient minorities will be persecuted, even
if laws exist to protect them." - George Orwell
--Sig_/2sq9zoCN+Pylm3WzZ7dR27C
Content-Type: application/pgp-signature; name=signature.asc
Content-Disposition: attachment; filename=signature.asc
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.14 (GNU/Linux)
iQIcBAEBCgAGBQJSujliAAoJEP3W2K8t6K+j/dMP/iDa5mJxkxcEYFr1bNNffGKC
3U/joWgGK5HaymWx42AlyB7DpmZ2r0kPUooBJAvIGFvXn/nxSMv0x9orpwFhe8hf
FNMwkJ4IWqqWtVse1LnOL6c2NU/iBMinWh2ousaR/7Qdi30aO6oYvBwVCKG7lgVc
jRCyO44X+u12WG2mu+L+QBdRBCOqY6+Fb28v9jnB1RyZeRro83nF4JMDRQmGrZ4l
NffNh9/dnLGuQm6njJVPlzSFMf3q5t5owziel1gH4KZ8vVChc6a4rUC3+4xDAeXK
Iy9qsAO4JbtV0jnlAwR/SEx6u+3yK5DHzsCK/iQAZKTuOrMYcovxegh7GDN1+VdS
MlIqpeR4Gx/zDPX1KcWOAmEVtAdadfOjCjpd1A3H/4/mGPbwzBw4Levgs1kD92dc
gBgU5QiUw/JTgapFVHhZXYrdvzd5Ox7Ju3r+lTUnrZ9l3RObhaNu7z9fMv2iUo86
v+t8l5hMye6tV7NxwUN2nhyah9ViKUymHcKBnMPMC5niG9WPckAdjESLw+lol5VT
TZ1KF/4Yn4vAcjYpYUCLyjEri2ujoWrl2sN+UNo73X1nk9LPCCSvzo2HQObpfCVC
dZ+ZkQHqVo8WyStr1gcyD0c+lx5/kV1tlRFJN00KmzQ+RmoT9iZsz5zInn8mYaaW
81Aaeh6t/9bF7UAWH+Ty
=FSFO
-----END PGP SIGNATURE-----
--Sig_/2sq9zoCN+Pylm3WzZ7dR27C--
--===============6060202588329487588==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
--===============6060202588329487588==--
