[148785] in cryptography@c2.net mail archive
Re: [Cryptography] how reliably do audits spot backdoors?
daemon@ATHENA.MIT.EDU (Peter Gutmann)
Fri Dec 27 22:20:24 2013
X-Original-To: cryptography@metzdowd.com
Date: Sat, 28 Dec 2013 13:45:00 +1300
From: Peter Gutmann <pgut001@cs.auckland.ac.nz>
To: brk7bx@virginia.edu, hallam@gmail.com
In-Reply-To: <CAMm+Lwi=5oX_0Ujf26g7fAdhkejcBvp6_6630ArKHFF2qQxkvw@mail.gmail.com>
Cc: cryptography@metzdowd.com, jamesd@echeque.com
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
Phillip Hallam-Baker <hallam@gmail.com> writes:
>I recently tried to install the IETF tool for writing in their stupid
>documentation format and found that the code would not run because it needed
>another package.
That's why you use http://xml.resource.org/. Someone else gets to manage to
dependency hell for you.
>Python suffers from the same dll hell idiocy as Windows used to before people
>started to get a clue and realize that shared object libraries are not your
>friend.
Linux in general seems to suffer from this. It was always amusing seeing
Linux users make fun of Windows because of DLL hell (circa Windows 3.1), but
then go on to create their own depdency tartarus, malbolge, xibalba, naraka,
and sheol. Open-source security tools seem to be particularly bad for this,
the amount of hacking you need to do to get something up and running often
isn't worth the effort.
Peter (yeah, I know, way off-topic).
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
