[linux-elitists] Surveillance

Greg KH greg at kroah.com
Sat Sep 7 21:14:31 PDT 2013


On Sat, Sep 07, 2013 at 05:11:33PM -0700, Don Marti wrote:
> begin Greg KH quotation of Sat, Sep 07, 2013 at 09:37:42AM -0700:
> > On Sat, Sep 07, 2013 at 09:03:35AM -0700, Seth David Schoen wrote:
> > > Greg KH writes:
> 
> > I'm still confused about Don's original point here, what exactly is it?
> 
> I don't know.

Fair enough, so, given the news over the past months, what do you
suggest that we do to help address the issues raised?

Reproducable builds is one good thing, that can be done, and distros
should work on that if they wish to give some type of assurances to
their users.

A number of people have been tirelessly working on auditing our bodies
of code, putting into place checks to prevent errors, once they have
been fixed, to come back.  Static code analysis is good to do, and is
a big step in the right direction.

But what else needs to be worked on?  What gaps do people feel we have
that are cauing problems that we can solve with technological measures,
not just legal ones?

greg k-h


More information about the linux-elitists mailing list