[Mono-list] bootstrapping mono with free software?
Tue, 23 Mar 2004 13:30:55 -0500
> A solution to this problem would be to have the ability to bootstrap the
> mono environment from a verifiable source.
Or even easier, install from a verified source like red carpet ;-)
Simplicity is security's friend.
> since the cscc compiler is written in c and the
> system bootstraps from a standard c environment without any binary code.
Let's get recursive...
- your C compiler is (most) probably in binary code, if not
- you must compile/assemble your C compiler from source using
- using physical switch to input binary data;
- damn I forgot I don't have the source to my BIOS, nor the plans for my CPU
Security is based on trust. Somewhere you must either
(a) draw a line where you begin to trust the system (and you're free to
choose where to draw it); or
(b) use a "wireless brick"(tm) as your computer.
Personally I fear a lot more about "honest bugs" that cause security