18 Mar
2015
18 Mar
'15
3:34 p.m.
On Wed, 2015-03-18 at 10:59 -0400, R. Russell Reiter wrote:
Compiling trusted code in a trusted
environment and then signing it and using secure boot to validate the signed binary and running it does make sense, but compiling multiple times does not.
I dislike the term secure and prefer trust myself however the demands of enterprise are different than my own. The number of compiles is related to the number of boots again IMHO, this is far less of a problem than you would make it out to be.
Ken Thompson's classic Turing Award lecture: <http://cm.bell-labs.com/who/ken/trust.html> Trust is not cheap. If it looks cheap it may just be gullibility. Mel.