Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

If you can do it, chances are an attacker can, too. I prefer hardware that won't load unsigned software in such places.


Then use reproducible builds. You inspect the source code, and if it does what it's supposed to, compile it reproducibly, and compare the binary with the official one which has a signature. If they match, then everything is kosher.


Difficult unless the compile tools are free and open source, and the manufacturer documents the exact version of what compiler they're using, and what feature flags are enabled, etc. Otherwise the exact same source code can produce many different binaries, each of which hash differently.

I don't know the solution, but the black box approach we have right now I do not like. As a pilot this is a bit weird for me to say because those systems are also completely proprietary as well, full on black box - and not the d/v recording type. And I'm even wondering if that's overdue for a change as well.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: