From owner-freebsd-security@FreeBSD.ORG  Thu Aug 10 19:26:52 2006
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
X-Original-To: freebsd-security@freebsd.org
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 4B8B216A4DD
	for <freebsd-security@freebsd.org>;
	Thu, 10 Aug 2006 19:26:52 +0000 (UTC)
	(envelope-from phk@phk.freebsd.dk)
Received: from phk.freebsd.dk (phk.freebsd.dk [130.225.244.222])
	by mx1.FreeBSD.org (Postfix) with ESMTP id DF39D43D4C
	for <freebsd-security@freebsd.org>;
	Thu, 10 Aug 2006 19:26:51 +0000 (GMT)
	(envelope-from phk@phk.freebsd.dk)
Received: from critter.freebsd.dk (critter.freebsd.dk [192.168.48.2])
	by phk.freebsd.dk (Postfix) with ESMTP id 46CC61703F;
	Thu, 10 Aug 2006 19:26:50 +0000 (UTC)
To: Barkley Vowk <bvowk@math.ualberta.ca>
From: "Poul-Henning Kamp" <phk@phk.freebsd.dk>
In-Reply-To: Your message of "Thu, 10 Aug 2006 13:10:43 CST."
	<20060810130331.X94142@3jane.math.ualberta.ca> 
Date: Thu, 10 Aug 2006 19:26:50 +0000
Message-ID: <19518.1155238010@critter.freebsd.dk>
Cc: freebsd-security@freebsd.org,
	=?ISO-8859-1?Q?=22Jos=E9_M=2E_Fandi=F1o=22?= <freebsd4@fadesa.es>
Subject: Re: atheros chips dangerous? 
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Security issues \[members-only posting\]"
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 10 Aug 2006 19:26:52 -0000

In message <20060810130331.X94142@3jane.math.ualberta.ca>, Barkley Vowk writes:
>On Thu, 10 Aug 2006, Poul-Henning Kamp wrote:
>
>> The Atheros driver in FreeBSD is maintained and compiled by Sam Leffler,
>> who has been around since BSD 4.2 in the early eighties sometimes.
>>
>> I trust Sam.
>
>I don't think that quite answers his question however. Its not so much a 
>matter of trusting Sam, but a matter of trusting that Sam had enough 
>access to the binary objects in question to have eliminated the errors in 
>them.

Sam compiled those binaries, he has the source code.

And it is a matter of trust.

Unless you are willing to stand up can swear that you have never
run a single line of code which you have not inspected and throught
about yourself, then you implicitly have to trust the programmer.

-- 
Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
phk@FreeBSD.ORG         | TCP/IP since RFC 956
FreeBSD committer       | BSD since 4.3-tahoe    
Never attribute to malice what can adequately be explained by incompetence.