undefined | Better HN

0 pointsgoodpoint4y ago0 comments

This is an arbitrary definition of inside vs outside. You are implying that employees are trusted and benign and other contributors are high-risk, ignoring than an "outside" contributor might be improving security with bug reports and patches.

For the end user, the threat model is about the presence of a malicious function in some binary.

Regardless if the developers are an informal community, a company, a group of companies, an NGO. They are all "outside" to the end user.

Closed source software (e.g. phone apps) breach user's trust constantly, e.g. with privacy breaching telemetries, weak security and so on.

If Microsoft weakens encryption under pressure from NSA is it "inside" or "outside"? What matters to end users is the end result.

0 comments

dataflow4y ago

The insiders are the maintainers. The outsiders are everyone else. If this is an arbitrary definition to you I... don't know what to tell you.

There's absolutely no reason everyone's threat model has to equate insiders with outsiders. If a stranger on the street gives you candy, you'll probably check it twice or toss it away out of caution. If a friend or family member does the same thing, you'll probably trust them and eat it. Obviously at the end of the day, your concern is the same: you not getting poisoned. That doesn't mean you can (or should...) treat your loved ones like they're strangers. It's outright insane for most people to live in that manner.

Same thing applies to other things in life, including computers. Most people have some root of trust, and that usually includes their vendors. There's no reason they have to trust you and (say) Microsoft employees/Apple employees/Linux maintainers equally. Most people, in fact, should not do so. (And this should not be a controversial position...)

goodpointOP4y ago

The candy comparison is wrong on two levels.

1) Unless you exclusively run software written by close friends both Linux and $ClosedOSCompany are equally "outsiders"

2) I regularly trust strangers to make medicines I ingest any fly airplanes I'm on. I would not trust any person I know to fly the plane because they don't have the required training.

So, trust is not so simple, and that's why risk analysis takes time.

> There's no reason they have to trust you and (say) Microsoft employees/Apple employees/Linux maintainers equally

...and that's why plenty of critical system around the world, including weapons, run on Linux and BSD, especially around countries that don't have the best relations with US.

j / k navigate · click thread line to collapse