Re: backdoors
Re: backdoors
- Subject: Re: backdoors
- From: Jason Coco <email@hidden>
- Date: Tue, 4 Jan 2011 23:13:20 -0500
The xnu kernel is written in C with little bits of C++ here and there (like the open bits of IO kit). You shouldn't have to worry about any ObjC code. re: the EFI, I think you definition of 'kernel' may be a bit skewed. Also, back doors tend to be things written in the higher-level software that make up an OS, and not in the kernel (like a master-password that the login app always responds to, etc.). Or possibly things like crypto libraries that always embed a second copy of the key in the key-bag which can be decrypted by a private key that the government has, etc.
You can narrow the scope of your search by focusing on any utility that needs be run as uid 0 and the standard crypto libraries (although with Darwin that's OpenSSH which is quite well peer-reviewed).
On Jan 4, 2011, at 23:00 , Esteban Vincenzi wrote:
> hi all,
> do the Darwin kernel has backdoors to any "spy network"? specially interested in backdoors to any .gov's.
>
> not on the mood of solo'ing an audit of ObjC code; specially that there are no decent (or accessible, or known) ObjC references.
>
> if there's EFi, enSUI doesn't require a (traditional) kernel.
>
> ciao tutti,
> SG Vincenzi
> _______________________________________________
> Do not post admin requests to the list. They will be ignored.
> Darwin-dev mailing list (email@hidden)
> Help/Unsubscribe/Update your Subscription:
>
> This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Darwin-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
| References: | |
| | >backdoors (From: Esteban Vincenzi <email@hidden>) |