i used to look over Linux source a lot because i was adding my own personal modifications. earlier in my career i looked over the source code of an IBM Mainframe OS called "VM/CMS" which was written in assembly language. making these modifications was my job at my first employer. i would rebuild the modified component and "reboot" to run it.
having the source code is not enough. you have to be sure the binary image you are running is actually derived from that source code. "they" could add spyware but include it only in the binary. if you look over the source "they" give you and believe the binary is safe if the source appears safe, then you are the fool.
you need to build the binary from the source. you also need to have a basis of trust in your assembler, compiler, linker, loader, and where applicable, you interpreter, as well as your OS, to run a system you trust.
there may be segments of source code that no one is reading. but the developers probably don't know which code is not read, so they need to act straight in all of it. most proprietary code is not read.
this evening's "CBS Evening News" (in USA) had a news story about a lady who received $10000 from a company by responding to a clause written on page 7 of the fine print of some product she bought which said that the first person to email them at a stated address would get $10000. do you read the fine print? when i saw that story, my first thought was about source code. i wonder if any source code might have something like that.
having the source code is not enough. you have to be sure the binary image you are running is actually derived from that source code. "they" could add spyware but include it only in the binary. if you look over the source "they" give you and believe the binary is safe if the source appears safe, then you are the fool.
you need to build the binary from the source. you also need to have a basis of trust in your assembler, compiler, linker, loader, and where applicable, you interpreter, as well as your OS, to run a system you trust.
there may be segments of source code that no one is reading. but the developers probably don't know which code is not read, so they need to act straight in all of it. most proprietary code is not read.
this evening's "CBS Evening News" (in USA) had a news story about a lady who received $10000 from a company by responding to a clause written on page 7 of the fine print of some product she bought which said that the first person to email them at a stated address would get $10000. do you read the fine print? when i saw that story, my first thought was about source code. i wonder if any source code might have something like that.
Tradition is peer pressure from dead people
What do you call someone who speaks three languages? Trilingual. Two languages? Bilingual. One language? American.
What do you call someone who speaks three languages? Trilingual. Two languages? Bilingual. One language? American.
