Path: csiph.com!v102.xanadu-bbs.net!xanadu-bbs.net!feeder.erje.net!eu.feeder.erje.net!newsfeed.xs4all.nl!newsfeed1.news.xs4all.nl!xs4all!newsgate.cistron.nl!newsgate.news.xs4all.nl!post.news.xs4all.nl!not-for-mail
Return-Path: <torriem+gmail@torriefamily.org>
X-Original-To: python-list@python.org
Delivered-To: python-list@mail.python.org
X-Spam-Status: OK 0.014
X-Spam-Evidence: '*H*': 0.97; '*S*': 0.00; 'say,': 0.05; 'subject:Python': 0.06; 'compiler': 0.07; 'detect': 0.07; 'elegant': 0.07; 'intel': 0.07; 'inserted': 0.09; 'binary,': 0.16; 'chip': 0.16; 'from:addr:torriem': 0.16; 'from:name:michael torrie': 0.16; 'nsa': 0.16; 'stepping': 0.16; 'wrote:': 0.18; 'header:User-Agent:1': 0.23; 'certainly': 0.24; 'nearly': 0.26; 'header:In-Reply-To:1': 0.27; 'am,': 0.29; "doesn't": 0.30; 'originally': 0.30; 'code': 0.31; 'with,': 0.31; 'quite': 0.32; 'level.': 0.33; 'maybe': 0.34; 'problem.': 0.35; 'beyond': 0.35; 'but': 0.35; 'really': 0.36; '(we': 0.36; 'subject:?': 0.36; 'level': 0.37; 'system,': 0.38; 'message-id:@gmail.com': 0.38; 'same.': 0.38; 'to:addr:python-list': 0.38; 'to:addr:python.org': 0.39; 'received:org': 0.40; 'subject:Can': 0.60; 'gone': 0.61; 'computers': 0.72; 'secret': 0.74; '*really*': 0.84; 'territory': 0.84; 'territory,': 0.84; 'ago!': 0.93; 'tough': 0.93
X-Virus-Scanned: amavisd-new at torriefamily.org
Date: Mon, 09 Sep 2013 10:23:22 -0600
From: Michael Torrie <torriem@gmail.com>
User-Agent: Mozilla/5.0 (X11; Linux i686; rv:10.0.12) Gecko/20130105 Thunderbird/10.0.12
MIME-Version: 1.0
To: python-list@python.org
Subject: Re: Can I trust downloading Python?
References: <CAOO2PexT3XagV4u7ScDiZgifZjzapt9cem9W+3Bag1CBrsnMpA@mail.gmail.com> <mailman.150.1378609508.5461.python-list@python.org> <522c6e4e$0$29988$c3e8da3$5496439d@news.astraweb.com> <XsSdnZfDdPBCPbHPnZ2dnUVZ_vidnZ2d@earthlink.com> <mailman.156.1378658357.5461.python-list@python.org> <522d97e1$0$29893$c3e8da3$5496439d@news.astraweb.com> <522DAABA.6040307@gmail.com>
In-Reply-To: <522DAABA.6040307@gmail.com>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
X-BeenThere: python-list@python.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: General discussion list for the Python programming language <python-list.python.org>
List-Unsubscribe: <https://mail.python.org/mailman/options/python-list>, <mailto:python-list-request@python.org?subject=unsubscribe>
List-Archive: <http://mail.python.org/pipermail/python-list/>
List-Post: <mailto:python-list@python.org>
List-Help: <mailto:python-list-request@python.org?subject=help>
List-Subscribe: <https://mail.python.org/mailman/listinfo/python-list>, <mailto:python-list-request@python.org?subject=subscribe>
Newsgroups: comp.lang.python
Message-ID: <mailman.183.1378743819.5461.python-list@python.org>
Lines: 15
NNTP-Posting-Host: 2001:888:2000:d::a6
X-Trace: 1378743820 news.xs4all.nl 16000 [2001:888:2000:d::a6]:43688
X-Complaints-To: abuse@xs4all.nl
Xref: csiph.com comp.lang.python:53875

On 09/09/2013 05:02 AM, Anthony Papillion wrote:
> But (and this is stepping into *really* paranoid territory here. But
> maybe not beyond the realm of possibility) it would not be so hard to
> compromise compilers at the chip level. If the NSA were to strike an
> agreement with, say, Intel so that every time a compiler ran on the
> system, secret code was discreetly inserted into the binary, it would be
> nearly impossible to detect and a very elegant solution to a tough problem.

Indeed it is really paranoid territory, but now doesn't seem quite as
far fetched as one originally thought a few years ago!  We'll still
trust (we have to; we have no other choice), but the level of trust in
computers in general has certainly gone down a notch and will never
quite be the same.