|
|
|
|
|
|
by Canada
3539 days ago
|
|
|
Forget the aop store. How do we know Google, Apple, Microsoft, Ubuntu, etc doesn't give us a malicious kernel update? I don't think we have good solutions for the problem of malicious updates in general. The only one I can think of is a trusted hypervisor that hashes memory in the guest and reports on it. And even then, how do we trust that? |
|
|
So what do you do? It comes back to making sure that 'they' can only hack some of the people all the time, and all of the people some of the time. It's preventing them hacking all the people all the time I worry about.