How do you know Wireshark isn't compromised? Further, MS *does* phone home all t... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

flyinRyan on July 15, 2013 | parent | context | favorite | on: Why We Can No Longer Trust Microsoft

How do you know Wireshark isn't compromised? Further, MS does phone home all the time to check for updates and so on. If something extra was hidden in there would we know?

jrabone on July 15, 2013 [–]

Build it from audited source?

As for updates, I imagine if you set up a domain you can run your own WSUS update server, MITM the connection, etc. - and then compare the behaviour with a "regular" home PC.

The problem really is how deep the hole goes - as per Ken Thompson "Reflections on Trusting Trust", 1984.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact