synth documentation

Thu Feb 11 12:59:48 UTC 2016

On 10.02.2016 18:29, kpneal at pobox.com wrote:
> On Wed, Feb 10, 2016 at 10:11:25AM +0100, John Marino wrote:
>> On 2/10/2016 10:01 AM, Kurt Jaeger wrote:

>> So I guess [A] could say FreeBSD package builder is compromised
>> (intentionally by FreeBSD project or unknown to all due a hacker).  And
>> I guess that could be possible, but the counter is: If you cant' trust
>> packages built by FreeBSD, how can you trust the FreeBSD base not to
>> have a trojan?
>>
>> Which would mean that only the people that *also* build FreeBSD from
>> source would have a leg to stand on.
>>
>> So I will concede that case: If you accept no binaries at all from
>> FreeBSD and only build base and packages from source, then you have a
>> point.  But still the response, "Then don't complain" applies.  It's a
>> conscious decision and consequences of decisions must be accepted.
>
> Well, no, actually there's no end of it.
>
> Can you trust the compiler used to compile FreeBSD from source?
>
> Can you trust your motherboard's firmware to not install patches onto
> FreeBSD after compiling from source? (This is old hat on Windows to make
> it easy for people to get the right drivers from a fresh install of Windows.)
>
> Can you trust the update procedure for your board's firmware?
>
> Can you trust that there isn't a trojan in your CPU's microcode?
>
> Seriously, it never ends. You just have to pick a level and say you trust
> everything below that.

Not "everything below". It is much easier to trust specific parts 
instead of everything below a specific part. You can say i trust the 
assembler part of FreeBSD but not driver X even if both are in the core.
The source of FreeBSD is big and many people are involved. Even when 
trying to get the same high quality for everything this is not possible. 
Not only by the involved person and their various level of trustfulness 
- which does not mean they are suspicious. Many bad thinks happens just 
because of missing knowledge and not because of criminal attempts.
It is also because of the chosen tools including the language. Many very 
low level constructs are not completely testable just because of the 
used language.
Oh - and then there are these languages where many parts are undefined, 
so it is not possible to write a program in a way which is always correct.
The last point is a big advantage of Ada, which is one of the rare 
languages which is nearly completely defined and which compiler is 
tested by "trusted institutions". Of course you can distrust them, but 
in reality you really feel the difference.

Also distrusting in this level is more a philosophical problem. Why 
should i end which the microcode in my CPU? I should distrust every 
doctor, food, institution and person on earth. I should even distrust 
this paper from this unknown guy, which could be just a very good 
disinformation technique. There are multiple ones in this manner. There 
is no guarantee for trust. Maybe i should distrust myself and my 
existence - there are many stories where a human becomes aware that it 
is just a simulation. Or lives in a very big TV-show without knowing. 
You could not know.
But this is wrong. Trust is not something a different 
person/tool/institution/etc offers to me or gained by somebody or 
something. Trust is something i am able to. Of course it would be silly 
to trust everything and everyone. But so is distrusting. You need to 
learn to handle the case of somebody or something misuse your trust. And 
how to raise the barrier for a misusage. This can be learned from 
persons who knows this - and they provide far better quality in various 
parts of our live; for example in source-code ;)

Greetings,
Torsten