Does 5.10 is secure?
I just found how many commits made Huawei into kernel source. This article makes me laugh https://news.itsfoss.com/huawei-kernel-contribution/ here I read
Quote:
Quote:
I am just paranoic about 5.10 kernel and it seems I try to justify my paranoia. Nonetheless it is good to know. Next step will be to allow commits from CIA, NSA, all kind of Russian secret services :D |
So... you're saying "bad things" have been placed inside kernel? Like... what?
Something the maintainers let pass? Any chinese company is owned by chinese government. |
I wouldn't trust Huawei further than I could throw them. But given the way that code is scrutinised and chewed over by the kernel hackers, I doubt if they could smuggle in any really bad stuff.
|
Well, it's not as if it's hard to find what Huawei has "contributed" to the kernel, and it's not like Windows where the average joe can't see what's there and who's "contributed it".
https://git.kernel.org/pub/scm/linux...=200&showmsg=1 It's also not a good idea to be on the bad side of the CCP if you're a Chinese company, even if you're a billionaire. Ask Jack Ma, oh that's right, where is he? |
And you notice that all the contributions made by Huawei seem to have been checked by a member of the kernel team. Personally, I'd trust Huawei over Google and Oracle any day.
|
If, however, you are really worried you might look into using the BSD kernel and THAT security.
|
Quote:
|
Quote:
|
I was thinking little. Huawei also manufactures devices. I think that combination kernel on Huawei device can be compromised. Smartfone - on top is Android in the middle Linux kernel + patches needed device to work. All equipment provided for 5g network. Point here is that people trust Linux. So if device runs Linux - it can be trusted. And it can be very difficult to find connections between device provider and Huawei.
|
Well, that's the firmware, isn't it! It's an old grouse and not only on phones. Computers nowadays come with so many "engines" that the users have no control over whatever. The Linux kernel sits on top of all that and who knows if it is being given correct information, or if its instructions to the hardware are actually executed as intended?
|
All times are GMT -5. The time now is 05:58 AM. |