- TalkBack 7 of 24:
- Next »
- « Previous
- Thread View
- Flat View
- Useless without the ability to reproduce from the buildchain
-
Unless you have access to all the source code to the operating system, drivers, applications and compile/build toolchain, restricted access to the source code provides little in the way of added security.
Harmful code can be inserted at any point in the compile, build and provision processes. Either by accident, eg Microsoft accidentally shiping Nimda in .NET to South Korea ...
http://www.sophos.com/virusinfo/articles/nimda_korea.html
... or by hidden intent ...
http://www.techlawjournal.com/cong106/encrypt/19990928a.htm#weldon1
"But the point is that when John Hamre briefed me, and gave me the three key points of this change, there are a lot of unanswered questions. He assured me that in discussions that he had had with people like Bill Gates and Gerstner from IBM that there would be, kind of a, I don't know whether it's a, unstated ability to get access to systems if we needed it. Now, I want to know if that is part of the policy, or is that just something that we are being assured of, that needs to be spoke. Because, if there is some kind of a tacit understanding, I would like to know what it is."
Without the ability to reproduce each component of the software from scratch to compare with the binary that Microsoft ships, Microsoft's restricted access is effectively useless.
Also the NDA required to access the source code effectively limits peers in the software industry, those with experence in creating competing applications, from viewing the source code from the start.
Pig Iron
http://groups.google.com/groups?selm=slrna4k6r5.jhf.heretic%40heretic.ihug.co.nz - Posted by: David Mohring Posted on: 09/20/04 You are currently: a Guest | Members login | Terms of Use
What do you think?
SponsoredWhite Papers, Webcasts, and Downloads
- Virtualization: Architectural Considerations And Other Evaluation Criteria VMware Of the many approaches to x86 systems virtualization available in the ... Download Now
- The True Costs of Virtual Server Solutions VMware In an economic environment that is repeatedly heralding the message "do ... Download Now
- Open Standards Technologies Provide the Ingredients for Delivering Security Across the Papa Gino's Enterprise Dell Papa Gino's Holdings Corporation founded by the entrepreneur operates one ... Download Now
Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors
- Microsoft Dynamics CRM Online - Free Six-Month Trial for Eligible Organizations
-
Microsoft Dynamics CRM Online provides fast online access, simple contact management and better sales performance for a low monthly cost - the best value on the market today.
- Learn more about the free, six-month trial offer>>
- The more you simplify, the more you save
-
When you transition from your existing Red Hat environment to SUSE Linux Enterprise from Novell, you can recognize dramatic cost savings, perhaps as much 50%
- Learn more >>
- Learn more about tools to grow your business
-
The Business Essentials Guide provides you useful tools and templates to help grow your business and save you time with automated shipping solutions.
- Save time with the UPS Business Essentials Guide
SmartPlanet
- Thought-provoking progressive ideas on diverse topics that intersect with technology, business, and life, and matter to the world at large. Visit SmartPlanet
- More from IBM
-
- How to Drive Better Business Outcomes with Exceptional Web Experiences Download the eBook
- Driving Business Agility through SOA Connectivity & Integration Read the White Paper from IBM
- Linking Decisions and Information for Organizational Performance Read the Tom Davenport study
