lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <9AD9D61578B84144912BCB44CBEF9EAD0700E927@usnssexc03.us.kworld.kpmg.com>
From: kenng at kpmg.com (Ng, Kenneth (US))
Subject: Cisco's stolen code 

Brian: I will give you another good reason to not go near the stolen code.
If you EVER want to work on any project that is even remotely related to
routers, or routing or anything else that Cisco equipment can do, you can
not have touched any of the stolen code, or your code will be suspect.
(Your accounting package has queues?  Cisco IOS has queues (I assume), you
must have copied it.)  Even if your writing the code entirely from scratch,
because you have seen the stolen code, you may be suspect.  Is it unfair?
Definitely.  But this is why the GNU people emphasize staying away from any
licensed source code.

-----Original Message-----
From: full-disclosure-admin@...ts.netsys.com
[mailto:full-disclosure-admin@...ts.netsys.com]On Behalf Of
Valdis.Kletnieks@...edu
Sent: Tuesday, May 25, 2004 12:59 PM
To: Brian Toovey
Cc: VX Dude; full-disclosure@...ts.netsys.com
Subject: Re: [Full-Disclosure] Cisco's stolen code 


On Tue, 25 May 2004 11:28:19 EDT, Brian Toovey <btoovey@...global.com>
said:
> if whitehats dont audit the code, who will?  I find your response more
> ignorant.
Whitehats won't go anywhere near the Cisco code for the same reason they
won't
go near the Windows code - even if they feel morally justified in peeking at
the source code, it's still illegal to do so.  So you need at least a
slightly
gray hat to even consider the idea - so only grey/black hats will benefit.
#include <open-source-is-better-because-whitehats-can-audit-too.h>


*****************************************************************************
The information in this email is confidential and may be legally privileged.
It is intended solely for the addressee. Access to this email by anyone else
is unauthorized. 

If you are not the intended recipient, any disclosure, copying, distribution
or any action taken or omitted to be taken in reliance on it, is prohibited
and may be unlawful. When addressed to our clients any opinions or advice
contained in this email are subject to the terms and conditions expressed in
the governing KPMG client engagement letter.         
*****************************************************************************

Powered by blists - more mailing lists