lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <20040527095522.GB3901@elvander.otherlands.net>
From: Azerail at supersecretninjaskills.com (Azerail)
Subject: Cisco's stolen code

On Tue, 25 May 2004, Tobias Weisserth wrote:

> Hi Brian,
> 
> On Tue, 2004-05-25 at 17:28, Brian Toovey wrote:
> ..
> For me, breaking laws is NOT acceptable under ANY circumstance. I hope
> the majority of people on this list is with me on this.

I'm coming into this thread late, my apologies, but I had to address
the above.  It may very soon be illegal to even *talk* about things
like this.  Attitudes like your's are what fosters computer insecurity
and social passivity in general.  Breaking laws IS acceptable in MANY
circumstances.  DeCSS, the DCMA and other examples serve to illustrate
this.  In other words, you can stick your tail between your legs if
you want, I won't. 

> You can't improve security by breaking laws.

Wanna bet?

> This renders this list and everybody posting here untrustworthy.

As if that wasn't already the case.

> If you want to audit code then stick to the code that is released under
> licenses that allow public code auditing. Don't even think to look at
> code that hasn't be released under an open license. Maybe this will
> motivate more vendors to license their products under an Open Source
> license.

Actually, this is incredible naive.  The only thing that will be
promoted is the penalties attached to the licenses that the vendors
will release their code under.  You have to understand, vetting code
for security flaws takes time and resources.  If most companies can
get away with not doing so, they will.

Azerail

-- 
It is easy when we are in prosperity to give advice to the afflicted.
                -- Aeschylus

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ