Hi beth, On 7 Aug 2004 at 14:29, beth spoke, thus:
> Hi, all. If opening the BN to developers for new program invention would > also open us up to viruses, why not forego that? If keeping the BrailleNote closed and proprietary would make discoveries concerning security more difficult, why not foregoe that? > As a potential purchaser, I value security more than development. PDI > can take as long as it needs to for new Keysoft releases, in my book. > Just keep the system secure. You are asking for security to be maintained through obscurity - that is, you feel that security is dependent upon the keeping secret of information that might otherwise be used to compromise a system, regardless of whether the system is actually secure or not. Such systems, as history dictates, are inevitably written in a fashion designed to account for the closed nature of their development, and are frequently therefore among the most security-problem prone. The most well-known example of this is Microsoft Windows. I don't know whether you heard about the source code leak for Windows 2000. If you did not, it helped to uncover security holes that would not otherwise have been found. For example, see http://www.securitytracker.com/alerts/2004/Feb/1009067.html . PGP, the most well-known piece of security software, used by millions of people and organisations (government included) worldwide is to this day sold commercially. However, its source code is available for peer review - and once again, this has helped PGP Corporation to discover flaws and weaknesses in its design, cryptography modules, and so on. The best example of this was the so-called ADK Bug. Last, but not least, id Software's Quake was designed to give performance by trading security. Quake was a security nightmare until open sourced, whereupon it was publicly disgraced. It is, of course, secure in its open derivatives, but among those holes was a deliberate backdoor introduced to allow id to gain remote access to a Quake game server. How about that, you put trust in a company and buy a product from them which could, in theory, infiltrate your home network, on the grounds that closed software is trusted to its author? These are real, true examples. So, in summary: even supposing anyone would take the time to target the BrailleNote as a platform, keeping it thoroughly closed is against the most sacred security principles. There are too many eggs in that basket to make adding the BrailleNote to the long list of disgraced security nightmares anything but imbecilic. History teaches us well to believe our own eyes only, and every step PulseData makes toward openness and standards adherence is a step toward that goal. Cheers, Sabahattin -- Thought for the day: Communist (n): one who has given up all hope of becoming a Capitalist. Sabahattin Gucukoglu Phone: +44 20 7,502-1615 Mobile: +44 7986 053399 http://www.sabahattin-gucukoglu.com/ Email/MSN: <[EMAIL PROTECTED]>
