....It would easier to spot an overflow of some type in the code Exactly, and thus there is a good chance that somebody honest will find the error, maybe even early in development, and either report and/or fix the problem before hordes of hackers can build tools to take advantage.
Yes, they also can analyze the code for holes, but in open source they aren't the only ones doing so. -------------- Ian Skinner Web Programmer BloodSource www.BloodSource.org Sacramento, CA "C code. C code run. Run code run. Please!" - Cynthia Dunning ....-----Original Message----- ....From: Jon Austin [mailto:[EMAIL PROTECTED] ....Sent: Monday, February 14, 2005 3:30 PM ....To: CF-Talk ....Subject: Re: Holy Security .... ....Am I misreading what you said? Strange piece of logic there. I would ....think the fact that the source code not being available would make it ....more difficult to find security problems. .... ....It would easier to spot an overflow of some type in the code, rather ....than having to effectively "brute force" an overflow by pushing lots ....of data around and then analyzing the crash dump of ....application/process to find out what went wrong and how to exploit it. .... ....Is there a flip-side to this where closed source makes it easier to ....find vulnerabilities? .... ....Regards, .... ....Jon .... ....On Mon, 14 Feb 2005 09:51:57 -0800, Jordan Michaels ....<[EMAIL PROTECTED]> wrote: ....> However, it's also important to note here that MS is huge target for ....> hackers. So they deserve more sympathy (pity?) when it comes to ....security ....> vulnerabilities then the alternatives. Their code isn't available for ....> the world to evaluate, and thus it's easier to find security problems ....> with their software. .... .... ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Discover CFTicket - The leading ColdFusion Help Desk and Trouble Ticket application http://www.houseoffusion.com/banners/view.cfm?bannerid=48 Message: http://www.houseoffusion.com/lists.cfm/link=i:4:194609 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
