Yeah. You're right. It's better to just assume it's gloriously trustworthy if it's free software and maliciously bad if it comes from Microsoft.
I like your sarcasm, but I prefer to assume that the only truly secure network is one without computers attached, and the only truly secure computer is one with no OS, or no users :)
Sadly both of these are hard to do anything useful with, so in reality I believe (in general) it is easier to check the security of an open-source product since I can look at the source code and see if there are unchecked buffers, backdoors, etc. I am by no means a security expert, so I'm sure I'd miss lots of things, but theoretically there are lots of other people also checking the same code as me and helping make things more secure.
-- Jim Ramsay
-- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/
