On 7/7/2015 6:26 PM, Derek Martin wrote:
The difference is, the software most of us rely on is open source, and is known to have been inspected by some very smart 3rd parties who
"Some very smart 3rd parties?" Can you actually name any of them? I mean, can you name the specific people at Red Hat and SuSE and Debian who have done this?
I doubt it. Red Hat and SuSE paid atsec for their EAL and FIPS testings and the associated source code examinations. Microsoft also paid atsec for some of their EAL and FIPS testings. As have Samsung, Apple and many others. iSECPartners, who performed the phase 2 audit of the TrueCrpyt source code, have also performed security audits and consulting for Apple and Microsoft. The very smart 3rd parties who have actually examined the open source code are the same very smart 3rd parties that have done so with the closed source code.
-- Rich P. _______________________________________________ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
