Hello, In page 5 of Ross Anderson paper "Security in Open versus Closed Systems � The Dance of Boltzmann, Coase and Moore" [1] from the Ross Anderson's web page [2] you can read:
" As testing is boring, and volunteers generally only want to fix failures that irritate them, the amount of concentrated attention paid by random community members to (say) the smartcard device drivers for GNU/Linux is unlikely to match what an enemy government might invest [10]. " If I understand correctly Ross is saying that nobody is searching for security bugs in pcsc-lite (which is true for my own case) but government may be working on them (security bugs) and not say anything about what they could found (to use the bugs later). Read the paper. It is interesting and frightening for the free software community. I don't know what Marc? Schaefer said during tha Panel at Oakland 2001. And I was not in Toulouse during Ross talk. Anybody knows more about this remark by Ross Anderson or M Schaefer? Bye, [1] http://www.cl.cam.ac.uk/ftp/users/rja14/toulouse.pdf [2] http://www.cl.cam.ac.uk/users/rja14/ [10] M Schaefer, Panel comments at Oakland 2001 -- Dr. Ludovic Rousseau [EMAIL PROTECTED] -- Normaliser Unix c'est comme pasteuriser le Camembert, L.R. -- *************************************************************** Unix Smart Card Developers - M.U.S.C.L.E. (Movement for the Use of Smart Cards in a Linux Environment) http://www.linuxnet.com/ To unsubscribe send an email to [EMAIL PROTECTED] with unsubscribe sclinux ***************************************************************
