Dailydave mailing list archives
Re: RE: Network Exploitation Tools aka Exploitation Engines
From: "Halvar Flake" <HalVar () gmx de>
Date: Tue, 7 Sep 2004 02:44:35 +0200 (MEST)
Hey all,
1. Immunity is not a foreign (I.E. non-US) intelligence service, and our code is fully available to all of our customers. Why a military or government agency wouldn't demand full source code from a foreign (or even domestic) company selling an exploitation tool baffles me. Do we hire foreign companies to do penetration tests on our military networks? Why would the US military use a closed source penetration test tool from a non-US company on sensitive networks? It boggles the mind.
And you can't trust those damn foreigners ! There are no trustworthy foreign nationals ! :-) Abrahams cannon barrels are manufactured by Rheinmetall, which is a german metallurgy firm. Does that make it likely that Rheinmetall will backdoor the barrels to self-destruct upon contact with german beer so we can attack US tanks by throwing beer bottles ? Preferring certain manufacturers because they're located in your own country has mostly two economic effects: 1) The manufacturer has less incentive to catch up with foreign com- petitor 2) The manufacturer will be likely to overcharge and remain less productive than foreign firms exposed to full competition While I agree on the wrongness of software patents, I think one should think _very_ hard before one allows (possibly well-founded, possibly completely unfounded) paranoia to influence your buying decisions. And seriously: Both source and binaries can have undesirable features added, and if we think that the risk of undesirable features in an app is completely removed by it being open source, we're kidding ourselves.
"Professional grade FUD" :>
Word :-) Cheers, Halvar -- Supergünstige DSL-Tarife + WLAN-Router für 0,- EUR* Jetzt zu GMX wechseln und sparen http://www.gmx.net/de/go/dsl _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://www.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Re: RE: Network Exploitation Tools aka Exploitation Engines, (continued)
- Re: RE: Network Exploitation Tools aka Exploitation Engines Adegbite Stephen (Aug 18)
- RE: Network Exploitation Tools aka Exploitation Engines Clarke, Tyronne (Contractor) (Sep 03)
- Re: RE: Network Exploitation Tools aka Exploitation Engines Kurt Seifried (Sep 04)
- RE: RE: Network Exploitation Tools aka ExploitationEngines Clement Dupuis (Sep 04)
- RE: RE: Network Exploitation Tools aka ExploitationEngines Clement Dupuis (Sep 04)
- RE: RE: Network Exploitation Tools aka ExploitationEngines Clement Dupuis (Sep 08)
- RE: RE: Network Exploitation Tools aka ExploitationEngines Clement Dupuis (Sep 10)
- Network Exploitation Tools aka Exploitation Engines brennan stewart (Sep 11)
- Re: RE: Network Exploitation Tools aka Exploitation Engines Matthew Watchinski (Sep 06)
- Re: RE: Network Exploitation Tools aka Exploitation Engines Dave Aitel (Sep 06)
- Re: RE: Network Exploitation Tools aka Exploitation Engines Halvar Flake (Sep 06)
- Re: RE: Network Exploitation Tools aka Exploitation Engines Lance Spitzner (Sep 06)
- Re: RE: Network Exploitation Tools aka Exploitation Engines Mordy Ovits (Sep 07)
- Re: RE: Network Exploitation Tools aka Exploitation Engines Darryl Luff (Sep 07)
- Re: RE: Network Exploitation Tools aka Exploitation Engines Kurt Seifried (Sep 04)
- Re: RE: Network Exploitation Tools aka Exploitation Engines Ben Hawkes (Sep 06)
- Re: RE: Network Exploitation Tools aka ExploitationEngines Kurt Seifried (Sep 06)