Full Disclosure mailing list archives
RE: RE: W2K source "leaked"?
From: "Drew Copley" <dcopley () eeye com>
Date: Fri, 13 Feb 2004 16:00:59 -0800
-----Original Message----- From: full-disclosure-admin () lists netsys com [mailto:full-disclosure-admin () lists netsys com] On Behalf Of Paul O'Malley Sent: Friday, February 13, 2004 9:10 AM To: Drew Copley Cc: Gadi Evron; bugtraq () securityfocus com; full-disclosure () lists netsys com Subject: [Full-disclosure] RE: W2K source "leaked"? Hi, If you do work on or would like to work on Free Open Source Software code, do not expose yourself to this, it is dangerous. Simple if you ain't seen it you can't be influenced by it [1]. You may have had opportunity but it was not your problem. RMS [2] was right in his essays.
I have worked for an opensource company. It went belly up. Not that the model could not have worked... You remind me of a point, though... Microsoft has claimed for quite sometime that one of their big selling points over Linux is the fact that their sourcecode is closed. They embraced the "security by obscurity" model to the exclusion of common sense. This is unfortunate for them under these circumstances. Let's dredge these articles up a bit... Oh, here's a good one: Microsoft: Closed source is more secure http://www.securityfocus.com/news/191 Quote: Making source code public also increases the risk that attackers will find a crucial security hole that reviewers missed, said Lipner. "That argument sounds like an argument for 'security through obscurity,' and I apologize. The facts are there." ... End of quote. And, this is very interesting considering their current problem. Which was totally a matter of time. I am surprised they did not provide a better public stance for this. They are arguing that it doesn't matter that their source is out there. Quote: But Microsoft downplayed the security angle. In its statement the company said the main concern is the potential theft of its handiwork rather than the possible security threat that such a leak might pose. "If a small section of Windows source code were to be available, it would be a matter of intellectual property rights rather than security," Microsoft said. ... End of quote. http://zdnet.com.com/2100-1104-5158496.html?tag=nl
Best regards, Paul O'Malley [1] a conspiracy theorists dream / nightmare [2] Richard M.Stallman Free Software Freesociety: selected essays of and for those who still don't understand, use a search engine to find them on line :-). _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: W2K source "leaked"?, (continued)
- RE: W2K source "leaked"? Drew Copley (Feb 13)
- RE: RE: W2K source "leaked"? Schmehl, Paul L (Feb 13)
- RE: RE: W2K source "leaked"? Tobias Weisserth (Feb 13)
- Re: RE: W2K source "leaked"? Valdis . Kletnieks (Feb 13)
- RE: RE: W2K source "leaked"? Paul Schmehl (Feb 13)
- Re: RE: W2K source "leaked"? Valdis . Kletnieks (Feb 13)
- RE: RE: W2K source "leaked"? Tobias Weisserth (Feb 13)
- RE: Re: W2K source "leaked"? Drew Copley (Feb 13)
- RE: Re: W2K source "leaked"? Nick FitzGerald (Feb 14)
- RE: W2K source "leaked"? Joe Quigley (Feb 13)
- Re: RE: W2K source "leaked"? Ake Nordin (Feb 13)
- RE: RE: W2K source "leaked"? Drew Copley (Feb 13)
- Re: W2K source "leaked"? somenym81 (Feb 16)