Am I misreading what you said? Strange piece of logic there. I would think the fact that the source code not being available would make it more difficult to find security problems.
It would easier to spot an overflow of some type in the code, rather than having to effectively "brute force" an overflow by pushing lots of data around and then analyzing the crash dump of application/process to find out what went wrong and how to exploit it. Is there a flip-side to this where closed source makes it easier to find vulnerabilities? Regards, Jon On Mon, 14 Feb 2005 09:51:57 -0800, Jordan Michaels <[EMAIL PROTECTED]> wrote: > However, it's also important to note here that MS is huge target for > hackers. So they deserve more sympathy (pity?) when it comes to security > vulnerabilities then the alternatives. Their code isn't available for > the world to evaluate, and thus it's easier to find security problems > with their software. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Logware (www.logware.us): a new and convenient web-based time tracking application. Start tracking and documenting hours spent on a project or with a client with Logware today. Try it for free with a 15 day trial account. http://www.houseoffusion.com/banners/view.cfm?bannerid=67 Message: http://www.houseoffusion.com/lists.cfm/link=i:4:194607 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
